Re: Re: TorChat is a security hazard (Answer)

[prof7bit]

On Dec 12, 2010 7:20pm, Michael Blizek  
mic...@michaelblizek.twilightparadox.com wrote:



I meant that A will connect intentionally to B, eg A wants to talk to B. B
can then send messages to C which seem to came from A. However, C will  
talk

back directly to A and the manipulation will most likely be detected...


I have committed a patch that will explicitly check for your scenario
and immediately discard the wrong pong message. The result is that
this type of attack now shouldn't have any effect on the proper operation
of A and the connection between A and C anymore.

I also fixed a possible attack regarding the sending of pong (or other)
messages over the victim's outgoing connection. It will now only accept
file* messages on the outgoing connection (files are always sent on the
other conection to enable chatting during file transfer) and file transfer
requires a fully completed handshake anyways.

I don't have any windows build based on this yet, I'm still fighting with
py2exe and the Python-2.7 SxS-msvcr90-dll-manifest-hell (dll-hell v2.0).

Bernd

Re: Arm Release 1.4.0

[Damian Johnson]

Hi, I've uploaded a new tarball to:
http://www.atagar.com/transfer/tmp/arm_bsdTest3.tar.bz2
http://www.atagar.com/transfer/tmp/arm_bsdTest3.tar.bz2.asc

Besides a modified version of Febian's patch to autodetect FreeBSD
jails it most notably includes...

- A replacement for the connection test function (which was a pita in
my humble opinion). The new script [1] provides the resolver runtimes,
a check if all the resolvers match, and a better method of dumping the
connection results. If you modify the bsd resolvers then this should
provide a nice sanity check that it's working as expected.

- I forgot to account for the dns resolution exits do on behalf of the
clients. The resolvers need to include UDP connections so, on *nix,
they're now:
 - netstat -np | grep ESTABLISHED pid/process
 - sockstat | egrep process\s*pid.*ESTABLISHED
 - lsof -nPi | egrep ^process\s*pid.*((UDP.*)|(\(ESTABLISHED\)))
 - ss -nptu | grep ESTAB.*\process\,pid

I'm guessing, for the FreeBSD resolvers, that sockstats already works
and procstat just needs the 'grep TCP' to be removed (or maybe
replaced with 'egrep (TCP|UDP)'). Is that right?

 The connection doesn't leave the system because its a socks
 connection with both the source and the destination address
 located on the same system.

Hm. Sounds like basic client connections (ie, things like firefox
connecting to tor via the SocksPort). However, I tried running TBB and
arm didn't list any of those connections. This is what I'd expect
since the connection resolution is only fetching tor connections. Am I
missing something here?

Regardless, I made a couple changes to address issues that have been
brought up (socks connections and listing external addresses for
private ip range connections - see lines 332-334 and 363-364 in
src/interface/connPanel.py [2]). But without a working repro case I
can't promises that this'll do the trick.

 With ^ added to the pattern it seems to work

Great, it's happy with that on Linux as well so I'm now using:
lsof -nPi | egrep ^process\s*pid.*((UDP.*)|(\(ESTABLISHED\)))

and including it among FreeBSD resolvers as the last fallback.

 lsof also seems to be rather slow (on FreeBSD):

Yikes, that's quite the difference. It's pretty bad on Linux too (ss
is worse, but netstat and sockstat tend to run around 20% faster).

 I intend to look into creating a FreeBSD port around Christmas.

Awesome, thank you!

Cheers! -Damian

[1] https://svn.torproject.org/svn/arm/trunk/src/test.py
[2] https://svn.torproject.org/svn/arm/trunk/src/interface/connPanel.py
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/