[tor-relays] Network scan results for CVE-2016-5696 / RFC5961
pa011
pa011 at web.de
Sat Dec 10 19:46:12 UTC 2016
> I would however be very interested to hear back from tor-relay operators
> if any of them have found Challenge ACK counter values higher than
> a million... which would indicate some kind of funny business.
>
Thanky you for your work.
I know of 3 relays with ACK above 1 million:
TCPChallengeACK: 1081146
TCPSYNChallenge: 1062995
TCPChallengeACK: 1270948
TCPSYNChallenge: 1254428
TCPChallengeACK: 1189549
TCPSYNChallenge: 1171422
all running under Linux vm20198 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19) x86_64 GNU/Linux
There seems to be no relation between uptime of the server and challenges apart from rebooting, which resets to 0.
What about relays not on the list at all?
I would assume that not everybody of that 23 percent does know what exactly to do, apart from better running on BSD - could you please give detailed recommendation for beginners - your discussion seems on a high level :-)
Thanks and regards
Paul
More information about the tor-relays
mailing list