On Tue, Jan 02, 2007 at 01:39:05AM +1100, Wikileaks wrote: > Does the public nature of tor routers makes hidden services > vulnerable to > discovery using flooding attacks? > > Open an onion connection to the hidden service, asking for echos. Now > flood each > router. If the "ping" is overly delayed, the router is on the hidden > path. > > Since the rendezvous node is known and the other nodes vary over > time, this will > eventually reveal the entry node. >
You've roughly described the attacks we carried out that are described in "Locating Hidden Servers". Hidden servers and Tor clients in general are much less vulnerable to this since the introduction of entry guards about a year ago. See http://www.onion-router.net/Publications.html#locating-hidden-servers also to counter flooding to introduction points and related issues http://www.onion-router.net/Publications.html#valet-services HTH, Paul -- Paul Syverson () ascii ribbon campaign Contact info at http://www.syverson.org/ /\ against html e-mail
