[tor-dev] Tracing TCP Connections online..
dawuud
dawuud at riseup.net
Mon Apr 10 17:50:54 UTC 2017
hella old news. oh look here's POC for end to end correlation
https://var.thejh.net/git/?p=detour.git;a=blob;f=README
but why bother chatting about this since it's explicitly not
in Tor's threat model to protect against a global passive adversary?
if you want to protect against that then look into the vast mixnet literature.
anyway for breaking tor you can read lots of good papers such as
(note that none of these papers present their definition of "hacking" or
define well known terms like TCP and UDP ;-)
:
The Sniper Attack: Anonymously Deanonymizing and Disabling the Tor Network
https://www.freehaven.net/anonbib/cache/sniper14.pdf
Spying in the Dark: TCP and Tor Traffic Analysis
http://freehaven.net/anonbib/papers/pets2012/paper_57.pdf
A Practical Congestion Attack on Tor Using Long Paths
http://freehaven.net/anonbib/papers/congestion-longpaths.pdf
Trawling for Tor Hidden Services: Detection, Measurement, Deanonymization
https://www.freehaven.net/anonbib/cache/oakland2013-trawling.pdf
On Mon, Apr 10, 2017 at 01:21:05PM -0400, grarpamp wrote:
> re: "tcp_tracing_internet.pdf"
>
> This appears to describe an active network modulation attack (node DoS).
> Either hammer tree on nodes of the expected path and trace the modulation,
> or on all but the expected path to find unmodulated.
> It generally requires GPA, deploying nodes, or being one end of the path...
> in order to observe the results.
> And it's old news.
> As noted before, since Tor (and all other current anonymous overlays)
> nodes do not perform their own independant buffering, reclocking and
> contracting for expected hop parameters... this vulnerability will remain.
>
> Anyone wanting to research, code, deploy, and present on
> such countermeasures would certainly be welcomed.
> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-dev/attachments/20170410/7c91848e/attachment.sig>
More information about the tor-dev
mailing list