Security Techniques

Tortilla Open Source Anonymous Traffic Routing Tool for Tor

Tortilla Open Source Anonymous Traffic Routing Tool for Tor: A researcher with startup Crowdstrike may have bridged those gaps with a tool called Tortilla. Expected to be unveiled at the upcoming Black Hat Briefings in Las Vegas in two weeks, senior security researcher Jason Geffner will not only deliver a presentation on the tool, but will release it as open source.

“Oftentimes, security researchers need to communicate with rogue servers for monitoring and we don’t want to leak our own IP addresses, especially if we’re working from home or working from our company’s IP address,” Geffner said. “Anonymity is valuable to us while doing research.”

In addition to having the ability to securely communicate with attack servers, it’s also important, whether over a browser or another Net-based tool, not to leak network traffic onto Tor, Geffner said. Tortilla, he said, provides a secure, anonymous means of routing TCP and DNS traffic through Tor regardless of client software and without the need for a VPN or secure tunnel.

“The Tor client does all of the work,” Geffner said. “Tortialla redirects TCP and DNS traffic through Tor ensuring nothing else gets out. I wouldn’t call it a plug in; it does communicate with the Tor client over the SOCKS port Tor opens up, but it’s not a plug in.”

Standard