[tor-talk] Analyzing the traffic between nodes in my private tor network
Roger Dingledine
arma at mit.edu
Tue Aug 21 20:50:59 UTC 2012
On Tue, Aug 21, 2012 at 09:09:32PM +0300, juhapki at wippies.fi wrote:
> I succeeded to build a private tor network including some hidden
>services in it and every tor-machine (ubuntu) is behind a different
>router (multiple networks) I have tried to build my tor network as real
>as possible in our lab environment. Now I am monitoring the network
>traffic between the nodes and I have realized that all the traffic is
>just TCP (PSH, SYN, ACK etc.). No sing of client hellos, key exchanges,
>encrypted handshakes. When I compared traffic between real and private
>tor networks using Wireshark, there was no TLS-, SSL-traffic in the
>private one while the debug log file says that there was a bunch of
>"tor_tls_handshakes". Is it just because nodes in the private tor network
>have configured differently (TestingTorNetwork, OrPorts and DirPorts
>port numbers, own auth dirs, etc..), old version of OpenSSL or something
>else? Any good explanation why the traffic it's just TCP?
TCP is the transport, and TLS is the application-level data that goes
over TCP.
So your question doesn't make any sense.
Perhaps the monitoring tools you're using are different, or are configured
differently?
--Roger
More information about the tor-talk
mailing list