Delivery-Date: Sun, 08 Feb 2015 06:00:47 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 577B81E0323
	for <archiver@seul.org>; Sun,  8 Feb 2015 06:00:44 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 95EA133123;
	Sun,  8 Feb 2015 11:00:40 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3CC1A33122
 for <tor-talk@lists.torproject.org>; Sun,  8 Feb 2015 11:00:37 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 51WegjHtSMtB for <tor-talk@lists.torproject.org>;
 Sun,  8 Feb 2015 11:00:37 +0000 (UTC)
Received: from secure.techwang.com (secure.techwang.com [37.247.49.218])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 0AFD733121
 for <tor-talk@lists.torproject.org>; Sun,  8 Feb 2015 11:00:36 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by secure.techwang.com (Postfix) with ESMTP id 638A11CDDE4
 for <tor-talk@lists.torproject.org>; Sun,  8 Feb 2015 10:59:21 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=techwang.com; h=
 content-transfer-encoding:content-type:content-type:subject
 :subject:to:mime-version:user-agent:from:from:date:date
 :message-id; s=dkim; t=1423393159; x=1424257160; bh=FnhbpftIEXMn
 Ced6RPNv434Fz2F1l3VKww5Br27kntQ=; b=Sck+pdytZ2l9Sbh2lAE2IECOSnz8
 UD4VkRPb39YeXxO5tQBnPxu8Lzwtn1vX7V9HrUHSKPVule4Grx81cHw5XuLLOJQh
 /iNbDRWJ+Wr0TZvcsW1R3SDQx0mkIDNFhys61r7fUXzE5sKu1eiWxIps2GDxYANn
 O8KksNtf0KvTJkw=
X-Virus-Scanned: Debian amavisd-new at unicornbox.unicorn
Received: from secure.techwang.com ([127.0.0.1])
 by localhost (secure.techwang.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Ksboa-EKh7Wj for <tor-talk@lists.torproject.org>;
 Sun,  8 Feb 2015 10:59:19 +0000 (GMT)
Received: from [192.168.1.50] (unknown [77.95.229.11])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by secure.techwang.com (Postfix) with ESMTPSA id 5F8561CDDE1
 for <tor-talk@lists.torproject.org>; Sun,  8 Feb 2015 10:59:18 +0000 (GMT)
Message-ID: <54D741CC.8030308@techwang.com>
Date: Sun, 08 Feb 2015 12:00:28 +0100
From: Bill Berry <bill@techwang.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
Subject: [tor-talk] Blocking STUN Requests at Firewall?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi all,

I've setup a Tor transparent proxy, as per the instructions here 
https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy (I'm 
aware of the security risks of not using the Tor Browser)

It's working well except it is vulnerable to STUN requests (as per 
http://ipleak.net/). Does anyone have experience of blocking these 
requests? Based on the spec they can be TCP or UDP, so just blocking non 
DNS UDP doesn't seem to help. Maybe it could be achieved using DPI? Not 
much info on the net.

Thanks,

Bill


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

