2 Aug
2014
2 Aug
'14
5:08 a.m.
On 14-08-01 06:58 PM, Nusenu wrote:
[moved to tor-relays]
Hi relay ops,
please consider having a regular look at your logs after upgrading to the latest tor releases to spot relay_early attacks (even if the attack origin is not directly attributable from a relays point of view).
searching your logs for 'Received an inbound RELAY_EARLY cell' should do it.
https://gitweb.torproject.org/tor.git/commitdiff/68a2e4ca4baa595cc4595a511db...
According to
https://blog.torproject.org/blog/tor-security-advisory-relay-early-traffic-c...
the RELAY_EARLY cell has common legitimate uses. How can we distinguish an attack from those?