This is also my assesment. It is "real" but not very high risk. I got the same notice and may have some traction since my "ISP" is another unit in my university. If you can get it fixed that's better, but if your ISP doesn't doesn't respond I wouldn't change your operations becasue of it. -Jon -- Jonathan Proulx (he/him) Sr. Technical Architect The Infrastructure Group MIT CSAIL On Fri, Dec 19, 2025 at 09:47:59AM +0000, forest-relay-contact--- via tor-relays wrote: :-----BEGIN PGP SIGNED MESSAGE----- :Hash: SHA512 : :Hello. : :krishna e bera wrote: :> Is the stated vulnerability an actively exploited problem or is this :> a DoS attack by scaremongering? : :My guess is it is neither. I would be that it's just some over-excited :researchers who want to get the news out about just how awful BGP is. :But, while it is "exploitable", there's not much that can be done with :it. All an attacker could do is cause the connections destined for your :relay to go to their servers instead. But crucially, they do not have :your relay key, so all other relays and clients would refuse to connect :to them. : :I suppose it could be used in combination with a guard discovery attack :to deanonymize a small set of people if the attacker does not have any :access between you and the targets (and cannot buy NetFlow logs, etc.). :They could perform BGP hijacking then monitor which IPs are trying to :connect to them to discover if they are users of your guard. Such an :attack is very noisy and would not go unnoticed for long. : :Think of it like a remote denial of service attack where the attackers :are also able to see who is getting denied. : :> I have turned off the Guard capability for now. : :You don't have to turn it off. It's still helpful to the network. : :Regards, :forest :-----BEGIN PGP SIGNATURE----- : :iQIzBAEBCgAdFiEEvLrj6cuOL+I/KdxYBh18rEKN1gsFAmlFHysACgkQBh18rEKN :1gsQzRAAgsyP9JwTEdQUlnDC+f49rcvlrSzCSQ5bXIw5XofWcmvITWlX4/ll/sjE :x/GUEF5CEXI0EISosWNp2u+w3/BwYou0Zz/ihcrH+STACnt2OaD2x6Em2jEebYUU :+WKmIlCVqIlsBNr99KecS0QOz2pBUthkb1/sw6quwgPi/Yi2HIQpKzUXECJwgBbc :RpVZCE7xAGS1rsm2oNR3KDbUXGrbvY0WAOFxYbBtJtPvA3sbsWNIrMm6Q1QVqmf9 :9j6cUP+aNs8uKi9BWLcEhQAv9Pb657IUvONHI90mq8aGz+iW3oN/bRFd/1XLUrL7 :sE2zmuEvQsLDFEyZrK0eQTShtO7ZVT9D37AiBxUxIDM3XdDpCNgd9HqlVd0Nbr0G :j9aK2k3W+BdpptjHVTfaL/M9P9UePNMzuZTCTNsHygx3b8aJsOFuYKOAgitcfmYY :mkRjtW343IzKC67MCJEGe+qISodnnzXJ9iMiEj0gqNknOzbaJaZm0ndhDcTovijy :YiNVZ84H/+JA5DnRZ43JkXLTjitO+vZbWvR9obCs9fkgDXm6Z4CJadHiXCEkTwpj :UIySlPjq0au4ln2uzKoYO4fwSJ+M/sMbDVu9IxtL1UlENMBTd4v6XLUvv7T1SmT2 :DUodg7WO2uzRfdpacm5uYafLh5mkAnCmc5ZLE6wkvsLArW0z/VQ= :=hGdW :-----END PGP SIGNATURE----- :_______________________________________________ :tor-relays mailing list -- tor-relays@lists.torproject.org :To unsubscribe send an email to tor-relays-leave@lists.torproject.org