On Tue, 8 Sep 2015 02:03:07 -0400 Roger Dingledine <arma@xxxxxxx> wrote: > On Mon, Sep 07, 2015 at 10:30:38AM -0400, > starlight.2015q3@xxxxxxxxxxx wrote: > > This is curious: Appears a large number of Tor > > client-bots have set > > > > UseEntryGuards 0 > > > > From current relays that have never had the guard flag: > > > > extra-info moep DA8C1123CDB3ACD3B36CD7E7CEFBEA685DED2276 > > entry-ips > > us=360,de=296,fr=232,it=192,es=160,jp=104,ru=104,br=96,ir=96. . . > > These are likely clients using a version from before we introduced > directory guards. So they probably use entry guards like normal, and > they just choose relays at random to fetch their directory info. > > This is why relays report dirreq-v3-reqs lines (number of v3 consensus > requests) in their extra-info descriptors too, and not just total > connection counts. This does present us with an opportunity to gain an actual estimate for the number of botnet clients since there's a way to distinguish them from normal users. Not sure if we'd require actual metrics or if this is just a matter of analysis. Regards, -- Yawning Angel
Attachment:
pgpITR9YTsG_M.pgp
Description: OpenPGP digital signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays