#26166: Protect directory servers and torproject.org against TCP reset attacks -----------------------------+------------------------- Reporter: indigotime | Owner: (none) Type: enhancement | Status: closed Priority: Medium | Milestone: Component: Core Tor/Tor | Version: Severity: Major | Resolution: invalid Keywords: TCP, RST, reset | Actual Points: Parent ID: | Points: Reviewer: | Sponsor: -----------------------------+------------------------- Changes (by teor):
* status: new => closed * resolution: => invalid * component: - Select a component => Core Tor/Tor Comment: It is difficult to distinguish spoofed RST packets from actual RST packets. A network-level adversary can generate packets that look like they came from the user's computer. We certainly can't do it at the application level in Tor. (And it would be really hard to do in a cross-platform way.) For machines we control on torproject.org, I believe the situation is similar. If you find documentation for a reliable method of distinguishing spoofed packets, please post a link here, and reopen the ticket. -- Ticket URL: <https://trac.torproject.org/projects/tor/ticket/26166#comment:1> Tor Bug Tracker & Wiki <https://trac.torproject.org/> The Tor Project: anonymity online
_______________________________________________ tor-bugs mailing list tor-bugs@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs