From: Jeremy <jlrubin@MIT•EDU>
To: Jeremy <jlrubin@mit•edu>, btcsf@omni•poc.net
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>, alex@stamos•org
Subject: Re: [Bitcoin-development] Abnormally Large Tor node accepting only Bitcoin traffic
Date: Sun, 27 Jul 2014 22:17:19 -0400 [thread overview]
Message-ID: <CAD5xwhhf=RPXaF-zztUcnfM7st7g0yVG=pREWBLKxkZEgUA_Ug@mail.gmail.com> (raw)
In-Reply-To: <CAD5xwhhKKooGBfSY3nZzMmS=3WD=EdX9FQ7mZtQL3fkikuwyLg@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 969 bytes --]
Credit to Anatole Shaw for discovering.
On Sun, Jul 27, 2014 at 10:12 PM, Jeremy <jlrubin@mit•edu> wrote:
> Hey,
>
> There is a potential network exploit going on. In the last three days, a
> node (unnamed) came online and is now processing the most traffic out of
> any tor node -- and it is mostly plaintext Bitcoin traffic.
>
>
> http://torstatus.blutmagie.de/router_detail.php?FP=0d6d2caafbb32ba85ee5162395f610ae42930124
>
> Alex Stamos (cc'ed) and I have been discussing on twitter what this could
> mean, wanted to raise it to the attention of this group for discussion.
>
> What we know so far:
>
> - Only port 8333 is open
> - The node has been up for 3 days, and is doing a lot of bandwidth, mostly
> plaintext Bitcoin traffic
> - This is probably pretty expensive to run? Alex suggests that the most
> expensive server at the company hosting is 299€/mo with 50TB of traffic
>
>
> --
> Jeremy Rubin
>
--
Jeremy Rubin
[-- Attachment #2: Type: text/html, Size: 2466 bytes --]
next prev parent reply other threads:[~2014-07-28 2:17 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-07-28 2:12 Jeremy
2014-07-28 2:17 ` Jeremy [this message]
2014-07-28 2:29 ` Gregory Maxwell
2014-07-28 2:40 ` Peter Todd
2014-07-28 2:45 ` Gregory Maxwell
2014-07-28 2:49 ` Michael Wozniak
2014-07-28 2:54 ` mbde
2014-07-28 3:44 ` Gregory Maxwell
2014-07-28 7:41 ` Drak
2014-07-28 10:16 ` Mike Hearn
2014-07-28 11:28 ` Peter Todd
2014-07-28 12:31 ` Robert McKay
2014-07-28 14:08 ` Gregory Maxwell
2014-07-28 16:13 ` s7r
2014-07-28 11:37 ` s7r
2014-07-28 3:13 ` Robert McKay
2014-07-28 3:07 ` Gregory Maxwell
2014-07-28 3:12 Anatole Shaw
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAD5xwhhf=RPXaF-zztUcnfM7st7g0yVG=pREWBLKxkZEgUA_Ug@mail.gmail.com' \
--to=jlrubin@mit$(echo .)edu \
--cc=alex@stamos$(echo .)org \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=btcsf@omni$(echo .)poc.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox