&zzz
+RN
+StormyCloud
+T3s|4
+cumlord
+dr|z3d
+orignal
+postman
+qend-irc2p
+snex
Arch
Birdy
BubbRubb
Chrono
Daddy_
DeltaOreo
FreefallHeavens
Irc2PGuest16794
Irc2PGuest17912
Irc2PGuest38599
Irc2PGuest44009
Irc2PGuest46786
Irc2PGuest51725
Irc2PGuest74254
Irc2PGuest88931
Irc2PGuest93823
Irc2PGuest94409
Onn4l7h
Onn4|7h
Over
Sisyphus
Sleepy
T3s|4_
Teeed
aargh2
ac9f
acetone_
anontor
b3t4f4c3___
dr4wd3
duanin2
eyedeekay_bnc
gellegery
leopold
makoto
nilbog
poriori_
profetikla
r00tobo
rapidash
shiver_
solidx66_
thetia
u5657
vivid_reader56
w8rabbit
wodencafe
x74a6
xHarr
eyedeekay
I was thinking about the oddities in the reseed traffic and I had an idea, not sure if it's viable...
eyedeekay
Could we send a signing key from the router attempting the reseed, along with some signed piece of contemporary shared information like a timestamp, in the HTTP headers with the `get` when the reseed is fetched?
eyedeekay
Allowing the reseed server to verify that the agent they are serving the reseed to is likely to be an I2P router?
zzz
there's the user-agent check for wget already
eyedeekay
Yeah I know, just wondering if this is harder to "fake"
eyedeekay
Not sure it is just wondering
zzz
we've isolated the tm botnet to five /24s, if they're still around in a month we'll probably block them in the release