Re: [tor-relays] Tor exit nodes attacking SSH?

On Wed, 9 Aug 2017 21:08:30 +0100 Alexander Nasonov alnsn@yandex.ru wrote:

me@eugenemolotov.ru wrote:

...

Make a "trap" ssh server (for example on virtualbox machine without any sensitive data) and log in into it through tsocks. After that check from which ip it was logged in. This probably would be ip of the exit node.

What if they "bridge" mitm-ed traffic to a different host?

They could feed MITMed traffic back into Tor, framing a different exit node in the process :)