-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Figuring out which exit node you are should be fairly trivial. There are about 1000 exit nodes that exit on port 80, and you are one of them.
If I just send loads of http requests through half of those exit nodes to my own server one day and then check if my IP appears on your webpage, I've halved the number of possible exit nodes you are. If I then halve it again and repeat this every day, it should only take about a week and a half. I'll start with a possibility of 1024 exit nodes just for ease of maths: Day 1 : Test 512 of the 1024 remaining exit nodes Day 2 : Test 256 of the 512 remaining exit nodes Day 3 : Test 128 of the 256 remaining exit nodes Day 4 : Test 64 of the 128 remaining exit nodes Day 5 : Test 32 of the 64 remaining exit nodes Day 6 : Test 16 of the 32 remaining exit nodes Day 7 : Test 8 of the 16 remaining exit nodes Day 8 : Test 4 of the 8 remaining exit nodes Day 9 : Test 2 of the 4 remaining exit nodes Day 10: Test 1 of the 2 remaining exit nodes - Success This process becomes quicker if you have more than 1 ip to test with. I'm making the assumption that it can't be that difficult to send enough http requests to get to the 100th or above place on your list. You don't publish total number of connections, only percentage of total, but it seems likely to me that the number of connections made to the site that is number 100 on your list should be easy to exceed. I'm not going to bother of course, because I don't care that much. But just so you know, don't use that same onion address for anything that *needs* to be anonymous, because it wont be. - -- Dawn [EMAIL PROTECTED] wrote: > Hi, > > I don't know if somebody did this before, but I think it is quite > interesting, to which hosts most of the exit connections go to. So I set up a > statistics script creating a list of the top 100 hosts each day to which Tor > users connect to over my node (only for ports 80 and 443). > > Besides just being interesting, this can also show potential security > problems on the top hosts which are being exploited over Tor. For example, > during the last weeks rapleaf.com was always at the top, and they keep a huge > email-address database. This is probably no incident. > > The log data necessary for this is being deleted after one day not to > compromise the anonymity of the users. > > I decided to make this accessible through a hidden service only, since I > don't want to influence the exit node usage behaviour. This is the address: > > http://ob44yuhbyysk5xft.onion > > If you think this is a stupid idea or you have ideas for other interesting > stats and for any other comment you can reach me by > mplsfox02_AT_sneakemail_DOT_com. I don't know how long I will stay subscribed > with or-talk, since I just wanted to seed the information. Spread it as you > like. > > Regards, > > a Tor exit node operator. > -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIgKNBcoR2aV1igfIRAs+KAJ94H26Eyc4Dm+nvRdtswIXX3rHTNACeODu8 +SgBlPvn0mX13cyGO62lrQY= =KdYI -----END PGP SIGNATURE-----
