Hello,
I got the same message this week for my servers. I find it difficult to determine the actual risk, but even if there's a small change it can be used to de-anonymize or cause havoc like spamming or DDoS, it's worth solving in my opinion.
Setting maxLength smaller reduces the attack surface at least, but really solving it needs stuff like BGPSec.
Reached out to my service provider and they sent my request to the specific department. I'm curious what they will respond.
Regards,
Jonathan
···
Am 19. Dezember 2025 01:46:28 MEZ schrieb krishna e bera via tor-relays <tor-relays@lists.torproject.org>:
Hi all,
Just got the below notice from researchers.
Is the stated vulnerability an actively exploited problem or is this a DoS attack by scaremongering?
This topic seems to have been covered in https://nusenu.medium.com/how-vulnerable-is-the-tor-network-to-bgp-hijacking-attacks-56d3b2ebfd92
but i am not sure how to apply it to my situation.
I have turned off the Guard capability for now.
Doubtful i can influence the service provider to get them to publish a new ROA.
Is there another mitigation?
Regrets to all who were using the service
-------- Forwarded Message --------
Subject: Potential vulnerability found in your Tor Relay
Date: Thu, 18 Dec 2025 23:57:20 +0000
From: ENGR - SIDRHello,
We are writing to alert you that your Tor relay(s) (Pasquino3) is/are vulnerable to active BGP attacks that could be used to de-anonymize users. The best mitigation to help protect your relay is to have your service provider publish a ROA for prefix(es) 209.44.96.0/19 at AS(es) 10929 with a maxLength(s) of 19.
We are researchers from the University of Connecticut reaching out to inform you that your Tor guard relay with IP address(es) 209.44.114.178 (Pasquino3) is/are currently covered by a Route Origin Authorization (ROA) which has an improperly configured maxLength attribute. This makes it vulnerable to BGP subprefix origin hijacks, where a malicious autonomous-system-level attacker may announce a subprefix of 209.44.96.0/19 and misdirect traffic destined with a high (>99%) rate of success. Guidance on how to correctly set the maxLength attribute is contained in RFC 9319 - The Use of maxLength in the Resource Public Key Infrastructure (RPKI).
We determined this vulnerability using public data sets including relay information from the Tor consensus, the RIPEStat data for IP prefix, and ROA coverage information. Feel free to contact us if you have further questions.
For further information on ROAs, see BGP Origin Validation — RIPE Network Coordination Centre
If you are not a Tor relay operator and this message reached you in error, please let us know.
Thank you,
UConn Secure Interdomain Routing Group
_______________________________________________
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org
--
/ Jonathan van der Steege
My GnuPG key is: c6f32128e7522f4acb878d6a4a9f0b50ace75416 <keys.openpgp.org;
_______________________________________________
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-leave@lists.torproject.org