On Sat, Mar 29, 2014 at 1:46 PM, coderman <[email protected]> wrote: > .... using active DoS as a signal for > confirmation, like your sequence of activity:
combining multiple techniques always useful, of course. in prior implementations of similar attacks use of odd port numbers in exit policy compounded the "stickiness" or durability of the signalling channel when other applications and traffic also in use. you could use stem[0] and aggressive descriptor fetch and check to tailor the injected content/trigger for maximum effect. low latency with traffic analysis resistance is a fun subject of study, you should also think of ways to make these attacks impossible while keeping latency minimal.[1] :) . . lesson of this story: use SSL/TLS always! HTTPS always! more likely a middle attacker than compromised server. but assume the worst, and build your defense in depth accordingly. best regards., 0. "STEM controller in Python: Example - Mirror Mirror on the Wall" https://stem.torproject.org/tutorials/mirror_mirror_on_the_wall.html 1. See also: Datagram stochastic re-ordered userspace stacks with multi-homing, multi-path SCTP end to end with priority shaped queues per application level endpoint classification (packet/flow marking) prior to transport and opportunististic pre-caching and key pre-exchange as padding channel filler. Multi-plexing over TCP Tor as is with concurrent circuits would be a useful if not as robust defense. E.g. socks of .bit to a tuple of onions used for concurrent hidden circuits nearly immune to MitM attack like those commonly used to implement the above. e.g.g.: "name" : "d/peertech", "value" : "'{tor:j5ivfpymes6h2kg4.onion,info:peertech hidden services,alias:[j5ivfpymes6h2kg4.onion.,gc6y6skl3am6jsng.onion.,tvty3r2fyrwuc6b5.onion.]}'" with the hs smarts to make the combines circuits a singular reliable connection. _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
