|
Crasher
αἱρετίζω




Registered: 03/13/01
Posts: 6,220
Loc: Tardy to the Party
|
Is SSL Strip a threat to TOR users?
#9897964 - 03/02/09 04:54 PM (14 years, 10 months ago) |
|
|
The below link is software and a video from Blackhat DC '09 available through thoughtcrime.org (for the casual security enthusiasts here.) sslstrip
Does it pose a significant risk to TOR users visiting secure sites?
-------------------- Give me silence, water, hope; Give me struggle, iron, volcanoes...
|
Seuss
Error: divide byzero



Registered: 04/27/01
Posts: 23,480
Loc: Caribbean
Last seen: 2 months, 20 days
|
Re: Is SSL Strip a threat to TOR users? [Re: Crasher]
#9901672 - 03/03/09 03:23 AM (14 years, 10 months ago) |
|
|
> Does it pose a significant risk to TOR users visiting secure sites?
Yes and no. Based upon the description, only the last onion router in the tor network virtual tunnel would be at danger as it forwards your HTTP request to the actual website. If somebody were running the hack on your local area network, you would be fine, though people routing through you on the tor network, using you as an end node of their virtual tunnel, would not be safe. Intermediate nodes in the tor network virtual path would be safe as the requests they send are encrypted and would not be seen as HTTP requests for sslstrip to snarf.
-------------------- Just another spore in the wind.
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,274
Last seen: 2 hours, 2 minutes
|
Re: Is SSL Strip a threat to TOR users? [Re: Crasher]
#9912179 - 03/04/09 06:02 PM (14 years, 10 months ago) |
|
|
Quote:
Does it pose a significant risk to TOR users visiting secure sites?
I don't think its a big risk because sslstrip would have to be run on the tor exit node. While anyone can set up a tor exit node and do bad things to the traffic, they still probably wouldn't know who you are. Also they would have little control over which exit node your traffic goes out so its likely that most of your traffic wouldn't go past the malicious exit node.
Its a much bigger risk if the attacker was on your local network and you weren't using tor. A malicious network engineer could do many bad things with sslstrip, but tor would provide a reliable layer of protection against that.
I recommend SSH tunneling because its much, much faster than tor. As long as sslstrip isn't set up on the ssh hosts network that will also provide near complete protection.
|
Crasher
αἱρετίζω




Registered: 03/13/01
Posts: 6,220
Loc: Tardy to the Party
|
|
My friend offered to educate me on SSH tunneling, do you have any good resources on this?
-------------------- Give me silence, water, hope; Give me struggle, iron, volcanoes...
|
Alan Rockefeller
Mycologist


Registered: 03/10/07
Posts: 48,274
Last seen: 2 hours, 2 minutes
|
Re: Is SSL Strip a threat to TOR users? [Re: Crasher]
#9913803 - 03/04/09 10:22 PM (14 years, 10 months ago) |
|
|
|
Crasher
αἱρετίζω




Registered: 03/13/01
Posts: 6,220
Loc: Tardy to the Party
|
|
I just got pwned with a google search link. Thanks!
-------------------- Give me silence, water, hope; Give me struggle, iron, volcanoes...
|
|