+R4SAS
+RN_
+acetone
+mareki2p
+nyaa2pguy
+orignal
+postman
+qend-irc2p
+wodencafe
Arch
FreefallHeavens
Irc2PGuest15434
Irc2PGuest16019
Irc2PGuest20377
Irc2PGuest33925
Irc2PGuest35412
Irc2PGuest77921
MatrixBot
NiceBoat
Onn4l7h
Onn4|7h
Over
Romster
Sisyphus
StormyCloud
T3s|4
T3s|4_
Teeed
aargh4
ahiru
ananas
anontor2
b3t4f4c3___
cims
dr4wd3_
dr|z3d
duanin2
eche|off
mahlay
makoto
marek
n2_
nilbog
not_bob_afk2
o3d3
poriori
profetikla
r00tobo
rapidash
rednode
sahil
solidx66
stormycloud[m]
sublimia
test3847473
uop23ip
urist_
vivid_reader56
x74a6
zelgomer
zzz
eyedeekay
I was thinking about the oddities in the reseed traffic and I had an idea, not sure if it's viable...
eyedeekay
Could we send a signing key from the router attempting the reseed, along with some signed piece of contemporary shared information like a timestamp, in the HTTP headers with the `get` when the reseed is fetched?
eyedeekay
Allowing the reseed server to verify that the agent they are serving the reseed to is likely to be an I2P router?
zzz
there's the user-agent check for wget already
eyedeekay
Yeah I know, just wondering if this is harder to "fake"
eyedeekay
Not sure it is just wondering
zzz
we've isolated the tm botnet to five /24s, if they're still around in a month we'll probably block them in the release