BOGUS AUTHORITY ALERT: interesting cached-status/1A0999C05AE2B9A3CF474077F06060E91B3A847 file
Kyle Williams
kyle.kwilliams at gmail.com
Tue Apr 1 03:24:10 UTC 2008
Scott Bennett wrote:
> It has now been several hours since I posted a message about an impostor
> authority. Having received no response thus far from the list, I am reposting
> the message below with a stronger Subject: line. I'd also like to make the
> additional comment that I would very much like to see a torrc line available,
> similar to ExcludeNodes, that would allow individual tor operators to ignore
> specific directory servers when those operators decide there is a problem with
> those servers. For example, "ExcludeAuthorities" would refuse to accept status
> or consensus documents from the listed servers. "ExcludeDirectoryNodes" would
> refuse to contact the DirPort of each listed server.
>
> Scott
> ---------------------------------------------------------------------
> This cached-status file begins with:
>
> dir-source s15192785 212.227.86.59 9030
> fingerprint 1A0999C05AE2B9A3CF474077F06060E91B3A847B
> contact Random Person <stfu at tor.invalid>
> published 2008-03-29 09:54:11
> dir-options
> dir-signing-key
> -----BEGIN RSA PUBLIC KEY-----
> MIGJAoGBAM8/5QA67aqGKO8z65hB+noDVOjZaZg1FAzou5wHlx0Q8UgfCmwVbCE0
> tvd1hP2pBl0+4vHaYE0/p2DDll2Zn2BjBdQcI4AYcPA1CjlYdDNl316d3PwTVArc
> OpfckZireM0LprNId0PXSycKmwmWxeX88t66eNGyFxnsjamK2k3ZAgMBAAE=
> -----END RSA PUBLIC KEY-----
>
> The above lines are then followed by the usual "r" and "s" lines, but oddly
> enough, no "opt" lines. Usually I see three lines (one of each of the above)
> for each router.
> However, looking for that IP address (212.227.86.59) in this section, I
> find not "s15192785", but "abutor":
>
> r abutor GgmZwFriuaPPR0B38GBg6Rs6hHs 4Oj8zvA0SAIoRuEI2y9MsGYsBk4 2008-03-28 21:07:43 212.227.86.59 9001 9030
> s Authority Fast Stable Running Valid V2Dir
>
> Notice the "Authority" flag in the "r" line above. This flag does not appear
> for this router in any of the other four cached-status files.
> So how do I block this bogus cached-status file and its illegitimate
> "Authority" flag for a screwed up router with bad contact information?
>
>
> Scott Bennett, Comm. ASMELG, CFIAG
> **********************************************************************
> * Internet: bennett at cs.niu.edu *
> *--------------------------------------------------------------------*
> * "A well regulated and disciplined militia, is at all times a good *
> * objection to the introduction of that bane of all free governments *
> * -- a standing army." *
> * -- Gov. John Hancock, New York Journal, 28 January 1790 *
> **********************************************************************
>
>
Very interesting, and thank you very much for keeping an eye on this for
the rest of us. I was wondering why I was getting weird error messages
about not being able to match some descriptors in my tor.log file, but I
didn't save it so I can't compare it to your findings.
I'll keep my eye out now for sure though....thanks again.
- Kyle
More information about the tor-talk
mailing list