Launching Anonymous Attacks Using the Tor Network

An anonymous reader writes "Nitesh Dhanjani over at O'Reilly Network describes how malicious users can launch attacks over the Internet anonymously using the Tor network. Looks like the flip side of the Tor project is that it allows anyone to launch network scans and exploits anonymously. Great, just what we need now."

Good Article

[Vodak]

Security is always going to be a concern on the Internet. The more we know about the problems we all face the better. At least this article is a calm mention of the negative possibilities that this technology can be used for instead of a paranoid rant on how this should have never been created in the first place.

An unfortunate inevitability

[TripMaster Monkey]

Whenever you have a system that allows for anonymity, you will always have people that abuse that anonymity for their own nefarious purposes. If you have a mechanism for singling out and dealing with the abusers, you don't have anonymity anymore.

There's no way around it....you simply have to take the good with the bad.

Not inevitable -- more defence instead of law?

[Morgaine]

There's no way around it....you simply have to take the good with the bad.

Not really, there are some VERY good things that could come from this, if the world actually moved in the direction of anonymity (sadly I don't think it will) ...

"This will make it incredibly difficult for you to track down the source of the attacks."

If you can't track them down, then there is no point complaining about attacks against you and bringing the law into it, so you would have to employ self-protection instead. Think of it as your $30 cable router's firewall on steroids, plus a bit more intelligence at ISPs. :-) In general, real defence is far more effective than looking to political solutions in a global space, where the law is largely powerless.

And as a side benefit, defence doesn't add to the already mountainous volume of law, nor lines the pockets of lawyers, not drains your wallet of legal expenses. But of course, you pay for your technological defenses instead.

Re:An unfortunate inevitability

[stevey]

Well you can do what Slashdot itself does - which is deny users of Tor from posting comments.

A sad reflection on the malicious actions of a few outweighing the positive aspects of privacy and encryption on the many.

Astroturf

[paul.dunne]

Seems like an astroturf story to me i.e. a story planted in the media by certain interests who don't want any anonymity on the Internet, or anywhere else.

Re:Astroturf

[TripMaster Monkey]

I'd hardly accuse O'Reilly of astroturfing...besides, he spelled out the process in great detail. If you have any doubts, you can just replicate his experiment yourself.

Re:Astroturf

[Anonymous Coward]

Or read the last story about Tor on slashdot. The comments were filled with stories from people like myself that had to turn off thier nodes due to the nonstop abuse going through the network.

Re:Astroturf

[paul.dunne]

Congratulations on missing the point. Bonus points for stating that I'm accusing O'Reilly of astroturfing (do you work hard at being so obtuse, or does it come naturally?)

Re:Astroturf

[TripMaster Monkey]

From your original post:

Seems like an astroturf story to me i.e. a story planted in the media by certain interests who don't want any anonymity on the Internet, or anywhere else.

Certainly looks like an accusation of astroturfing to me...if by 'seems like an astroturf story to me', you didn't mean to insinuate that the story seemed like an astroturf story to you, perhaps you shouldn't have said so.

Perhaps you can take this opportunity to clarify your position...what exactly did you mean by the statement 'seems like an astroturf' story to me', if your intent wasn't to accuse Nitesh Dhanjani and O'Reilly of astroturfing?

Do enlighten us.

Re:Astroturf

[paul.dunne]

Either you are wilfully pretending to be stupid, or you really are that dumb. Either way, I can't help you. Goodbye.

Re:Astroturf

[TripMaster Monkey]

Nice...one post that's patently wrong, and two follow-up posts completely lacking in substance. That's a nice trend you've got going there, paul.

Troll on, you crazy diamond.

This is news?

[dougmc]

Looks like the flip side of the Tor project is that it allows anyone to launch network scans and exploits anonymously.

This is news?

Anything that lets you use a service anonymously will let you abuse a service anonymously.

Sure, the system may add limits (bandwidth used, total traffic, things it can connect to, etc.) to limit the damage that could be caused, but ultimately anything like this can be used for evil purposes.

Some examples? The penet.fi [wikipedia.org] anonymous remailer [wikipedia.org] was used to troll Usenet, harass people and even to say bad things about Scientology! (The horror!)

Another example? A NAT [wikipedia.org] router hides the internal IP address of the user, which tends to make them semi-anonymous. This is good, and this is bad. (I say semi-anonymous because most NAT devices keep logs, and if you need to determine who (ab)used something, the data is usually there.

There's lots more examples.

"Great, just what we need now."

[sirvulcan]

Malicous users have been using Tor for ages now, its not really news. We didnt really need an orielly article on it tho, i feel its going to increase the amount of Tor attacks.

Re:"Great, just what we need now."

[Anonymous Coward]

Tor is also good for salting the data on phishing web sites. I have a simple Python script which repeatedly posts, through a Tor proxy, randomly generated but seemingly real email address, passwords, etc. to the phish sites, making it seem as though postings are coming from all over the Internet, and making it difficult for the phisher to just toss the data that comes from a certain IP. Hopefully, it frustrates the efforts of phishers, even if it's just a little bit.

Now, that's a discovery!

[Gadzinka]

I was operating mixmaster server some time ago. After couple of months of operation I've had couple of court orders[1] to reveal identity of people for which I was the last hop in mixmaster network. I decided to check outgoing mail for which I was last hop[2]. Around 90% of that mail was spam, scam, child pornography, harassment and simillar illegal and/or unethical stuff.

That was the end of mixmaster@hell.pl.

Oh, I believe, that there are some people in dictatorships, or some whistleblowers and other people, that really need anonymity on the net. But the reality is that whenever you make such a service available to population at large, it's the scum of the earth that dominates it.

Robert

[1] at least next best thing in my country, because here orders for search etc are issued by prosecution; don't ask me, why it is, it's stupid when the party to a conflict sings search warrants for the other party;

[2] you can't view mails that are just passing through your system in mixmaster network, they are encrypted; onl the mails that leave mixmaster network through your system are cleartext (if they aren't internally encrypted, of course);

Re:Now, that's a discovery!

[elgaard]

If we all start usings TOR, mixmaster, etc. only 60 pct or so will be spam, scam, etc, just like it is on the internet now.

Re:Now, that's a discovery!

[real gumby]

Oh, I believe, that there are some people in dictatorships, or some whistleblowers and other people, that really need anonymity on the net. But the reality is that whenever you make such a service available to population at large, it's the scum of the earth that dominates it.

Good. It's called chaff. If only people sending messages out of repressive regimes used it their messages would be easier to trace. But when it's hidden in a haystack of spams and the like, well, it's just that much harder to find.