hack attempts of Tor?
alexyz at uol.com.br
alexyz at uol.com.br
Wed Apr 13 14:12:10 UTC 2005
I´ve been getting the following warning messages a lot:
Apr 13 10:11:39.984 [warn] connection_tls_finish_handshake(): Identity key not as expected for router claiming to be 'JAP'
(131.251.37.132:4434)
There IS a ´jap´ nick in the list of tor nodes but the IP is 141.76.46.90 (currently, at least). This obviously doesn´t look good.
I also got earlier a suspicious warning message. Something about Cookie not as expected (logging is currently off, I´m not sure
how to properly turn it on...). In the manual there is something about controling Tor (and it involves CookieAuthentication) but I
think it will only accept local connections. Anyway, if I had the mindset of a hacker, I would certainly explore the possibilities of
taking control over Tor servers using this feature.
I hope you developers and network experts have your eye on this (if indeed this a cause for concern). I can see that Tor usage is
gaining momentum and the volume of hack attempts is surely to go up as Tor´s popularity increases.
cheers
More information about the tor-talk
mailing list