[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
My relays have been patched to the latest available kernels, and aren't in the list of vulnerable relays, however they still show high values for TCPSYNChallenge:
----
$ ansible tor -a 'bash -c "netstat -s | grep -i challenge"' -b --ask-become-pass
lon | SUCCESS | rc=0 >>
TCPChallengeACK: 14197
TCPSYNChallenge: 2926
fra | SUCCESS | rc=0 >>
TCPChallengeACK: 12907
TCPSYNChallenge: 3461
----
$ ansible tor -a 'bash -c "cat /etc/lsb-release && uname -rv"' -b --ask-become-pass
fra | SUCCESS | rc=0 >>
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.5 LTS"
3.13.0-101-generic #148-Ubuntu SMP Thu Oct 20 22:08:32 UTC 2016
lon | SUCCESS | rc=0 >>
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.5 LTS"
3.13.0-101-generic #148-Ubuntu SMP Thu Oct 20 22:08:32 UTC 2016
----
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays