I am working on improving our ability to do more thorough and standardized testing of Orbot, etc. As part of this, I am trying to come up with a simple filternet configuration based on OpenWRT, running on a TP Link MR3020.
Currently, I have this working: - Use Dnsmasq to block high profile target domains (torproject.org, google, facebook, twitter, whatsapp, etc) - Block all HTTPS traffic (port 443) This simulates most of the common DNS poisoning and port blocking types attacks, though Tor can still easily connect at this point. I would like the ability to simulate a more severe environment, where for instance, Tor itself is targeted, and bridges are required. Any thoughts or experience doing this? - Block IPs/domains for known Tor Authority nodes - block based on Tor protocol characteristics: ssl certs, common ports, etc Thanks for any feedback, pointers, links, etc. +n -- tor-talk mailing list - [email protected] To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
