[tor-talk] Possible Attack on Tor speed?
Hi, I just had an idea, how an attacker could slow down the Tor network, and wanted it to discuss with you. To my knowledge, there is only the BadExit and BadDirectory flag, nothing like BadNode. In contrast to a bad exit, which is misbehaving, how could the network block a node, which has all outgoing traffic blocked? Lets say, I set up some (few hundred or so) Nodes, which I start up and then block outgoing traffic on them. If they're chosen as middle node for a circuit, the circuit can't build, because the next server cannot be reached. If my servers advertise a high bandwidth (is there any detection for false bandwidth advertisings?), Tor will often try to put them in a circuit, and often will fail. This could lead to no usable circuit for several minutes. Let me know what you think! Thanks :) -- morphium - morph...@jabber.ccc.de - 113332157 http://identi.ca/morphium - http://twitter.com/morphium86 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] de-anonymization by correlating circuit changes
From: bemoo...@hushmail.com bemoo...@hushmail.com Sent: Tuesday, August 23, 2011 1:20 AM Subject: Re: [tor-talk] de-anonymization by correlating circuit changes T hanks Curious Kid, I meant exactly what you wrote. Are zou sure, TOR avoids circuits in which exit and entrz are in the same countrz? It happened not often, but im sure, I have got circuits with all relazs in the same country. I remember e.g. three netherland relays in one circuit, or three german... I just looked into it, and I was wrong. Tor prevents circuits with the entry and exit both being from the same /16 subnet. That's the first half of the IP address. It doesn't stop them from being in the same country by default. See https://trac.torproject.org/projects/tor/ticket/3678 for recent discussion on this topic. Also, it's not just about which nodes you select. There can be all sorts of intermediate hops between Tor nodes, and the destination and the user could already be under surveillance. Paul Syverson (the inventor of onion routing) went over a few of those situations in his response to your question. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Possible Attack on Tor speed?
On Aug 24, 2011, at 10:54 AM, morphium wrote: Hi, I just had an idea, how an attacker could slow down the Tor network, and wanted it to discuss with you. To my knowledge, there is only the BadExit and BadDirectory flag, nothing like BadNode. In contrast to a bad exit, which is misbehaving, how could the network block a node, which has all outgoing traffic blocked? Lets say, I set up some (few hundred or so) Nodes, which I start up and then block outgoing traffic on them. If they're chosen as middle node for a circuit, the circuit can't build, because the next server cannot be reached. If my servers advertise a high bandwidth (is there any detection for false bandwidth advertisings?), Tor will often try to put them in a circuit, and often will fail. This could lead to no usable circuit for several minutes. Let me know what you think! Thanks :) Dirauths can add nodes to their configuration to not add to the directory at all. See AuthDirReject in tor's manpage. The other answer is that the bw auths will never manage to test bandwidth succesfully. All the best Sebastian ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Possible Attack on Tor speed?
Hi, I just had an idea, how an attacker could slow down the Tor network, and wanted it to discuss with you. To my knowledge, there is only the BadExit and BadDirectory flag, nothing like BadNode. In contrast to a bad exit, which is misbehaving, how could the network block a node, which has all outgoing traffic blocked? Lets say, I set up some (few hundred or so) Nodes, which I start up and then block outgoing traffic on them. If they're chosen as middle node for a circuit, the circuit can't build, because the next server cannot be reached. If my servers advertise a high bandwidth (is there any detection for false bandwidth advertisings?), Tor will often try to put them in a circuit, and often will fail. This could lead to no usable circuit for several minutes. Let me know what you think! Thanks :) Dirauths can add nodes to their configuration to not add to the directory at all. See AuthDirReject in tor's manpage. The other answer is that the bw auths will never manage to test bandwidth succesfully. All the best Sebastian In addition to what Sebastian mentioned above, Tor nodes will drop and ignore circuits that take too long to build. Check the following config options: LearnCircuitBuildTimeout CircuitBuildTimeout Rob signature.asc Description: This is a digitally signed message part ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] Following best-practices for tor exit-node on RIPE
Am 22.08.2011 12:08, schrieb Alexandre Girard: I'm trying to open a new tor exit node on tetaneutral.net - associative ISP in Toulouse, France - and I've got a question after reading the best-practices available on this page: https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment On point 5, it describe how to change the contact email on an IP. Tetaneutral has a range of IP, and we can use 1 IP for the tor exit node. The description about the contact mail concerns ARIN, does someone know how to do it on RIPE? Thank you for your question. Now I finally forced myself to update the wiki entry at https://www.torservers.net/wiki/hoster/inquiry Here's the new section on RIPE: With RIPE, it works even better than with ARIN as most people respect the WHOIS entry there without going directly for the upstream record. In our experience, this happens a lot with ARIN. But - my guess is due to some stricter regulations by RIPE - less ISPs are willing to reassign RIPE IPs. Some reports, like Shadowserver reports, get sent to the AS, so WHOIS does not help against those. With luck you can get your ISP to ignore or auto-forward them to you. If you don't have mtner and person handles for your Tor exits, use the wizard at https://apps.db.ripe.net/startup/ or manually create them at https://apps.db.ripe.net/webupdates/select-type.html You need at least one mtner and one person handle. Tell your ISP to create an inetnum record linking those handles. You should suggest apprioriate desc, remarks and country entries. RIPE does not require this country to be the location of your server, nor your location. Your ISP might want either your location or the servers location in there. If you want to confuse GeoIP, you can specify another country. It is also possible to list more than one country, but be aware that it takes several months for GeoIP services to pick up changes (if they ever do) and that you won't be able to edit the inetnum record yourself. Maintainer record example: http://apps.db.ripe.net/whois/lookup/ripe/mntner/ZWIEBELFREUNDE.html Person example: http://apps.db.ripe.net/whois/lookup/ripe/person-role/MB22990-RIPE.html inetnum example: https://apps.db.ripe.net/dbweb/search/query.html?searchtext=77.247.181.160 Additional RIPE Documentation for ISPs (if they don't know how to do their stuff, helps sometimes to pass this on): * http://www.ripe.net/lir-services/resource-management/faq/internet-resources#faq_22 * http://www.ripe.net/ripe/docs/ripe-489 Hope this helps! Let me know if it works, feel free to add more info to the wiki page (world editable). -- Moritz Bartl https://www.torservers.net/ ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] presentation about tor and onion routing?
hello does anybody know a good presentation about using tor and onion routing, targetting users ( not developers ) which can be modified and used for talks? i found a few things on slideshare.net but either download was disabled or it was onion routing geek talk. startx ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] presentation about tor and onion routing?
On Wed, 24 Aug 2011 18:27:51 +0200 intrigeri intrig...@boum.org wrote: hi, startx wrote (24 Aug 2011 15:49:24 GMT) : does anybody know a good presentation about using tor and onion routing, targetting users ( not developers ) which can be modified and used for talks? Last time I needed something like that my starting point was 2011-01-TU-Berlin-Techtalk.pdf (available as .odp too) in: https://svn.torproject.org/svn/projects/presentations/ (seems like this repo wasn't migrated to Git yet) cheers, that was a good tip, startx ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] presentation about tor and onion routing?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 08/24/2011 11:49 AM, startx wrote: does anybody know a good presentation about using tor and onion routing, targetting users ( not developers ) which can be modified and used for talks? You can download the slide stack I used for my NOVALUG and DCLUG talks here (.pdf and OO.o Impress): http://drwho.virtadpt.net/archive/2010/04/10/my-novalug-presentation-was-a-success I hope it's what you're looking for. - -- The Doctor [412/724/301/703] PGP: 0x807B17C1 / 7960 1CDC 85C9 0B63 8D9F DD89 3BD8 FF2B 807B 17C1 WWW: http://drwho.virtadpt.net/ The path to paradise begins in Hell. --Dante -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk5VRhoACgkQO9j/K4B7F8EvngCfZJ3lJ/nelu+nIjHGVcPJocIE dEAAnik4h7xXdC+ldCT5OTAX4Acze0ue =Epw/ -END PGP SIGNATURE- ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] presentation about tor and onion routing?
Thanks, exactly what I was looking for today :) On 8/24/11, startx sta...@plentyfact.org wrote: On Wed, 24 Aug 2011 18:27:51 +0200 intrigeri intrig...@boum.org wrote: hi, startx wrote (24 Aug 2011 15:49:24 GMT) : does anybody know a good presentation about using tor and onion routing, targetting users ( not developers ) which can be modified and used for talks? Last time I needed something like that my starting point was 2011-01-TU-Berlin-Techtalk.pdf (available as .odp too) in: https://svn.torproject.org/svn/projects/presentations/ (seems like this repo wasn't migrated to Git yet) cheers, that was a good tip, startx ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] release note for latest browser bundle
I've looked all over. Where can full release notes / change logs be found for latest releases of TBB (alpha, beta or stable). All I've found is brief summaries of main items. Thanks. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk