[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: both my servers crashed
On 4/23/05, Ron Davis <ron_davis@xxxxxxxx> wrote:
> Apr 23 12:56:09.180 [warn] tor_tls_get_peer_cert_nickname(): Peer
> certificate nickname has illegal characters.
> Apr 23 12:56:09.180 [warn] connection_tls_finish_handshake(): Other side
> (84.13.106.159:1626) has a cert without a valid nickname. Closing.
> Apr 23 12:56:11.540 [err] _assert_no_tls_errors(): Unhandled OpenSSL
> errors found at buffers.c:229:
That's the Tor process being over sensitive and aborting at the first
sign of errors. It could be that some kiddie has figured out they can
shut nodes down by triggering this assertion failure. However, in
light of this:
> After the first Windows error message, I rebooted and found the
> installer exe of the backdoor program FTPCentre.13.A on my system (
> http://www.megasecurity.org/trojans/f/ftpcenter/Ftpcenter1.3.html ).
>
> I suspect that the instability of the system somehow opened it to an
> intruder.
It's possible that someone has found a buffer overflow in Tor. Anyone
who's server died with similar messages on Window should look at the
above link and check their systems. (Please report findings to the
list also.)
I don't know if the OpenSSL libraries are linked with the Windows Tor
package, or are installed separately, but they MUST be >= 0.9.6m or >=
0.9.7d.
AGL
--
Adam Langley agl@xxxxxxxxxxxxxxxxxx
http://www.imperialviolet.org (+44) (0)7906 332512
PGP: 9113 256A CC0F 71A6 4C84 5087 CDA5 52DF 2CB6 3D60