[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: False certificates



On Tue, Nov 28, 2006 at 07:56:41PM -0600, Mike Perry wrote:
> > Yuck. Actually, Peter Palfrader just pointed out that it's probably just
> > an iptables screw-up. "bach" is that Tor server's nickname. It looks
> > like he's redirecting all outgoing port 443 requests back into his ORPort.
> > 
> > So, yet another instance of a non-malicious attacker. :)
> 
> Heheh, I guess this goes in the "never blame conspiracy when you can
> blame incompetence" column. Damn, it's so much more exciting to find
> malicious nodes ;)

Looks like bach is all fixed now.

Thanks. Let me know if you find other misconfigured exits. One day
we'll get the automated scanning going. :)
--Roger