On Wed, Apr 16, 2014 at 06:24:40PM -0700, Andrea Shepard wrote: > A list of 1777 proposed reject lines of fingerprints which have > ever turned up as potentially exposed by Heartbleed in my scans > is available at the URL below. This was generated with the following > query: > > (select distinct > hb.probe_identity_digest as identity_digest > from > heartbleed_probe_results hb > where > hb.probe_has_heartbleed and > hb.probe_tor_checked_identity) > union > (select distinct > hb.expected_identity_digest as identity_digest > from > heartbleed_probe_results hb > where > hb.probe_has_heartbleed and > not hb.probe_tor_checked_identity) > order by > identity_digest; > > That is, it includes all probe results for which a Tor handshake was > actually completed with the identity digest in question *and* a response > to the Heartbleed probe was seen (1729 digests) or for identity digests we > expected to see for that IP/port pair for which the handshake did not succeed > but a Heartbleed response was seen (additional 48 digests). > > The target list is all IP/port pairs which have ever appeared in a consensus > or vote during the time I've been scanning, so some of these may not be > in the current consensus or have ever appeared, or they may no longer be > vulnerable but not have changed keys properly. There are a bit over 900 > vulnerable relays in the latest consensus. > > http://charon.persephoneslair.org/~andrea/private/hb-fingerprints-20140417002500.txt The SHA-256 hash of that file, for the sake of stating it under a PGP signature, is: dadd2beca51d1d5cd7ffe7d3fe3a57200c7de7e136cad23b0691df2fbe84ee3f -- Andrea Shepard <andrea@xxxxxxxxxxxxxx> PGP fingerprint (ECC): BDF5 F867 8A52 4E4A BECF DE79 A4FF BC34 F01D D536 PGP fingerprint (RSA): 3611 95A4 0740 ED1B 7EA5 DF7E 4191 13D9 D0CF BDA5
Attachment:
pgp07HGViDedx.pgp
Description: PGP signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays