&zzz
+R4SAS
+T3s|4
+eche|off
+nilbog
+orignal
+postman
+qend-irc2p
+sourceress
Arch
Birdy
Danny
Irc2PGuest30010
Irc2PGuest36077
Irc2PGuest49364
Irc2PGuest51117
Irc2PGuest6564
Irc2PGuest65656
Irc2PGuest67278
Irc2PGuest74235
Irc2PGuest83482
MatrixBot
Onn4l7h
Over
Sleepy
Teeed
Yotsu
__bob_
aargh3
ac9f
acetone_
ahiru
anontor
b3t4f4c3__
dr4wd3_
dr|z3d
duanin2
hababam
hagen_
leopold
makoto
marek
marek22k
n2
noidea
not_bob_afk2
nyaa2pguy
o3d3_
poriori
profetikla
r00tobo
rapidash
solidx66
stormycloud[m]
test7363673
uop23ip
urist_
user_
w8rabbit
zelgomer
eyedeekay
I was thinking about the oddities in the reseed traffic and I had an idea, not sure if it's viable...
eyedeekay
Could we send a signing key from the router attempting the reseed, along with some signed piece of contemporary shared information like a timestamp, in the HTTP headers with the `get` when the reseed is fetched?
eyedeekay
Allowing the reseed server to verify that the agent they are serving the reseed to is likely to be an I2P router?
zzz
there's the user-agent check for wget already
eyedeekay
Yeah I know, just wondering if this is harder to "fake"
eyedeekay
Not sure it is just wondering
zzz
we've isolated the tm botnet to five /24s, if they're still around in a month we'll probably block them in the release