Delivery-Date: Mon, 11 Aug 2014 14:53:55 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id E6F871E0BB0;
	Mon, 11 Aug 2014 14:53:53 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 6FA7B307A0;
	Mon, 11 Aug 2014 18:53:50 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 6E37E30772
 for <tor-talk@lists.torproject.org>; Mon, 11 Aug 2014 18:53:47 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id PtneVBFy9qiy for <tor-talk@lists.torproject.org>;
 Mon, 11 Aug 2014 18:53:47 +0000 (UTC)
Received: from mail-vc0-x22c.google.com (mail-vc0-x22c.google.com
 [IPv6:2607:f8b0:400c:c03::22c])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 4C7BA304A4
 for <tor-talk@lists.torproject.org>; Mon, 11 Aug 2014 18:53:47 +0000 (UTC)
Received: by mail-vc0-f172.google.com with SMTP id im17so12094659vcb.31
 for <tor-talk@lists.torproject.org>; Mon, 11 Aug 2014 11:53:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=port.ac.uk; s=google-20130730;
 h=mime-version:from:date:message-id:subject:to:content-type;
 bh=8QEpS2jyYsCDordJHtd0RzpYLd4FIgPjpYSaRMWQ6HE=;
 b=dwJZazfNvkyuAT6sBQ665qyuvc+GH0vtCzxPyK3WV1FWFmvm8TqZpmLI0RHucneQOX
 5gKfSWNH7GlX2CFSSzt+tl61jnydfJ4ULzW0Ur+jRpjqwvI5v0JTU+Hj+8kyRGjdFIpW
 52CkeYKLgwafOdei9AujdHDYRBXjVrD04gho0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to
 :content-type;
 bh=8QEpS2jyYsCDordJHtd0RzpYLd4FIgPjpYSaRMWQ6HE=;
 b=HVGfb2Z3j82uoK+xLbqvJwNUxG1tErzQ4kXWOom3txYmv+/v/K2hguI3PHyfPP2VPw
 MDtzwVoGaf5hD8YKDBfa1vMf75g9PFE/BA8jzAOytl2rWrHWmAX3iLeQG6onQtQeTzMd
 NLUDBkHrwr0gv8IjZwvh0vmBLNhL4nELFmq07bnu9An61ipe1q/9gQX9JT0TySMoBB66
 HYoQl9UnL+3WCNv3CQv3ZTpfo39XNetNUiqPgDzLKq9iVx0xLew2gYsy/xLR8dG3O5Hz
 ryvo1FxGKv+A3u15faxAnAfLri0Yw6SJ1HCxTr4OxfyTExYkolsdBvFv1L4TK/8ko3Pg
 i8Sg==
X-Gm-Message-State: ALoCoQls4lB45+9r+p8aOIRCtpolnt9MOB6+h/nUMx/C93VnaEFTiWQ14uJ5yUl+edLa8+OzQtPq
X-Received: by 10.220.59.65 with SMTP id k1mr37609100vch.22.1407783224763;
 Mon, 11 Aug 2014 11:53:44 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.220.144.5 with HTTP; Mon, 11 Aug 2014 11:53:22 -0700 (PDT)
From: Gareth Owen <gareth.owen@port.ac.uk>
Date: Mon, 11 Aug 2014 19:53:22 +0100
Message-ID: <CAOXPy3zGoMW3V_pwrNAwogUqLUB2wFmbD+-7BMkkp0HMUMqV6Q@mail.gmail.com>
To: tor-talk@lists.torproject.org
X-Content-Filtered-By: Mailman/MimeDel 2.1.15
Subject: Re: [tor-talk] HS again: Portscan?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi Thomas

The hidden services publish a descriptor with a subset of tor nodes (6
total).  You can run a tor node and log these descriptors (by modifying the
tor source) to learn all the hidden service addresses.

You can confirm whether a Tor HS exists simply by trying to fetch it's
descriptor (which doesn't require knowledge of the open port) and trying to
build a circuit to it (see the tor research framework for some examples: (
https://github.com/drgowen/tor-research-framework).  Of course, there's no
way to find out which ports are open other than by scanning.

Best
Gareth


> Hello everybody,
> have a question. These days, there were discussions about scanning the TOR
> universum for hidden server which would mean 2^80 possible hidden server.
> So lets assume they try one specific HS which is existing. How can they
> determine it's existence? I would guess by trying port 80 and maybe port
> 443. But what if the HS owner decides to run his service over port 389 for
> example? For clarification, that's what I mean:
> HidenServicePort 389 127.0.0.1:80
> This would require using URL with http://$onion.onion:389/
> Does this help making a HS more invisible? Would this require a surveiller
> scanning not only all 2^80 onions but also all 2^16 possible ports?
> Regards
> Thomas


-- 
Dr Gareth Owen
Senior Lecturer
School of Computing, University of Portsmouth

Tel: 02392 846423
Web: ghowen.me
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

