Slashdot Mirror

← Back to Stories (view on slashdot.org)

Launching Anonymous Attacks Using the Tor Network

Posted by Hemos on from the wait-you-mean-people-aren't-all-nice dept.

An anonymous reader writes "Nitesh Dhanjani over at O'Reilly Network describes how malicious users can launch attacks over the Internet anonymously using the Tor network. Looks like the flip side of the Tor project is that it allows anyone to launch network scans and exploits anonymously. Great, just what we need now."

5 of 19 comments (clear)

  1. Good Article by Vodak · · Score: 4, Insightful

    Security is always going to be a concern on the Internet. The more we know about the problems we all face the better. At least this article is a calm mention of the negative possibilities that this technology can be used for instead of a paranoid rant on how this should have never been created in the first place.

  2. An unfortunate inevitability by TripMaster+Monkey · · Score: 3, Insightful


    Whenever you have a system that allows for anonymity, you will always have people that abuse that anonymity for their own nefarious purposes. If you have a mechanism for singling out and dealing with the abusers, you don't have anonymity anymore.

    There's no way around it....you simply have to take the good with the bad.

    --
    ____

    ~ |rip/\/\aster /\/\onkey

  3. This is news? by dougmc · · Score: 5, Insightful
    Looks like the flip side of the Tor project is that it allows anyone to launch network scans and exploits anonymously.
    This is news?

    Anything that lets you use a service anonymously will let you abuse a service anonymously.

    Sure, the system may add limits (bandwidth used, total traffic, things it can connect to, etc.) to limit the damage that could be caused, but ultimately anything like this can be used for evil purposes.

    Some examples? The penet.fi anonymous remailer was used to troll Usenet, harass people and even to say bad things about Scientology! (The horror!)

    Another example? A NAT router hides the internal IP address of the user, which tends to make them semi-anonymous. This is good, and this is bad. (I say semi-anonymous because most NAT devices keep logs, and if you need to determine who (ab)used something, the data is usually there.

    There's lots more examples.

  4. Re:Now, that's a discovery! by elgaard · · Score: 2, Insightful

    If we all start usings TOR, mixmaster, etc. only 60 pct or so will be spam, scam, etc, just like it is on the internet now.

  5. Re:Astroturf by TripMaster+Monkey · · Score: 3, Insightful

    From your original post:
    Seems like an astroturf story to me i.e. a story planted in the media by certain interests who don't want any anonymity on the Internet, or anywhere else.

    Certainly looks like an accusation of astroturfing to me...if by 'seems like an astroturf story to me', you didn't mean to insinuate that the story seemed like an astroturf story to you, perhaps you shouldn't have said so.

    Perhaps you can take this opportunity to clarify your position...what exactly did you mean by the statement 'seems like an astroturf' story to me', if your intent wasn't to accuse Nitesh Dhanjani and O'Reilly of astroturfing?

    Do enlighten us.
    --
    ____

    ~ |rip/\/\aster /\/\onkey