Third update on the ongoing network attacks

Yesterday we released v0.17.1.8, it appears that this release resolved:

  • Synchronized OK spam
  • Public node high CPU usage
  • +2 attack (at least the attacker stopped this for now, we will see if it comes back in the future)

We also added mitigations to the memory exhaustion attack, unfortunately the attacker found a second method. It is possible that the attacker got inspired by our Github activity, as we didn't include all our fixes in v0.17.1.8 due to time reasons.

Tomorrow we will put out a new release with the following:

  • Stricter portable storage sanity checks to avoid memory exhaustion attack
  • Aggressive pre-handshake p2p buffer limit
  • Packet size limits for different commands
  • Detect and kick nodes that stay on "synchronizing"

Here is a technical explanation by vtnerd why solving this memory exhaustion attack is more difficult than just "limit request buffer size" which was suggested multiple times in the previous post: https://www.reddit.com/r/Monero/comments/km276x/second_monero_network_attack_update/ghm3yzc/


Instructions for applying the ban list in case your node has issues:

CLI:

  1. Download this file and place it in the same folder as monerod / monero-wallet-gui: https://gui.xmr.pm/files/block_tor.txt

  2. Add --ban-list block_tor.txt as daemon startup flag.

  3. Restart the daemon (monerod).

GUI:

  1. Download this file and place it in the same folder as monerod / monero-wallet-gui: https://gui.xmr.pm/files/block_tor.txt

  2. Go to the Settings page -> Node tab.

  3. Enter --ban-list block_tor.txt in daemon startup flags box.

  4. Restart the GUI (and daemon).

submitted by /u/selsta
[link] [comments]

Leave a Reply

Your email address will not be published. Required fields are marked *