zzz
3383 inbound ntcp conns with a bad RI signature in 2 days
zzz
tweaking logging so I can classify
zzz
all from one router so far
zzz
no netid, no version
zzz
01-25 17:23:38.491 WARN [P reader 3/4] ort.ntcp.InboundEstablishState: Bad msg 3 payload
zzz
net.i2p.data.DataFormatException: Sig fail: [RouterInfo:
zzz
Identity: [RouterIdentity:
zzz
Hash: KcBxCvwwUWzTQQyWtf40lFjQ7X28p9~xiOunQ4fxMec=
zzz
Certificate: [Certificate: type: Key certificate
zzz
Crypto type: 4 (ECIES_X25519)
zzz
Sig type: 7 (EdDSA_SHA512_Ed25519)]
zzz
PublicKey: [PublicKey ECIES_X25519 EBa8IzNKll7HLnSNk~HM-B7RU~1UIhrIZDbRuI-D8Ak=]
zzz
SigningPublicKey: [SigningPublicKey EdDSA_SHA512_Ed25519 QhcSz8xrLct6igLEKbN7vujPYcN1DIn-eLg292BHtvc=]
zzz
Padding: 320 bytes]
zzz
Signature: [Signature EdDSA_SHA512_Ed25519: size: 64]
zzz
Published: Tue Jan 25 16:14:43 GMT 2022
zzz
Options (1):
zzz
[caps] = [L]
zzz
Addresses (1):
zzz
[RouterAddress:
zzz
Type: NTCP2
zzz
Cost: 3
zzz
Options (5):
zzz
[host] = [0.0.0.0]
zzz
[i] = [a68~YwZMUeusE4JtEUzFaA==]
zzz
[port] = [14374]
zzz
[s] = [raCnZlFAd-zBuFrLhmbm4wmMni5iGA3VQUD4d5ukaH8=]
zzz
[v] = [2]]]
zzz
now 3 IPs, very persistent, 42 total attempts in an hour
zzz
I'm going to add code to ban the IP on a RI sig fail in the handshake