[tor-bugs] #13667 [Tor]: Prevent port scanning of hidden services
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 18 04:26:13 UTC 2014
#13667: Prevent port scanning of hidden services
------------------------+------------------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: major | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version:
Resolution: | Keywords: SponsorR tor-hs 025-backport
Actual Points: | Parent ID:
Points: |
------------------------+------------------------------------------
Comment (by arma):
'1' doesn't make me very satisfied. It means that if there is a port
that's open, you can keep asking and you'll find it. That sounds like the
same situation as now.
'2' indeed doesn't hide whether the port worked, but it sure slows down
scanning. Can we argue that it slows down scanning enough to make it
basically useless on a large scale? (A downside is that if somebody *does*
decide to scan anyway, they'll sure be putting a lot of pain on the
network.)
Does '4', for a low number, basically approximate one of the earlier
options? E.g. we'd have to also include configured but actually down
services, or you could just ask for the same one k times in a row and if
it hangs up then you know it was the 'defense'.
Are there arguments against '2' other than 'it's not a complete solution'?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/13667#comment:6>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list