TorChat is a security hazard (Answer)
Bernd
prof7bit at googlemail.com
Thu Dec 16 16:46:05 UTC 2010
2010/12/13 <prof7bit at googlemail.com>:
> I have committed a patch that will explicitly check for your scenario
> and immediately discard the wrong pong message.
Wow! I see a lot of creative hacking currently going on on in my log file,
somebody is really desperately trying to send all sorts of pings
and pongs to me with forged addresses and cookies but it all results in
either dropping the connection or simply ignoring it, no disruption
of normal operation :-)
Bernd
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk in the body. http://archives.seul.org/or/talk/
More information about the tor-talk
mailing list