[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
[tor-bugs] #9653 [Tor]: Count v2 vs v3 link handshakes at relays
#9653: Count v2 vs v3 link handshakes at relays
-----------------------+----------------------------------
Reporter: arma | Owner:
Type: defect | Status: new
Priority: normal | Milestone: Tor: unspecified
Component: Tor | Version:
Keywords: tor-relay | Actual Points:
Parent ID: | Points:
-----------------------+----------------------------------
We're not sure what version the two million new botnet clients are
running. It might be Tor 0.2.2, in which case we can distinguish them by
their link handshake version.
We have lines like
{{{
dirreq-v3-reqs
us=56,fr=32,it=32,de=24,es=24,br=16,ru=16,ua=16,??=8,ar=8,at=8,au
=8,bd=8,be=8,bj=8,ca=8,ch=8,co=8,cz=8,dz=8,eg=8,gb=8,ge=8,hk=8,id=8,ie=8,il=8,in
=8,ir=8,is=8,jp=8,kr=8,lb=8,lt=8,lv=8,ma=8,md=8,mx=8,nl=8,no=8,ph=8,pl=8,ro=8,sa
=8,se=8,sg=8,sy=8,tr=8,tw=8,ve=8
dirreq-v2-reqs
}}}
in extra info descriptors. We could add new similar lines for link
handshakes. I worry about a few edge cases though, where there's one
client left in the world using the v1 handshake, and somehow the exit
relay can recognize it too, and now the guard node tells everybody that
it's the guard for that client.
In any case, step one is to write a quick hack to count them up, for
overloaded relay operators to run.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9653>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
_______________________________________________
tor-bugs mailing list
tor-bugs@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-bugs