Delivery-Date: Sun, 08 Feb 2015 12:28:27 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,URIBL_BLOCKED autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 8CBAD1E04EE
	for <archiver@seul.org>; Sun,  8 Feb 2015 12:28:25 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 0A85132F2F;
	Sun,  8 Feb 2015 17:28:23 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3451632D56
 for <tor-talk@lists.torproject.org>; Sun,  8 Feb 2015 17:28:20 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id Cky-f-v4Hg91 for <tor-talk@lists.torproject.org>;
 Sun,  8 Feb 2015 17:28:20 +0000 (UTC)
Received: from secure.techwang.com (secure.techwang.com [37.247.49.218])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 00CD5329E1
 for <tor-talk@lists.torproject.org>; Sun,  8 Feb 2015 17:28:19 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by secure.techwang.com (Postfix) with ESMTP id 9FBF11CDDFE
 for <tor-talk@lists.torproject.org>; Sun,  8 Feb 2015 17:27:05 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=techwang.com; h=
 content-transfer-encoding:content-type:content-type:in-reply-to
 :references:subject:subject:to:mime-version:user-agent:from:from
 :date:date:message-id; s=dkim; t=1423416423; x=1424280424; bh=6K
 ZyLU1e3e85SR0ylUQvwA8z5U95F+f9cM9+d7NdY7o=; b=hpGD56N5ulEwJwTHmc
 5pX4KKMkYs9VsoocrVnWGzr4Hz7UiHGk6homNEvkvTu8Iw0cLRH6+zn/FJrR/JL+
 BgXSe9IBU7c3lcp6Suqs1uXXp3sAhjjUrTIsP7oLQ8hLXX8T5uX3JYVrKrLToP5J
 ZEW2ciYLdOaJtE/NloFAmmagQ=
X-Virus-Scanned: Debian amavisd-new at unicornbox.unicorn
Received: from secure.techwang.com ([127.0.0.1])
 by localhost (secure.techwang.com [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id IOcmJAFN35A7 for <tor-talk@lists.torproject.org>;
 Sun,  8 Feb 2015 17:27:03 +0000 (GMT)
Received: from [192.168.1.50] (3240083-cl69.boa.fiberby.dk [89.23.240.83])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by secure.techwang.com (Postfix) with ESMTPSA id C10041CDDFC
 for <tor-talk@lists.torproject.org>; Sun,  8 Feb 2015 17:27:02 +0000 (GMT)
Message-ID: <54D79CAC.3070404@techwang.com>
Date: Sun, 08 Feb 2015 18:28:12 +0100
From: Bill Berry <bill@techwang.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <54D741CC.8030308@techwang.com>
In-Reply-To: <54D741CC.8030308@techwang.com>
Subject: Re: [tor-talk] Blocking STUN Requests at Firewall?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>


In case anyone is interested I managed to block STUN requests using an 
application level firewall on the router. Probably not 100%, but 
definitely an improvement...

On 08/02/15 12:00, Bill Berry wrote:
> Hi all,
>
> I've setup a Tor transparent proxy, as per the instructions here 
> https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy 
> (I'm aware of the security risks of not using the Tor Browser)
>
> It's working well except it is vulnerable to STUN requests (as per 
> http://ipleak.net/). Does anyone have experience of blocking these 
> requests? Based on the spec they can be TCP or UDP, so just blocking 
> non DNS UDP doesn't seem to help. Maybe it could be achieved using 
> DPI? Not much info on the net.
>
> Thanks,
>
> Bill
>
>

-- 
--
High quality Shiba Inu at the right price! Quality dogs for over 15 years!

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

