Opened 5 years ago

Last modified 2 years ago

#13590 new enhancement

Extend HiddenServicePort VIRTPORT semantics

Reported by: grarpamp Owned by:
Priority: Low Milestone: Tor: unspecified
Component: Core Tor/Tor Version: Tor: 0.2.5.10
Severity: Normal Keywords: tor-hs, shoot-self-in-foot honeypot cfg
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

Instead of 65535 separate HiddenServicePort lines, map all ports with just '*' as VIRTPORT.
VIRTPORT should also support ranges of such lateral mappings using '-' dash and ',' comma strings: 4-1367,5000-5010,7777,54321-60123
This is not intended to have knowledge of kernel's current port availability/use, but for convenience when user already knows they will be free.
Tor could map these on startup reservation (possibly looping on ones it can't bind right away), or map on inbound demand (with possiblity of same loop).
May also need HiddenServicePort VIRTPORT exclude, to exclude known ports list in use for other local purposes, such as 22,80,443,9050,9051 etc if doing so is more efficient/secure with such '*' or range maps.

Child Tickets

Change History (6)

comment:1 Changed 5 years ago by nickm

Keywords: tor-hs lorax added
Milestone: Tor: 0.2.6.x-finalTor: 0.2.???

What's the use case for '*'? It seems kinda worrisome to me to want to expose e.g. every port you've got on your local host over a hidden service. Probably there is some stuff that you really shouldn't expose.

In any case, I'd be happy to take a patch for port ranges if somebody writes it.

comment:2 Changed 5 years ago by grarpamp

Use '*' as VIRTPORT for honeypots, watching portscanners, testing, etc.
I originally had 'exclude' as a TARGET keyword to indicate 'all but this' VIRTPORT range, but it seemed better to define it as a range to remove from all other specified VIRTPORTs of that service including from '*' itself. Consider it a firewall. 'HSP * exclude' would remove all.
Same VIRTPORT randomizer... you'd have to treat '*' as always hit, and scan through the range style lines to find any hits there. Again, canceled by hits in 'exclude' list.
Perhaps TARGET could also be a tun(4) with 'tun', not sure on that yet.
My '^Tor' sentence in OP should be removed but there's no button to edit it.

comment:3 Changed 3 years ago by teor

Milestone: Tor: 0.2.???Tor: 0.3.???

Milestone renamed

comment:4 Changed 3 years ago by nickm

Keywords: tor-03-unspecified-201612 added
Milestone: Tor: 0.3.???Tor: unspecified

Finally admitting that 0.3.??? was a euphemism for Tor: unspecified all along.

comment:5 Changed 2 years ago by nickm

Keywords: tor-03-unspecified-201612 removed

Remove an old triaging keyword.

comment:6 Changed 2 years ago by nickm

Keywords: shoot-self-in-foot honeypot cfg added; lorax removed
Priority: MediumLow
Severity: Normal
Note: See TracTickets for help on using tickets.