@eyedeekay
&Irc2PGuest88200
&zzz
+R4SAS
+RN
+StormyCloud
+T3s|4
+acetone
+altonen
+dr|z3d
+eche|off
+hagen
+mareki2p
+orignal
+postman
+radakayot
+snex
+wodencafe
Arch2
Danny
DeltaOreo
FreeB
FreefallHeavens
Irc2PGuest30843
Irc2PGuest59134
Irc2PGuest59581
Irc2PGuest70083
Irc2PGuest96449
Irc2PGuest97049
Onn4l7h
Onn4|7h
Sisyphus
Sleepy
T3s|4_
aeiou
ardu
b3t4f4c3___
b4dab00m
bak83_
boonst
cumlord
death
dr4wd3
duck
enoxa
eyedeekay_bnc
not_bob_afk
onon_
phil
phobos_
pisslord
poriori_
profetikla
qend-irc2p
rapidash
shiver_1
solidx66
u5657
uop23ip
w8rabbit
weko_
x74a6
eyedeekay
I was thinking about the oddities in the reseed traffic and I had an idea, not sure if it's viable...
eyedeekay
Could we send a signing key from the router attempting the reseed, along with some signed piece of contemporary shared information like a timestamp, in the HTTP headers with the `get` when the reseed is fetched?
eyedeekay
Allowing the reseed server to verify that the agent they are serving the reseed to is likely to be an I2P router?
zzz
there's the user-agent check for wget already
eyedeekay
Yeah I know, just wondering if this is harder to "fake"
eyedeekay
Not sure it is just wondering
zzz
we've isolated the tm botnet to five /24s, if they're still around in a month we'll probably block them in the release