[tor-dev] multiple relay identities on a single IP:port, bug or feature?
isis at torproject.org
Wed Sep 16 21:23:14 UTC 2015
nusenu transcribed 2.5K bytes:
> in the last two days someone started generating a steady amount of new
> relay fingerprints on a single IP:port (2 per hour, actually a lot more
> than that but only to make it into the consensus) .
> I'm surprised that actually both of them end up in the consensus.
> search for "188.8.131.52 51256" - you will find it twice.
> Does that make sense or is this a bug?
The normal setting for AuthDirMaxServersPerAddr is 2, so a relay can use the
same IP twice. See get_possible_sybil_list().  We don't check whether the
same IP:port pair was used multiple times, (I would assume) because 1) you
can't bind to the same port twice, and 2) even if you could, you'd reply half
the time with the wrong set of keys and the other end would tear down the
circuit/connection. You're right that this relay shouldn't be in the
consensus twice (or at all).
FWIW, my guess it that that relay is trying to attack the HSDir hashring by
churning through ID keys, rather than actually trying to get multiple copies
of the same IP:port pair listed in the consensus.
♥Ⓐ isis agora lovecruft
Current Keys: https://blog.patternsinthevoid.net/isis.txt
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 1240 bytes
Desc: Digital signature
More information about the tor-dev