[tor-bugs] #9653 [Tor]: Count v2 vs v3 link handshakes at relays

[Tor Bug Tracker & Wiki]

#9653: Count v2 vs v3 link handshakes at relays
-----------------------+----------------------------------
 Reporter:  arma       |          Owner:
     Type:  defect     |         Status:  new
 Priority:  normal     |      Milestone:  Tor: unspecified
Component:  Tor        |        Version:
 Keywords:  tor-relay  |  Actual Points:
Parent ID:             |         Points:
-----------------------+----------------------------------
 We're not sure what version the two million new botnet clients are
 running. It might be Tor 0.2.2, in which case we can distinguish them by
 their link handshake version.

 We have lines like
 {{{
 dirreq-v3-reqs
 us=56,fr=32,it=32,de=24,es=24,br=16,ru=16,ua=16,??=8,ar=8,at=8,au
 =8,bd=8,be=8,bj=8,ca=8,ch=8,co=8,cz=8,dz=8,eg=8,gb=8,ge=8,hk=8,id=8,ie=8,il=8,in
 =8,ir=8,is=8,jp=8,kr=8,lb=8,lt=8,lv=8,ma=8,md=8,mx=8,nl=8,no=8,ph=8,pl=8,ro=8,sa
 =8,se=8,sg=8,sy=8,tr=8,tw=8,ve=8
 dirreq-v2-reqs
 }}}
 in extra info descriptors. We could add new similar lines for link
 handshakes. I worry about a few edge cases though, where there's one
 client left in the world using the v1 handshake, and somehow the exit
 relay can recognize it too, and now the guard node tells everybody that
 it's the guard for that client.

 In any case, step one is to write a quick hack to count them up, for
 overloaded relay operators to run.

-- 
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/9653>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online