IRCaBot 2.1.0
GPLv3 © acetone, 2021-2022
#ls2
/2022/12/11
zzz whoa
zzz actual spoofed packet source address seen in the wild
zzz 12/11 14:32:54.014 WARN [ handler 1/1] sport.udp.EstablishmentManager: Receive session request from invalid: 192.168.39.122:14194
orignal most likely NAT bug on router
orignal btw I saw bunch of such addreses in DC
orignal looks like incorrect network configuratio
zzz agreed, probably not malicious
zzz but a good reminder that "spoofed source address" is not just a theoretical problem
zzz orignal, new problem for today:
zzz 87 byte session requests from i2pd 0.9.56
zzz minimum size is 88, must have address or padding block, not just datetime
zzz examples:
zzz 12-11 21:35:26.946 WARN [ handler 1/1] er.transport.udp.PacketHandler: Failed decrypt Session/Token Request after Retry: Long header destID -2081113727930571366 pkt num 0 type 0 version 2 netID 2 srcID 1791444612602789657 token 2542943924913350055 len 87 on IES2 185.188.183.161:27624 lifetime: 3959ms Rcv ID: 7265017617073603324 Send ID: 1791444612602789657 IB_STATE_RETRY_SENT
zzz 12-11 21:51:00.823 WARN [ handler 1/1] er.transport.udp.PacketHandler: Failed decrypt Session/Token Request after Retry: Long header destID -9154718973149937510 pkt num 0 type 0 version 2 netID 2 srcID 7477907905125254383 token 6542935100645713590 len 87 on IES2 85.29.92.85:24605 lifetime: 40ms Rcv ID: 7703710373215992884 Send ID: 7477907905125254383 IB_STATE_RETRY_SENT