Torpark writes to system temp folder

nosnoops at fastmail.fm nosnoops at fastmail.fm
Sat Feb 25 23:07:44 UTC 2006


Thanks for your answers. As you say, that execdos.dll remains 
after every session, in different named folders. I recently 
find out by that when once examine the temp before I run the 
shut down routine (computer cleaning and system restore) and 
the temp was full of such folders with execdos.dll. 

Another issue I fell over when occasionally taking a speedy 
look on my packet sniffer logs, was that a Tor entry node 
had send unencrypted udp protocol to my real IP, that´s in 
the ascii of the log appear (among random garbage) an email 
address, ending with "@tdrmal.co.uk" (but in capital letters 
with . inbetween). How should that be possible when all the 
communicates with a Tor entry node is supposed to be cryptoed? 
The IP of the entry node was "83.245.15.87:isakmp" (oh yeah, 
it had that "isakmp" instead of a normal port number). 


-- 
http://www.fastmail.fm - mmm... Fastmail...



More information about the tor-talk mailing list