:49 PM
To: tor-talk@lists.torproject.org
Subject: RE: [tor-talk] What is being detected to alert upon?
a connection to a Tor bridge looks kind of like regular TLS traffic.
Question: I recompiled OpenSSL to remove a bunch of features that look
unnecessary and might present a security risk
[mailto:allen...@gmail.com]
Sent: Thursday, April 30, 2015 5:49 PM
To: tor-talk@lists.torproject.org
Subject: RE: [tor-talk] What is being detected to alert upon?
a connection to a Tor bridge looks kind of like regular TLS traffic.
Question: I recompiled OpenSSL to remove a bunch of features that look
Unfortunately, I cannot see their signature set. They have it locked
down. They claim they are not detecting it by IP address.
On 4/30/2015 2:24 PM, Speak Freely wrote:
The list of exit nodes is public information. The Tor Project publishes
the information, and several spam blocking
Thanks for replying. I understand it is a spy vs spy type of situation but
what do they see currently? I don't believe they are seeing it by the IP
addresses (or so they claim).
Is it something in the handshake the is triggering the alert?
On Thu, Apr 30, 2015 at 2:17 PM, Seth David Schoen
Hi,
I am very curious how a vendor is detecting Tor Project traffic.
My questions is what are they seeing to alert upon? I have asked them,
but I was told that is in the special sauce.
Is the connection from the users computer to the bridge encrypted?
Thank you for your insight.
--
The list of exit nodes is public information. The Tor Project publishes
the information, and several spam blocking services also publish them
under varying pretenses.
What the vendor sees is the IP address of the exit relay hitting their
server.
If you had more information to provide, we could
Frederick Zierold writes:
Hi,
I am very curious how a vendor is detecting Tor Project traffic.
My questions is what are they seeing to alert upon? I have asked them,
but I was told that is in the special sauce.
Is the connection from the users computer to the bridge encrypted?
On 04/30/2015 09:15 PM, Frederick Zierold wrote:
Hi,
I am very curious how a vendor is detecting Tor Project traffic.
My questions is what are they seeing to alert upon? I have asked
them,
but I was told that is in the special sauce.
Is the connection from the users computer to the
On Thu, Apr 30, 2015 at 02:20:34PM -0400, Frederick Zierold wrote:
Thanks for replying. I understand it is a spy vs spy type of situation but
what do they see currently? I don't believe they are seeing it by the IP
addresses (or so they claim).
Is it something in the handshake the is
On Thu, Apr 30, 2015 at 02:57:01PM -0400, t...@t-3.net wrote:
One rules file is dedicated to it (emerging-tor.rules), that file has all
the Tor IP addresses hardcoded into it.
That's probably not very effective because the Tor network has quite a
bit of churn, which would lead to plenty of
a connection to a Tor bridge looks kind of like regular TLS traffic.
Question: I recompiled OpenSSL to remove a bunch of features that look
unnecessary and might present a security risk, such as SSL2, SSL3 and DTLS.
(In case it matters, it is OpenSSL v1.0.2a and the specific configure
options
11 matches
Mail list logo