[tor-commits] [webwml/staging] Drop 'IP hijacking detection for the Tor Network' project idea
hiro at torproject.org
hiro at torproject.org
Wed Feb 15 12:21:20 UTC 2017
commit c8aff65216c074c10edbc97f33c740a4b00e3185
Author: Damian Johnson <atagar at torproject.org>
Date: Sat Feb 4 16:07:06 2017 -0800
Drop 'IP hijacking detection for the Tor Network' project idea
Didn't hear back if it was still relevant.
---
getinvolved/en/volunteer.wml | 40 ----------------------------------------
1 file changed, 40 deletions(-)
diff --git a/getinvolved/en/volunteer.wml b/getinvolved/en/volunteer.wml
index bf13aec..90f0500 100644
--- a/getinvolved/en/volunteer.wml
+++ b/getinvolved/en/volunteer.wml
@@ -1104,46 +1104,6 @@ ideas.
</ul>
</li>
- <a id="ipHijacking"></a>
- <li>
- <b>IP hijacking detection for the Tor Network</b>
- <br>
- Likely Mentors: <i>Aaron Gibson (aagbsn)</i>
- <br><br>
- <p>
- <a href="https://en.wikipedia.org/wiki/IP_hijacking">IP hijacking</a>
- occurs when a bad actor creates false routing information to redirect
- Internet traffic to or through themselves. This activity is straightforward
- to detect, because the Internet routing tables are public information, but
- currently there are no public services that monitor the Tor network. The
- Tor Network is a dynamic set of relays, so monitoring must be Tor-aware in
- order to keep the set of monitored relays accurate. Additionally, consensus
- archives and historical Internet routing table snapshots are publicly
- available, and this analysis can be performed retroactively.
- </p>
-
- <p>
- The implications of IP hijacking are that Tor traffic can be redirected
- through a network that an attacker controls, even if the attacker does not
- normally have this capability - i.e. they are not in the network path. For
- example, an adversary could hijack the prefix of a Tor Guard relay, in
- order to learn who its clients are, or hijack a Tor Exit relay to tamper
- with requests or name resolution.
- </p>
-
- <p>
- This project comprises building a service that compares network prefixes of
- relays in the consensus with present and historic routing table snapshots
- from looking glass services such as <a
- href="http://routeviews.org">Routeviews</a>, or aggregators such as <a
- href="https://bgpstream.caida.org">Caida BGPStream</a> and then issues
- email alerts to the contact-info in the relay descriptor and a mailing
- list. Network operators are responsive to route injections, and these
- alerts can be used to notify network operators to take immediate action, as
- well as collect information about the occurrence of these type of attacks.
- </p>
- </li>
-
<a id="ahmiaSearch"></a>
<li>
<b>Ahmia - Hidden Service Search</b>
More information about the tor-commits
mailing list