Re: [tor-relays] Possible problem with NYX

[arisbe <arisbe@xxxxxxx>]

Thanks for this added info--it helps.


On 9/4/2018 9:36 AM, Damian Johnson wrote:
> Hi arisbe. This isn't as concerning as you seem to think. As Nathaniel
> mentions it's simple to get this information, Nyx is simply attempting
> to scrub it cuz... well, it's ethically and legally the right thing to
> do. Nyx's 'should this be scrubbed' check is pretty simple [1].
> Inbound addresses are scrubbed if...
>
> 1. You're configured to accept user traffic (ie. you set BridgeRelay
> in your torrc or have receive the Guard flag). [2]
> 2. The connection doesn't belong to a another tor relay. [3]
>
> Does the relay show relay information such as a fingerprint? If so
> then it shouldn't be scrubbed. If it doesn't and you've set
> BridgeRelay in your torrc then please let us know on...
>
> https://trac.torproject.org/projects/tor/wiki/doc/nyx/bugs
>
> Thanks! -Damian (author of nyx and stem)
>
> [1] https://gitweb.torproject.org/nyx.git/tree/nyx/panel/connection.py#n230
> [2] https://gitweb.torproject.org/stem.git/tree/stem/control.py
> [3] In particular, we check if the address/port is in the consensus.
>
>
> On Mon, Sep 3, 2018 at 1:13 PM, arisbe <arisbe@xxxxxxx> wrote:
> > Hello ops,
> >
> > Today I noticed something on NYX that I find disturbing.  Page 2 (list of
> > inbound/outbound connections) showed me the IP address of an inbound
> > connection on one of my bridges!  Not the authority. This is crazy as these
> > are indicated as <scrubbed>:port for the users protection!  I have never
> > seen this before and haven't seen it since.  Of course, on low usage
> > bridges, the connection IP address can possibly be disseminated from netstat
> > but that's not the point.  It's my sense that this should never happen.  I
> > get chills imagining this happening on a guard relay operated by an
> > antagonist ! !
> >
> > I'm using the default NYX configuration on Ubuntu server 18.04.1 LTS, Tor
> > 0.3.3.9.
> >
> > Arisbe
> >
> > --
> > One person's moral compass is another person's face in the dirt.
> >
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays@xxxxxxxxxxxxxxxxxxxx
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

--
One person's moral compass is another person's face in the dirt.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays