[squid-users] Host header forgery affects pure splice environment too?

Yuri Voinov yvoinov at gmail.com
Mon Dec 28 14:29:43 UTC 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
Heh. It seems bogus by our opinion.

Tor certainly thinks otherwise.

Actually, from this stupid idea to do a bump Tor network traffic?

28.12.15 19:58, Marcus Kool пишет:
>
>
> On 12/28/2015 01:33 AM, Jason Haar wrote:
>> On 28/12/15 14:34, Amos Jeffries wrote:
> [...]
>> I think we know what the problem is: TOR is making TLS connections (I
>> don't know if they're HTTPS) on port 443 and uses SNI names that aren't
>> real?
>
> peeking on tor-proxy-2.cypherpunks.to shows a certificate with
>   issuer '/CN=www.totaikrsupklbpy5.com'
>   subject '/CN=www.bpanciu6f5cjqflv2.net'
> so the certificate is definitely bogus.
>
> marcus
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
 
iQEcBAEBCAAGBQJWgUdWAAoJENNXIZxhPexGoW4H/3aTH/y+C7pMWK+2BtHNIB4T
NMueFP/Nv2ixJf8MmqPh765R3Q6o3KWWEuK6BHcunZRjQJh1glz6h073ocVSb2EJ
BkhHUFuYbF31hwZCvZwFr7tFlKDvQ9yBvmwk3Ep3KjiFThoF+uwyV3HbEWmUx083
hAgVfXnqqeClhZx4WSrOLLLc4BTAfuCYM84ox6JRemqHq5kFpObaLRPCvNkO+VtF
M/yId+ag4pyUMGcTXN0KD+SHtgdKkraWRP7u5RrQ0kiScwv5Q30nV09MY93qkvaB
hi5qgEGLlDyO+qXkqpNoPXYqinVFRGgEE7OMzbthvCRJk1v2XVB2I+mab1McnQk=
=H3Ki
-----END PGP SIGNATURE-----



More information about the squid-users mailing list