[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
From: pa011 <pa011@xxxxxx>
Date: Sat, 10 Dec 2016 20:46:12 +0100
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 10 Dec 2016 14:46:25 -0500
In-reply-to: <20161209232705.2v7o7h5wa5qdczgb@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <20161117014004.2clp7djzm2jjxqvt@riseup.net> <20161117073013.vxb72balbg2x7rwk@riseup.net> <bbe0291b-0ee7-f7bf-fcff-d3f55f21e961@riseup.net> <20161117212247.bnscfyw2mrww6slc@riseup.net> <20161202020046.66pvqb26d6txkytc@riseup.net> <8c24f031-f038-5039-1e0f-b55fd2e5186f@riseup.net> <20161209071214.g7ks2hwe5aapudue@riseup.net> <61e073d0-be5b-6282-405d-316bce7842ad@riseup.net> <20161209232705.2v7o7h5wa5qdczgb@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.5.1


> I would however be very interested to hear back from tor-relay operators
> if any of them have found Challenge ACK counter values higher than
> a million... which would indicate some kind of funny business.
> 
Thanky you for your work.

I know of 3 relays with ACK above 1 million:

    TCPChallengeACK: 1081146
    TCPSYNChallenge: 1062995

    TCPChallengeACK: 1270948
    TCPSYNChallenge: 1254428
  
    TCPChallengeACK: 1189549
    TCPSYNChallenge: 1171422

all running under Linux vm20198 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19) x86_64 GNU/Linux

There seems to be no relation between uptime of the server and challenges apart from rebooting, which resets to 0.

What about relays not on the list at all?

I would assume that not everybody of that 23 percent does know what exactly to do, apart from better running on BSD - could you please give detailed recommendation for beginners - your discussion seems on a high level :-)

Thanks and regards 

Paul
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
  - From: Ivan Markin

References:
- Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
  - From: dawuud
- Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
  - From: Ivan Markin
- Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
  - From: dawuud
- Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
  - From: Ivan Markin
- Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
  - From: dawuud

Prev by Author: Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
Next by Author: Re: [tor-relays] The t-shirt organization thingy
Previous by thread: Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
Next by thread: Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
Index(es):
- Author
- Thread