[tor-relays] Any security tips on running a TOR relay?
Green Dream
greendream848 at gmail.com
Fri Aug 5 01:48:31 UTC 2016
P.S. Tristan, here's the explanation from that mailing list... just in case
people can't access the link or it goes away:
"Yes, it has everything to do with those flag bits. For TCP connections,
Linux tends to use a "half-duplex" close sequence where either side of the
session can initiate connection termination via a single 2 way FIN-ACK
handshake (which puts the connection into the CLOSE_WAIT state), instead of
a full 4 way FIN-ACK handshake. When one also includes routers and such, it
is not uncommon, indeed common, that one side might think the connection
has been terminated, while the other side thinks it has still open or not
fully terminated. Your log file is, most probably, showing entries for
cases where your computer thinks the tcp had been closed and it has
forgotten about it, but the client is trying to close the session. In the
case where you got a RST bit, it can be because the client gave up trying
the FIN method and now is just trying to reset the connection. By
observation only, rather than authoritative reference, it seems that Apple
computers tend to use FIN and FIN-ACK more, and MS windows computers tend
to use RST more.
Conclusion: Everything is fine."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160804/1cec6a3f/attachment-0001.html>
More information about the tor-relays
mailing list