-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 [moved to tor-relays]
Hi relay ops, please consider having a regular look at your logs after upgrading to the latest tor releases to spot relay_early attacks (even if the attack origin is not directly attributable from a relays point of view). searching your logs for 'Received an inbound RELAY_EARLY cell' should do it. https://gitweb.torproject.org/tor.git/commitdiff/68a2e4ca4baa595cc4595a511db11fa7ccbbc8f7 >>> It doesn't have to decrypt the stream to see it, because >>> whether a cell is relay or relay_early is a property of the >>> (per hop) link, not a property of the (end-to-end) stream. >> >> Does a patched relay also create a log entry as soon as it >> "kills" the circuit or is logging only happening on tor instances >> acting as clients? > > The patched relay also does a log message, yes. > > But the relay can only see its immediate neighbor in the circuit, > so it will only log that. Whether the attacking relay is that > (adjacent) one, or one farther on the circuit, isn't something your > relay can learn. -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJT3Bt6AAoJEDcK3SCCSvoensYQAJnuXhPNbhdJF7C6P9L8elG7 elPinCK6vmTbRXCoQam5j1VeL9C3FCBv415s811hfZxA37K17VdiKoS1NXB2kzkW 7WvL5/lH8culr83GTxrca0m7i2x6n0gCPOVPUWI3Go5bzwlsEidZsj7V14h2lfXH Ew8ZavvL0SLnRYJTvcjzqrWf3L8LsfYou6R2Y7yn085rGaGtUyVkQM44G9Zy3TVY 3lS4XqkZekXmmKjP06JjWdFMFdkaQhItbcdn3fF131ptlZlM5hFUaEpZHbpLLcjz fgJOt36jlkfILKRvxGyzcI118wmgrFVJFz9d7fuLVOdekK49aWxKh9Yh2aAekQEn Z3uF/eskL+Txptrc7iEKuWQZVlEkA8WVaQ70F1ADD/irln6ShJ17zrKqJ0qtaYlU V+CNfj/v2R6AgRhbVsNRdq8SWhDz4Nk4WgdYoUvxzgM1jmkAhQamlkC4f6JCqVQE /O0qeuXr/Z02pBwshcZlqKnBmPtuilSZwmlstIEfPAX9Tg6S1a0B/ycp3ByyJHJP QUNKwJ/cHtLpdPmIh2XUOT/5Kf10qmrLP5amYdRtBh304GoeHir3N/zfPmxdLfy7 Spb8W4p2C1HITzRlb9J97OGdKOR/2OOziZHOWZimF5O3fsrzsXQZe3Wlwbt5AxtY LJ5aXCUjNJ/TXe93nSQH =3FwX -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
