Comments (7)
Yet another hit!
2016-01-09 15:37:44,711 [ERROR]: Found false negative for https://atlas.torproject.org/#details/06D7B21EE71E3903BCF344A8E2E331C7F534164C. Desc addr is 36.55.228.145 and check addr is 36.55.228.145.
from exitmap.
Seems to come from the list of relays:
The check for exitmap works correctly
The issue comes from Atlas, marking an IP as being invalid [false] when in fact it is valid and should return [true]
2016-01-09 18:33:06,686 [ERROR]: Found false negative for https://atlas.torproject.org/#details/3DFD5C51D75D753C94E7CE7AFAE4D157B6000782. Desc addr is 178.65.169.217 and check addr is 178.65.169.217.
from exitmap.
Hello Nullhypothesis,
Checked the IsTor response.
IsTor has 3 responses:
Is a tor exit
Is not a tor Exit
And a timeout
Found the documentation on tor exits:
https://trac.torproject.org/projects/tor/wiki/doc/TorDNSExitList
$istor = torel_check($ip, $myport, $myip);
// use $istor as needed for altering page behavior:
if ($istor < 0) {
// DNS query failed to get an answer
}
elseif ($istor) {
// Endpoint is a known Tor exit
}
else {
// Endpoint does not appear to be a Tor exit
}
Can we insert a check for the case where both ips match but the node is returning false, then it would make the requests a few more times to eliminate the possibility of erronous false negatives.
Because it seems a timeout is returning false when in fact the node is valid...
when i would launch checktest again, it detects the previously erronous node as valid again
from exitmap.
Ran a checktest and got a hit but the des addr and check addr were the same.
Note that this doesn't really matter. The purpose of the module is to find exit relays that check.torproject.org doesn't recognise as relays. If they happen to have the same descriptor and check address, so be it. As a result, I think this is actually a bug in the check service and not in this module, right?
Also, I think you are referencing the wrong source code repository. For the JSON structure of the check API, have a look at:
https://gitweb.torproject.org/check.git/tree/handlers.go#n103
The IsTor
variable is boolean.
from exitmap.
Nullhypothesis,
Thanks so much for the correct repository! I agree with what you said.
I do appologize for being unclear at best with my previous response. (very sleepy yesterday)
The way I see it is that there are 3 cases:
- Same Desc + Different address = False Negative ==>Correct
- Same Desc + Same Address = Valid node (check server returning true) ==>Correct
- Same Desc + Same Address = Valid node (check server returning false - due to timeout or whatever server failure) ==> Incorrect
The 3rd case is the one of interest to us.
So in the case of same descriptor and same address yielding a false response
My proposed solutions:
- Output a more descriptive response : (Node is a false positive or possible server/Exit node timeout)
OR - Perform a double check on the node.
If we get a false answer again -->Its a confirmed False Negative.
If we get a true answer this time --> Its a valid node.
BRegards,
Codarren
from exitmap.
Upon close reading of the code, I believe the issue is somewhere else.
Therefore, I am closing this ticket
from exitmap.
Yes, I think so too. Thanks, and let me know once you figured it out.
from exitmap.
Related Issues (20)
- Add module to verify a relay's exit policy HOT 1
- Increase test coverage HOT 3
- Failed to attach stream because of unknown circuit.
- Handle multiple parallel instances better HOT 1
- Log which circuits failed during scan. HOT 3
- Inform users that it can take a while to bootstrap HOT 1
- Warn user when Stem version is too old HOT 4
- Use OONI's format for reports
- Improve transparent HTTP proxy detection with SSL test on port 80
- Detect Tor Exit doing sniffing by passively detecting unique DNS query (via HTML & PCAP parsing/viewing) HOT 6
- ValueError: Extra-info digests should consist of forty hex digits HOT 1
- /tmp/pymp-XXX directories not always cleaned up HOT 3
- Use Tor Browser programmatically for scanning HOT 1
- Dnspoison module requires dnspython as a requirement HOT 1
- run_cmd_over_tor lacking examples HOT 5
- Pep8 Violations HOT 1
- Exitmap fails when circuits are "overused" HOT 4
- Making it compatible with Whonix HOT 4
- dnspoison module: IPv6 addresses cause false positives HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from exitmap.