[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961



My relays have been patched to the latest available kernels, and aren't in the list of vulnerable relays, however they still show high values for TCPSYNChallenge:

----

$ ansible tor -a 'bash -c "netstat -s | grep -i challenge"' -b --ask-become-pass

lon | SUCCESS | rc=0 >>
    TCPChallengeACK: 14197
    TCPSYNChallenge: 2926

fra | SUCCESS | rc=0 >>
    TCPChallengeACK: 12907
    TCPSYNChallenge: 3461

----

$ ansible tor -a 'bash -c "cat /etc/lsb-release && uname -rv"' -b --ask-become-pass

fra | SUCCESS | rc=0 >>
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.5 LTS"
3.13.0-101-generic #148-Ubuntu SMP Thu Oct 20 22:08:32 UTC 2016

lon | SUCCESS | rc=0 >>
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.5 LTS"
3.13.0-101-generic #148-Ubuntu SMP Thu Oct 20 22:08:32 UTC 2016

----

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays