[WikiEN-l] Packet sniffing, etc. (was Re: Follow-up on my Ban from Wikipedia (part 2))
Armed Blowfish
diodontida.armata at googlemail.com
Sat Sep 8 12:30:59 UTC 2007
On 08/09/2007, Gregory Maxwell <gmaxwell at gmail.com> wrote:
> On 9/7/07, Armed Blowfish <diodontida.armata at googlemail.com> wrote:
>> And no, Thomas, packet sniffing is not hard. It
>> does, however, require an opportune position
>> on the network.
>
> ...Which tor gives to any fool who wants to enable the exit node
> functionality of the tor software on his system...
Hey, I run an exit node, and I don't sniff the traffic.
Note that the exit node can only sniff the IP of the
middle node and the contents of the traffic itself -
NOT the routing information of the client. This is
assuming, of course, that the exit node operator
is not performing a Sybil attack on Tor, i.e. running
more than one node in the client's circuit. Entry
node and exit node, combined with a latency
timing attack against the middle node, should
provide the equivalent of regular packet sniffing,
but is much harder to do, especially if the client
is using guard nodes, which substantially reduce
the chance of this happening.
> (In other words if you are you ever *view* Wikipedia via tor and you
> happen to be logged in your identity will be available for free use by
> whatever unknown random person runs the exit that you are randomly
> routed to. If you're an admin you might find yourself replacing the
> mainpage with goatse...)
Are you talking about session (cookie) stealing or
password stealing?
If an admin were theoretically using Tor, which is
quite possible because all admins have ipblock-exempt,
said admin could, as others have suggested, log in via
TLS Wikipaedia. Of course, TLS has vulnerabilities, but
unless the attacker is particularly determined and
resourceful it should be good enough.
Still, if you are worried, you could tell Tor to limit itself
to a given set of exit nodes - preferably trusted ones.
However, any random set of a limited number of exit
nodes will reduce your probability of being sniffed, since
rather than having to be any random exit node you happen
to use, the attacker would have to be lucky to be one of the
few exit nodes that you use. This would reduce your
anonymity (which becomes pseudonymity if you log in to
Wikipaedia), but it would also reduce the chance of sending
your password by a malicious attacker.
Changing one's password on a frequent basis is also a good
security practise.
More information about the WikiEN-l
mailing list