Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Liveness collisions and bugs #114

Open
jmwample opened this issue Dec 8, 2021 · 0 comments
Open

Liveness collisions and bugs #114

jmwample opened this issue Dec 8, 2021 · 0 comments

Comments

@jmwample
Copy link
Member

jmwample commented Dec 8, 2021

Problem

Station B is seeing a large number of live phantom responses from subnets past multiple other stations that are definitively not live. This indicates that the stations themselves are responding to the liveness testing which should not be possible. Also, registrations shared over the registration API are not subject to some block-list / IP version settings meaning stations that do not support IPv6 and have EnableV6 set to false are reporting many failed liveness tests because IPv6 phantoms are unreachable.


Station A is receiving these registrations - sharing them over the API.

Station B is receiving the registrations as an API registration and scanning. It generates both v4 and v6. This would be filtered at the generation phase typically, but since it came from the API it isn't generated locally. So there are a bunch of scans that just fail because station B doesn't even have IPv6.

May only be when decoy registrar shares over API

This is true for ipv4 and ipv6 and somehow bypasses the local correctness / blocklist checks.

Solution

  1. Ensure that the detector_filter_list is applied in detector properly
  2. Apply phantom IP version settings before running phantom liveness test

Keep PR #75 in mind while fixing this issue.

jmwample added a commit that referenced this issue Dec 8, 2021
This fix attempts to address two contributing factors to a relatively
large number of live phantoms seen in a multi-station deployment.
* refactor, simplify, and add test for detector filter list checks in detector
* add EnableV{4,6} check before continuing with a liveness scan for IPv{4,6}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant