[tor-talk] Is this a practical vulnerability?
somepony
somepony at spintrian.com
Fri Oct 19 15:01:39 UTC 2012
My question is, if you NEVER requested the 1 web page in the first
place, would you have experienced the same attack? I mean if I were
looking for new live Tor services I would probably periodically just
roll through unknown IPs and check for a live node (or something) as one
layer of attack. No live node, move on. Live node not already
discovered? The fact that the node responds (in some manner I'm looking
for) is enough information, it's possible I don't even care that it has
anything to do with Tor.
Just a thought, it should be clear I have no idea what I'm talking
about. e.g. I don't know what your middleman server not getting attacked
indicates.
Anon Mus wrote:
>
> Within 24hrs of making that Tor hidden service live I could see, in my
> firewall logs, hundreds of repeated attempts trying to hack my server,
> directly from the internet, not via my hidden Tot service.
[...]
> Now bearing in mind that I had only EVER requested 1 web page (a blank
> test page - requested about 4 times) from my own Torrified web browser
> (out and back so to speak), and no OTHER (external)
More information about the tor-talk
mailing list