On 22 Sep 2017, at 23:03, relay 000 relay0@mailbox.org wrote:
Someone is using the hidden service rendezvous protocol to ask non-exit relays to scan non-tor IP addresses.
wow, people can misuse my *non*-exit relay to scan (aka send a TCP SYN packet) other systems on the internet?
Yes.
But please don't worry. Receiving unsolicited TCP connections is a normal part of running a server on the Internet. And anyone who sends unsolicited spammy emails in response lacks a sense of irony.
Here's how the Tor rendezvous protocol can be used like that:
People can pretend that they are a client or onion service that's connected to a particular relay address.
And then they can ask your relay to extend to that pretend relay address. There's no requirement that the relay is in the consensus that your relay has. And so your relay tries to establish a TLS connection, may or may not succeed, but definitely fails at the authentication step.
And then it tells the client it failed. Without providing much info at all. So it's pretty useless, honestly.
The alternative would be to require that every relay used in the rendezvous protocol is in the consensus. But which consensus? * the consensus that the client has * the consensus that the service has * the consensus that the relay extending to the intro point has * the consensus that the relay extending to the rend point has
It gets complicated fast.
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------