flooding attacks to discover hidden services
Wikileaks
wikileaks at wikileaks.org
Tue Jan 2 07:53:57 UTC 2007
> If the hidden service is not on a Tor server, and there is no other
> way for the attacker to build a list of candidates to ping, then the
> attack becomes a lot harder.
Yes, this is what we observed too; but found nothing about this in
the FAQ
on hidden services and the default tor config is not set up to permit
this configuration without
hackery.
Likewise [not in reference to hidden servers], it is better for Tor
to use a different outbound
address to inbound, since the ORport addresses are published globally
by Dirservers. Also
not mentioned to my knowledge.
Lucky.
More information about the tor-talk
mailing list