[tor-bugs] #25062 [Core Tor/Tor]: Block offending portscanners
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jan 29 01:58:14 UTC 2018
#25062: Block offending portscanners
------------------------------+--------------------
Reporter: cypherpunks | Owner: (none)
Type: defect | Status: new
Priority: High | Milestone:
Component: Core Tor/Tor | Version:
Severity: Critical | Keywords:
Actual Points: | Parent ID:
Points: | Reviewer:
Sponsor: |
------------------------------+--------------------
Tor client:
If the user tried to connect port 1, then 3, and 4
and all of them failed(3 times in a row),
deny connection to destination.onion for 3 minutes.
Tor server:
If the port request come from circuit X,
and it is trying port 2, 5, and 8, and all of them failed(3 times in a
row)
deny connection from this circuit; just drop connection.
This guy didn't allowing people from delisting his attacklist:
http://zlal32teyptf4tvi.onion/
Portscanning unauthorized servers are illegal. Why scanning tor service is
okay?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/25062>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list