[tor-relays] EventDNS error
Tim Wilson-Brown - teor
teor2345 at gmail.com
Mon Jan 25 23:41:29 UTC 2016
> On 26 Jan 2016, at 01:12, TorOp AnonymizedDotIo1 <torrelay at anonymized.io> wrote:
>
> Hi,
>
> Over the weekend I started having those kind of error popping on my log at a very high rate (a few per seconds):
>
> Jan 25 09:00:00.000 [warn] eventdns: Address mismatch on received DNS packet. Apparent source was xxx.237.192.xxx:61083
>
> Apparent source is not my IP and is different at every error message. I restarted my relay and I have stopped happening. I am running my own local unbound DNS server.
>
> Is it some kind of attack or simply an error that happened over the weekend? I have never seen it before.
This error is logged when Tor sends a DNS query to an address, but gets a reply back from a different address.
This could be an attack, or a misconfigured DNS server, or simply a multihomed DNS server.
Tim
Tim Wilson-Brown (teor)
teor2345 at gmail dot com
PGP 968F094B
teor at blah dot im
OTR CAD08081 9755866D 89E2A06F E3558B7F B5A9D14F
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160126/1b6b1a76/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160126/1b6b1a76/attachment.sig>
More information about the tor-relays
mailing list