[tor-relays] network scan results for CVE-2016-5696 / rfc 5961
Univibe
univibe at protonmail.com
Thu Nov 17 19:24:38 UTC 2016
My relays have been patched to the latest available kernels, and aren't in the list of vulnerable relays, however they still show high values for TCPSYNChallenge:
----
$ ansible tor -a 'bash -c "netstat -s | grep -i challenge"' -b --ask-become-pass
lon | SUCCESS | rc=0 >>
TCPChallengeACK: 14197
TCPSYNChallenge: 2926
fra | SUCCESS | rc=0 >>
TCPChallengeACK: 12907
TCPSYNChallenge: 3461
----
$ ansible tor -a 'bash -c "cat /etc/lsb-release && uname -rv"' -b --ask-become-pass
fra | SUCCESS | rc=0 >>
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.5 LTS"
3.13.0-101-generic #148-Ubuntu SMP Thu Oct 20 22:08:32 UTC 2016
lon | SUCCESS | rc=0 >>
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=14.04
DISTRIB_CODENAME=trusty
DISTRIB_DESCRIPTION="Ubuntu 14.04.5 LTS"
3.13.0-101-generic #148-Ubuntu SMP Thu Oct 20 22:08:32 UTC 2016
----
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20161117/78d6d851/attachment.html>
More information about the tor-relays
mailing list