Silk Road forums
Discussion => Security => Topic started by: shulginsindex on May 06, 2013, 04:38 am
-
Is Ddoss even possible on tor?
I can think of only one method but that would take the dosser ages and ages so i rule that method out. On tor how is this possible? Just curious
-
Though a fucking digital shitload of HTTP requests I'm guessing. Because it's Tor, it's real tough to tell which ones are for real and which ones are bullshit. Still, it's possible and clearly they're using the right tactics at SR to combat this bullshit.
-
This was my thoughts when ppl kept saying it was under DDOS attack, I WAS LIKE WTF? this is tor , these are onion sites, everytime a server or a member logs on its never the same IP.. So i reached out to some pro's and They felt it was no way a DDOS attack could happen,
BUT A DOS attack is more Plausible .. I posted the diffrence betwee n the 2 on another thread. DDOS ing a Tor onion site makes no sense, and i agree OP only way i could even possibley see it happen is the method u mention..
i COULD BE WRONG, i am not saying i am 100% correct, but this is who i reahed out to told me and my own research.. DDOS' ing one specific Onion site is as i see it IMPOSSIBLE, unless your somehow attacking the whole TOR network,
WHICH if u know how TOR came about u should know its gonna take a team even if then to bring it down..
Tor was made for Gov special Ops missions, to send out their location without giving it away over the net when contacting HB or HQ..
Anyone that see's any flaws in what i said please feel free to correct me..
-
Well this ddoss attack is well ochestrated. They would have to install a hidden partion on the victims hard drive to run tor and script a program to attack as its a bit tricky. as i say def possible, but time consuming. Its been a while for me and tor is new to me so i could be wrong.
-
ITS NOT A DDOS ATTACK!!! IT WOULD BE A DOS ATTACK!!! TWO DIFFRENT THINGS,,
SOME OF YOU DO NOT SEEM TO KNOW WHAT A DDOS ATTACK IS, READ THE DEFINITION ON DOS AND DDOS
IT IS IMPOSSIBLE TO DDOS A ONION SITE AS FAR AS I KNOW.. DOS DIFFERENT
IV EVEN COME TO THINK ITS A SQL INJECTION OF THE SITE.....
-
ITS NOT A DDOS ATTACK!!! IT WOULD BE A DOS ATTACK!!! TWO DIFFRENT THINGS,,
SOME OF YOU DO NOT SEEM TO KNOW WHAT A DDOS ATTACK IS, READ THE DEFINITION ON DOS AND DDOS
IT IS IMPOSSIBLE TO DDOS A ONION SITE AS FAR AS I KNOW.. DOS DIFFERENT
IV EVEN COME TO THINK ITS A SQL INJECTION OF THE SITE.....
yes they are different but the message from dpr stated ddoss.ddoss is possible on tor, its a huge influx of traffic which tor servers cant handle.def possible. sql injection on tor unsure. If its SQL id be worried, this is all dependant on how information is stored by dpr. We are told addresses are deleted, but could they be diverted to another database? I hope its a ddoss
BTW what makes you speculate an sql injection?
-
ITS NOT A DDOS ATTACK!!! IT WOULD BE A DOS ATTACK!!! TWO DIFFRENT THINGS,,
SOME OF YOU DO NOT SEEM TO KNOW WHAT A DDOS ATTACK IS, READ THE DEFINITION ON DOS AND DDOS
IT IS IMPOSSIBLE TO DDOS A ONION SITE AS FAR AS I KNOW.. DOS DIFFERENT
IV EVEN COME TO THINK ITS A SQL INJECTION OF THE SITE.....
Yes DDoS != DoS but it should be noted how a tor hidden service works before you dismiss the possibility of a denial of service. In fact, a DoS is quite easy.
Say you have a tor hidden service and it needs some exit nodes from the tor network to communicate with the service. You limit the number of exit nodes to say two nodes to limit the possibility of a timing attack. Since these two nodes are the only ways to communicate with the service, one could plausibly cause a denial of service on these two nodes in order to cause a denial of service on the main target. Silk Road itself probably has tons of extra security measures to prevent its own denial of service (IIDS, OIDS, etc.) however the exit nodes are not expecting an attack since they are just relaying information, allowing them to be much easier targets.
In a chess context you could say that by attacking the pawns it is easier to attack the king.
-
ITS NOT A DDOS ATTACK!!! IT WOULD BE A DOS ATTACK!!! TWO DIFFRENT THINGS,,
SOME OF YOU DO NOT SEEM TO KNOW WHAT A DDOS ATTACK IS, READ THE DEFINITION ON DOS AND DDOS
IT IS IMPOSSIBLE TO DDOS A ONION SITE AS FAR AS I KNOW.. DOS DIFFERENT
IV EVEN COME TO THINK ITS A SQL INJECTION OF THE SITE.....
Yes DDoS != DoS but it should be noted how a tor hidden service works before you dismiss the possibility of a denial of service. In fact, a DoS is quite easy.
Say you have a tor hidden service and it needs some exit nodes from the tor network to communicate with the service. You limit the number of exit nodes to say two nodes to limit the possibility of a timing attack. Since these two nodes are the only ways to communicate with the service, one could plausibly cause a denial of service on these two nodes in order to cause a denial of service on the main target. Silk Road itself probably has tons of extra security measures to prevent its own denial of service (IIDS, OIDS, etc.) however the exit nodes are not expecting an attack since they are just relaying information, allowing them to be much easier targets.
In a chess context you could say that by attacking the pawns it is easier to attack the king.
good info
-
It still is a hellla king move to DDOS OR DOS A TOR SITE. It almost makes me think it would have to be somone with the knowledge or the program of the TOR network itself..
Has it crossed the minds the people who keep TOR what it is could not have possibley been paid off, or decided they wanted a cut since its a Free service, and where better to hold ransom than a drug site knowing the money we bring through here..Not saying thats what it is, but when things happen, everyone is suspect.
Also has NO ONE ELSE considerd a SQL injection at all??
-
Also has NO ONE ELSE considered a SQL injection at all??
I considered it, I also considered the idea that it may not have even been directed at SR.
Most systems now days are cloud based VM's, it could have been a DOS on another vm in the same cloud environment or a DOS on the cloud environment as a whole. Hell we don't know where SR is or it's environment so it could be running on a hidden service that is a VM in an existing high traffic SSL based site. That site being used as cover traffic for the tor service. If the cover site was under attach then SR would go down and the person or persons perpetrating the attach would not even know they took down SR.
-
I for one do not believe the 'DDoS attack' story. I would like to see some details and evidence about how this could happen.
I think the management f*cked up and spent the downtime rewriting half their code, and blamed it on an 'attacker'.
-
For the billionth time, DDoS and DoS are both possible against Tor hidden services. Not only can the actual hidden service be DDoSed by a botnet with http spam, but there are also Tor specific attacks that can be carried out. For one DDoSing introduction nodes leads to the hidden service they introduce for being unreachable, for two if the attacker traces to guard nodes they can DDoS them directly. Anybody who says it is impossible to DoS or DDoS hidden services clearly it not very read up on how connections to hidden services work.
-
DDoSing introduction nodes leads to the hidden service they introduce for being unreachable
With what I understand so far, I think this is what is going on. It seems to match the symptoms. As Astor and I noticed, rebooting Tor would suddenly make it easy to connect to SR or SRF. If SR was truly being attacked with some direct method this shouldn't happen.
Somehow somebody is able to identify which introduction points are being used for a specific hidden service. That's where my hypothesis gets to be on shaky ground, because I don't quite see how that would work. I thought introduction points were selected randomly from the list of Tor relays. It could be something else entirely but so far this seems to make most sense to me.
Thoughts?
-
Interesting Pine...
I dont have a direct thought to your statement. Im still wrapping my head around How and PINE if you will cause the time iv been here you are the only one i will except knowledge from and have fulll faith in it.
HOW THE FUK IS IT POSSIBLE TO DOS, LET ALONE DDOS A FUCKING ONION SITE? how?? YOU HAVE TO HAVE BOTNETS FIRIING OR THOUSAND OF PEOPLE FIRING AT ONE IP IF IM NOT WRONG, HOW CAN THAT BE DONE ON TOR WHEN THE IPS CHANGE EVERYTIME U LOG ON..??? DOS AND DDOS ARE NOT THE EXACT SAME THING.. I agree with the poster allot about his comments on this was a SQL injection i believe that more than i do the TOR NET WORK WAS DDOS OR DOS! NO fucking way.. Pine u truly feel that is possible?
I lurk and read more than anyting, and im allot more up on computer prgraming, and the other little fun things you learn over the years. I just don feel the need to post on everyting.
Just seeing these ppl Thinking it was A DDOS OR DOS just baffle s me.. Ok yea DPR said that was the attack, HELLO!!! THAT DOENT MEAN THAT WAS THE TRUE REASON BEHIND WHY WE WERNT GETTING ON..
To me its clear as the day there is way more here going on than just SR and buying drugs as well as selling.. There is a Hidden hand in all this.. Open your 3rd eye, LOOK,LISTEN AND LEARN!! For those who dont understand what your 3rd eye is, = your Pinal Gland.<Sorry if i splt it wrong.
Any thoughts Pine? or others? This DDOS-DOS IS BS
-
You don't target the service, you target the meetup points that the service uses.
A hostile client can create a circuit that goes through the targeted relay more than once, so they send one packet and the tor network repeats the attack for you.
The Tor team closed the bug on this issue with a statement along the lines of "all services can be dosed so why fix it". A bit short sighted.
There are proposed solutions, but they require changes to the protocol.
-
Any thoughts Pine? or others? This DDOS-DOS IS BS
I had thoughts but a session timeout blew them away. Also you're making people crazy with the FULL BLOWN CAPS.
-
Yea i know i dont do it on Purpose, my key board will just change into caps mode by itself at times and i will hit over and over to turn off and it wont... So its not on purpose.
To be honest I really didnt think people even cared, I knwo its considerd "yELLING" BUT i just dont see how its tht big a deal.. But until i get my new laptop in, iv gotta deal with it
-
Yea i know i dont do it on Purpose, my key board will just change into caps mode by itself at times and i will hit over and over to turn off and it wont... So its not on purpose.
To be honest I really didnt think people even cared, I knwo its considerd "yELLING" BUT i just dont see how its tht big a deal.. But until i get my new laptop in, iv gotta deal with it
Check out those laser keyboards, they look awesome! And they have security advantages, it is impossible to attach a hardware keylogger to them (good for some specific situations, like using a public computer at a library or internet cafe).
-
Yea i know i dont do it on Purpose, my key board will just change into caps mode by itself at times and i will hit over and over to turn off and it wont... So its not on purpose.
To be honest I really didnt think people even cared, I knwo its considerd "yELLING" BUT i just dont see how its tht big a deal.. But until i get my new laptop in, iv gotta deal with it
Check out those laser keyboards, they look awesome! And they have security advantages, it is impossible to attach a hardware keylogger to them (good for some specific situations, like using a public computer at a library or internet cafe).
Thanx for tip pine. Hey while your on and i can get u to answer a question. Im gonnna be loading 100+ but i dont wanna add it to sr, i wanna put it in a secrue wallet then send the funds as needed in case of any SR issues.. Iv got a blockchain wallet, but not secure enough..
What would u suggest? something i can keep on a USB..
-
ITS NOT A DDOS ATTACK!!! IT WOULD BE A DOS ATTACK!!! TWO DIFFRENT THINGS,,
SOME OF YOU DO NOT SEEM TO KNOW WHAT A DDOS ATTACK IS, READ THE DEFINITION ON DOS AND DDOS
IT IS IMPOSSIBLE TO DDOS A ONION SITE AS FAR AS I KNOW.. DOS DIFFERENT
THANK YOU! finally someone who knows what they are talking about! +1 to you my friend!
-
Thanx for tip pine. Hey while your on and i can get u to answer a question. Im gonnna be loading 100+ but i dont wanna add it to sr, i wanna put it in a secrue wallet then send the funds as needed in case of any SR issues.. Iv got a blockchain wallet, but not secure enough..
What would u suggest? something i can keep on a USB..
Torify a new wallet (may want to download the blockchain manually), receive BTC, put wallet.dat file into truecrypt encrypted volume on USB or two. Overwrite wallet.dat on machine. This is secure, it is just awkward.
Alternatively if physical intrusion is your main concern encrypt the wallet.dat file and then make an anonymous account at several websites that allow persistent uploads. Then you just need to protect the password username pairs and urls e.g. keepass account info storage.
If you're concerned about bitcoin theft by malware then make a dual boot for Linux to carry out all this activity on.
-
Check out those laser keyboards, they look awesome! And they have security advantages, it is impossible to attach a hardware keylogger to them (good for some specific situations, like using a public computer at a library or internet cafe).
I read up on those, and the specs don't mention what type of encryption it uses. I know that bluetooth keyboards have a long history of poor encryption.
That being said even wired keyboards can be sniffed by sound or by watching the ground wire.
I recommend a virtual keyboard for very secure things.
-
My main concern is that this attack was a distraction for a more malicious, covert extraction of information from the SR server. PGP encrypt everything. ;D
-
Iv notice some image hacks on the site again also.. Those 'sr quick buy' images at the bottom, then with a btc address.. iv reported 2 alrady