Hello.
krishna e bera wrote:
Is the stated vulnerability an actively exploited problem or is this
a DoS attack by scaremongering?
My guess is it is neither. I would be that it's just some over-excited
researchers who want to get the news out about just how awful BGP is.
But, while it is "exploitable", there's not much that can be done with
it. All an attacker could do is cause the connections destined for your
relay to go to their servers instead. But crucially, they do not have
your relay key, so all other relays and clients would refuse to connect
to them.
I suppose it could be used in combination with a guard discovery attack
to deanonymize a small set of people if the attacker does not have any
access between you and the targets (and cannot buy NetFlow logs, etc.).
They could perform BGP hijacking then monitor which IPs are trying to
connect to them to discover if they are users of your guard. Such an
attack is very noisy and would not go unnoticed for long.
Think of it like a remote denial of service attack where the attackers
are also able to see who is getting denied.
I have turned off the Guard capability for now.
You don't have to turn it off. It's still helpful to the network.
Regards,
forest
···
_______________________________________________
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org
This is also my assesment.
It is "real" but not very high risk. I got the same notice and may
have some traction since my "ISP" is another unit in my university.
If you can get it fixed that's better, but if your ISP doesn't doesn't
respond I wouldn't change your operations becasue of it.
-Jon
···
--
Jonathan Proulx (he/him)
Sr. Technical Architect
The Infrastructure Group
MIT CSAIL
On Fri, Dec 19, 2025 at 09:47:59AM +0000, forest-relay-contact--- via tor-relays wrote:
:-----BEGIN PGP SIGNED MESSAGE-----
SHA512
:
:Hello.
:
:krishna e bera wrote:
:> Is the stated vulnerability an actively exploited problem or is this
:> a DoS attack by scaremongering?
:
:My guess is it is neither. I would be that it's just some over-excited
:researchers who want to get the news out about just how awful BGP is.
:But, while it is "exploitable", there's not much that can be done with
:it. All an attacker could do is cause the connections destined for your
:relay to go to their servers instead. But crucially, they do not have
:your relay key, so all other relays and clients would refuse to connect
:to them.
:
:I suppose it could be used in combination with a guard discovery attack
:to deanonymize a small set of people if the attacker does not have any
:access between you and the targets (and cannot buy NetFlow logs, etc.).
:They could perform BGP hijacking then monitor which IPs are trying to
:connect to them to discover if they are users of your guard. Such an
:attack is very noisy and would not go unnoticed for long.
:
:Think of it like a remote denial of service attack where the attackers
:are also able to see who is getting denied.
:
:> I have turned off the Guard capability for now.
:
:You don't have to turn it off. It's still helpful to the network.
:
:Regards,
:forest
:-----BEGIN PGP SIGNATURE-----
:
:iQIzBAEBCgAdFiEEvLrj6cuOL+I/KdxYBh18rEKN1gsFAmlFHysACgkQBh18rEKN
:1gsQzRAAgsyP9JwTEdQUlnDC+f49rcvlrSzCSQ5bXIw5XofWcmvITWlX4/ll/sjE
:x/GUEF5CEXI0EISosWNp2u+w3/BwYou0Zz/ihcrH+STACnt2OaD2x6Em2jEebYUU
:+WKmIlCVqIlsBNr99KecS0QOz2pBUthkb1/sw6quwgPi/Yi2HIQpKzUXECJwgBbc
:RpVZCE7xAGS1rsm2oNR3KDbUXGrbvY0WAOFxYbBtJtPvA3sbsWNIrMm6Q1QVqmf9
:9j6cUP+aNs8uKi9BWLcEhQAv9Pb657IUvONHI90mq8aGz+iW3oN/bRFd/1XLUrL7
:sE2zmuEvQsLDFEyZrK0eQTShtO7ZVT9D37AiBxUxIDM3XdDpCNgd9HqlVd0Nbr0G
:j9aK2k3W+BdpptjHVTfaL/M9P9UePNMzuZTCTNsHygx3b8aJsOFuYKOAgitcfmYY
:mkRjtW343IzKC67MCJEGe+qISodnnzXJ9iMiEj0gqNknOzbaJaZm0ndhDcTovijy
:YiNVZ84H/+JA5DnRZ43JkXLTjitO+vZbWvR9obCs9fkgDXm6Z4CJadHiXCEkTwpj
:UIySlPjq0au4ln2uzKoYO4fwSJ+M/sMbDVu9IxtL1UlENMBTd4v6XLUvv7T1SmT2
:DUodg7WO2uzRfdpacm5uYafLh5mkAnCmc5ZLE6wkvsLArW0z/VQ=
:=hGdW
:-----END PGP SIGNATURE-----
:_______________________________________________
:tor-relays mailing list -- tor-relays@lists.torproject.org
:To unsubscribe send an email to tor-relays-leave@lists.torproject.org