[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
From: Alex Haydock <alex@xxxxxxxxxxxxxxxxx>
Date: Sat, 19 Nov 2016 15:49:54 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 19 Nov 2016 10:50:11 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alexhaydock-co-uk.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=nfWpVwsFibAVqpRlarDfLqng3NpSJQ3vPVfKLtl89Dw=; b=c3WhoNxfr5zwUNGqcqjwc2E3GGan1kcwWtFQpe7rEiihJxAj9hPV/QhPaeH/CUXyzs yl8F0U7NVKPKevz1u234igZROpVoxuvLk3iLwGzhyV6PDyhsWj5rlQ3C8N1Za4vyZMSn lnub0t32MQS2a91VpPyxkUXwOoGbS/8HYMFhodjJg8H++OmpUUdTTsfa8+f4B9F3otn0 Dvnht4VSv1tGbSbg/Ns6zceZQUEIoK+/lmq2pKkJ7Jsv8S9ZlcZA/+WOczp3Tdw5628N 9T5ukAhBY0NRjVBVICmr5A7jGCWiP413B5iuNLNIsdyYZgOLdh3UxTF7AJVKnhWiHFsO b5hw==
In-reply-to: <20161117073013.vxb72balbg2x7rwk@riseup.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <20161117014004.2clp7djzm2jjxqvt@riseup.net> <20161117073013.vxb72balbg2x7rwk@riseup.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0

Hi,

I don't really want to derail this thread, and I'm sure it's been said before, but I'd love to put in a plug for the TorBSD Diversity Project here:

https://torbsd.github.io/

As a whole, the network is pretty homogeneous in terms of its reliance on the Linux kernel so kernel bugs and exploits like this can end up affecting a great portion of the network.

There are some graphs showing (the lack of) network diversity here, which are interesting to look at:

http://torstatus.blutmagie.de/network_detail.php

Just a thought to consider when setting up future relays, for those who already have experience working with other kernels like FreeBSD/OpenBSD/Solaris etc.

Cheers,

Alex

On 17/11/16 07:30, dawuud wrote:

Hi.

I added the scan output to the repo, this includes the output csv file
and a list of vulnerable relays:

https://github.com/david415/scan_tor_rfc5961/blob/master/scan_archive/nov17_2016/probe_out.csv
https://github.com/david415/scan_tor_rfc5961/blob/master/scan_archive/nov17_2016/vulnerable_tor_relays


Upgrade your Linux kernel and reboot your tor relays!

Cheers,
David

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
  - From: Olaf Selke

References:
- [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
  - From: dawuud
- Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
  - From: dawuud

Prev by Author: Re: [tor-relays] assign_to_cpuworker failed. Ignoring.
Next by Author: Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
Previous by thread: Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
Next by thread: Re: [tor-relays] network scan results for CVE-2016-5696 / rfc 5961
Index(es):
- Author
- Thread