Re: both my servers crashed

[Roger Dingledine <arma@xxxxxxx>]

On Sat, Apr 23, 2005 at 03:54:33PM +0200, Ron Davis wrote:
> Apr 23 12:56:09.180 [warn] tor_tls_get_peer_cert_nickname(): Peer
> certificate nickname has illegal characters.
> Apr 23 12:56:09.180 [warn] connection_tls_finish_handshake(): Other side
> (84.13.106.159:1626) has a cert without a valid nickname. Closing.
> Apr 23 12:56:11.540 [err] _assert_no_tls_errors(): Unhandled OpenSSL
> errors found at buffers.c:229:

Right, this is a known bug. We're working on it.

If you'd been running 0.1.0.3-rc, you would have seen a slightly
more useful warn message:
Apr 23 01:42:23.735 [warn] tor_tls_get_peer_cert_nickname(): Peer
certificate nickname 'JAP-Client' has illegal characters.

I don't think this is malicious. We just don't handle it as well as we
should. Expect an update out todayish, and hopefully the whole network
won't die in the meantime. ;)

> After the first Windows error message, I rebooted and found the
> installer exe of the backdoor program FTPCentre.13.A on my system (
> http://www.megasecurity.org/trojans/f/ftpcenter/Ftpcenter1.3.html ). 
> 
> I suspect that the instability of the system somehow opened it to an
> intruder.

Hm, this is disturbing. My first thought is that this is related to the
insecurity of your Windows and nothing to do with Tor. Do you have any
reason to believe otherwise?

Thanks,
--Roger