On 13 Apr 2014, at 19:45, Scott Bennett wrote: > Mateusz B?aszczyk <blahu77@xxxxxxxxx> wrote: > >> >> I am wondering that another effect of the heartbleed was increased TLS overhead, that I saw many times also before April-7. >> Unfortunately I do not store more than 7 files worth of logs: >> >> Apr 1 02:50:23 localhost Tor[394]: TLS write overhead: 7% >> Apr 1 08:51:35 localhost Tor[394]: TLS write overhead: 7% >> Apr 1 14:52:45 localhost Tor[394]: TLS write overhead: 7% >> Apr 1 20:53:52 localhost Tor[394]: TLS write overhead: 7% >> Apr 2 02:55:02 localhost Tor[394]: TLS write overhead: 7% >> Apr 2 08:56:08 localhost Tor[394]: TLS write overhead: 7% >> Apr 2 14:57:20 localhost Tor[394]: TLS write overhead: 7% >> Apr 2 20:58:28 localhost Tor[394]: TLS write overhead: 7% >> Apr 3 02:59:37 localhost Tor[394]: TLS write overhead: 7% >> Apr 3 09:00:44 localhost Tor[394]: TLS write overhead: 7% >> Apr 3 15:01:53 localhost Tor[394]: TLS write overhead: 7% >> Apr 3 21:03:04 localhost Tor[394]: TLS write overhead: 7% >> Apr 4 03:04:12 localhost Tor[394]: TLS write overhead: 7% >> Apr 4 09:05:22 localhost Tor[394]: TLS write overhead: 7% >> Apr 4 15:06:30 localhost Tor[394]: TLS write overhead: 7% >> Apr 4 21:07:39 localhost Tor[394]: TLS write overhead: 7% >> Apr 5 03:08:49 localhost Tor[394]: TLS write overhead: 7% >> Apr 5 09:09:58 localhost Tor[394]: TLS write overhead: 7% >> Apr 5 15:11:06 localhost Tor[394]: TLS write overhead: 7% >> Apr 5 21:12:16 localhost Tor[394]: TLS write overhead: 7% >> Apr 6 03:13:24 localhost Tor[394]: TLS write overhead: 7% >> Apr 6 09:14:33 localhost Tor[394]: TLS write overhead: 7% >> Apr 6 15:15:42 localhost Tor[394]: TLS write overhead: 7% >> Apr 6 21:16:52 localhost Tor[394]: TLS write overhead: 7% >> Apr 7 23:43:41 localhost Tor[523]: TLS write overhead: 6% >> Apr 8 05:43:41 localhost Tor[523]: TLS write overhead: 6% >> Apr 8 11:43:41 localhost Tor[523]: TLS write overhead: 6% >> Apr 8 23:06:23 localhost Tor[58851]: TLS write overhead: 41% >> Apr 9 05:06:23 localhost Tor[58851]: TLS write overhead: 37% >> Apr 9 11:06:23 localhost Tor[58851]: TLS write overhead: 29% >> Apr 9 17:06:23 localhost Tor[58851]: TLS write overhead: 23% >> Apr 9 23:06:23 localhost Tor[58851]: TLS write overhead: 19% >> Apr 10 05:06:23 localhost Tor[58851]: TLS write overhead: 18% >> Apr 10 11:06:23 localhost Tor[58851]: TLS write overhead: 14% >> Apr 10 17:06:23 localhost Tor[58851]: TLS write overhead: 8% >> Apr 11 02:00:13 localhost Tor[65758]: TLS write overhead: 6% >> Apr 11 08:00:13 localhost Tor[65758]: TLS write overhead: 5% >> Apr 11 14:00:13 localhost Tor[65758]: TLS write overhead: 5% >> Apr 11 20:00:13 localhost Tor[65758]: TLS write overhead: 5% >> Apr 12 02:00:13 localhost Tor[65758]: TLS write overhead: 5% >> Apr 12 08:00:13 localhost Tor[65758]: TLS write overhead: 5% >> Apr 12 14:00:13 localhost Tor[65758]: TLS write overhead: 5% >> Apr 12 20:00:13 localhost Tor[65758]: TLS write overhead: 5% >> >> Especially as it looks to be highly increased after the release of the vulnerability. > > How can you tell that? tor did not log those messages back in 2012 when > the vulnerability was released. These are from April, 2014. I am running this relay from Jan, 2014 and this messages were definitively logged. I can't tell obviously if I am right, I am guessing, sharing my thoughts. > >> I am not sure I am on right track but it does look suspicious. >> > What would interest me would be to know whether the period of increased > TLS write overhead highlighted above involved hidden services directory > connections. > I wouldn't be able to tell, don't have logs for that. -mateusz
Attachment:
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays