dawuud: > The Golang rewrite of the scanner is cool! Thanks!
> btw i'm surprised you wrote > https://github.com/nogoegst/rough/blob/master/tcp.go > instead of using https://github.com/google/gopacket You shouldn't; rough is just a convenient wrapper on top of TCP-ish stuff from gopacket (it makes TCP hacks simpler). > Maybe you could also implement my Tor guard discovery > attack that uses this vulnerability? Why not. I just don't know what the attack is. Can you point me to it? > I've been asked to write a proof of concept but I don't feel motivated to do > so. > Also, there are some doubts about weather this guard discovery attack would be > feasible on the real Tor network... though we could probably make it work in > a test network. > > Now that such a small percentage of the Tor network is vulnerable it's > probably safe/responsible > for me to post my theoretic Tor guard discovery attack, right? Hmm, I *don't* think that 1/4 of the network is actually small percentage... [I think we should somehow encourage vulnerable relays to update their kernels to lower affected percentage below ~10-15%.] Also, you saying "guard discovery attack based on pure off-path TCP attack" make this *slightly* obvious. So if someone actually got it, it's likely that they're already exploiting it. -- Ivan Markin _______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
