@eyedeekay
+R4SAS
+RN
+RN_
+Xeha
+orignal
FreeRider
Irc2PGuest22478
Irc2PGuest48042
Onn4l7h
Onn4|7h
T3s|4_
aargh3
acetone_
anon4
eyedeekay_bnc
not_bob_afk
profetikla
shiver_1
u5657
weko_
x74a6
zzz
whoa
zzz
actual spoofed packet source address seen in the wild
zzz
12/11 14:32:54.014 WARN [ handler 1/1] sport.udp.EstablishmentManager: Receive session request from invalid: 192.168.39.122:14194
orignal
most likely NAT bug on router
orignal
btw I saw bunch of such addreses in DC
orignal
looks like incorrect network configuratio
zzz
agreed, probably not malicious
zzz
but a good reminder that "spoofed source address" is not just a theoretical problem
zzz
orignal, new problem for today:
zzz
87 byte session requests from i2pd 0.9.56
zzz
minimum size is 88, must have address or padding block, not just datetime
zzz
examples:
zzz
12-11 21:35:26.946 WARN [ handler 1/1] er.transport.udp.PacketHandler: Failed decrypt Session/Token Request after Retry: Long header destID -2081113727930571366 pkt num 0 type 0 version 2 netID 2 srcID 1791444612602789657 token 2542943924913350055 len 87 on IES2 185.188.183.161:27624 lifetime: 3959ms Rcv ID: 7265017617073603324 Send ID: 1791444612602789657 IB_STATE_RETRY_SENT
zzz
12-11 21:51:00.823 WARN [ handler 1/1] er.transport.udp.PacketHandler: Failed decrypt Session/Token Request after Retry: Long header destID -9154718973149937510 pkt num 0 type 0 version 2 netID 2 srcID 7477907905125254383 token 6542935100645713590 len 87 on IES2 85.29.92.85:24605 lifetime: 40ms Rcv ID: 7703710373215992884 Send ID: 7477907905125254383 IB_STATE_RETRY_SENT