[Whonix-devel] Testers wanted! New FIN ACK / RST ACK Leak Test

• Previous message: [Whonix-devel] The Linux Security Circus: On GUI isolation - Your opinion?
• Next message: [Whonix-devel] Testers wanted! Whonix 8.2
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Mike Perry recently discovered a leak bug in custom transparent proxies (not related to Whonix!) and published his findings on the tor-talk mailing list:
https://lists.torproject.org/pipermail/tor-talk/2014-March/032503.html

This leak test has been adapted for Whonix and documented here:
https://www.whonix.org/wiki/Dev/Leak_Tests#FIN_ACK_.2F_RST_ACK_-_Leak_Test

Fortunately, I wasn't able to reproduce this leak using Whonix. Probably because the Linux version Whonix is using isn't affected by this bug and/or because Whonix's Firewall uses iptables default policy drop for input-, output-, fowardchain and only allows the Tor user to establish external connections. However, other users using different host operating systems and setups than I should repeat the test.

Please feel encouraged,
- to comprehend the original thread on the tor-talk mailing list
- verify yourself that this leak test doesn't find a leak and share your results
- check if upstream (Linux kernel / iptables) consider this a bug and if it has already been reported (this is not clear yet)

This post has been automatically cross-posted by whonix.org/blog To see the original (including links), go to https://www.whonix.org/blog/testers-wanted-new-fin-ack-rst-ack-leak-test

• Previous message: [Whonix-devel] The Linux Security Circus: On GUI isolation - Your opinion?
• Next message: [Whonix-devel] Testers wanted! Whonix 8.2
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]