Jump to content
YOUR-AD-HERE
HOSTING
TOOLS
SERVICE

Locked Two 0-days discovered in Tor, and more are expected.


dEEpEst

Recommended Posts

Two 0-days discovered in Tor, and more are expected.
Dr. Neal Krawetz is a security researcher who, in recent years, has repeatedly reported security breaches to the Tor Project, but, in his opinion, he believes that the security of his networks, tools and users is not taken. seriously enough.

For this reason, Dr. Neal Krawetz published last week and today on his blog, technical details about two 0-day vulnerabilities that affect the Tor network and the Tor browser.

The researcher has also promised to reveal at least three more 0-days of Tor, including one that can reveal the real-world IP address of Tor servers.

Tor's first 0-day.
In a blog post dated July 23,

This is the hidden content, please

the researcher describes how companies and Internet service providers could block users from connecting to the Tor network by scanning network connections for "a distinctive packet signing» that is unique to Tor traffic.

This bug could be used as a way to block Tor connections from starting and ban Tor entirely.

The second 0-day of Tor.
Today, in a new blog post,

This is the hidden content, please

he reveals a second flaw that, like the first one, allows network operators to detect Tor traffic.

However, while the first day zero could be used to detect direct connections to the Tor network (to the Tor guard nodes), the second day can be used to detect indirect connections.

These are connections that users make to Tor bridges, a special type of entry point on the Tor network that can be used when businesses and ISPs block direct access to the Tor network.

Tor bridges act as proxy points and transmit user connections to the Tor network itself. Because they are sensitive Tor servers, the list of Tor bridges is constantly updated to make it difficult for ISPs to block it.

But Dr. Krawetz says that connections to Tor bridges can be easily detected, too, using a similar technique of tracking specific TCP packets.

“Between my previous blog post and this one, you now have everything you need to enforce the policy [of blocking Tor on a network] with a real-time stateful packet inspection system. You can prevent all your users from connecting to the Tor network, whether they connect directly or use a bridge. "

DR. KRAWETZ.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.