Circuits being hijacked?
For all I know, this condition may be normal, but it seems odd to me and causes me to wonder if some routers have been compromised or if circuits are being hijacked.
First, I noticed that the Tor Detector sometimes reported that I was connecting from aala.MyLittleCorner.org (not sure if I remember the caps right), ip 184.108.40.206 -- which the detector said was not a valid Tor router. To add to the mystery, that router was supposedly configured as a middle-man only (reject :) in the cached-routers file.
Alarmed, I added the fingerprint for that router to the ExcludeNodes in my torrc file, cleared all the cache and state files, closed Tor, and re-started. Surprise, that router was still sometimes being reported as my exit node by the Tor detector and irc servers. Irc connections were extremely hard to come by and short-lived.
The Tor Detector page mentioned the possibility of a "multi-homed" router. Unable to find that term in the documentation, I decided to search the cache files for similar ip addresses. I found a total of five routers for ip 149.9.. -- all of them running FreeBSD i386 and Tor 0.1.0.16:
router mauger 220.127.116.11 9001 0 9030 platform Tor 0.1.0.16 on FreeBSD i386
router donk3ypunch 18.104.22.168 9001 0 9030 platform Tor 0.1.0.16 on FreeBSD i386
router TheGreatSantini 22.214.171.124 9001 0 9030 platform Tor 0.1.0.16 on FreeBSD i38
router aala 126.96.36.199 9001 0 9030 platform Tor 0.1.0.16 on FreeBSD i386
router paxprivoso 188.8.131.52 9001 0 9030 platform Tor 0.1.0.16 on FreeBSD i386
I put all their fingerprints in the ExcludeNodes setting, and since then I have not noticed the anomaly with Tor Detector, nor the unusual irc behavior.
I was using Tor 0.1.1.21 when I noticed phenomenon. It also occurred when I experimented with 0.1.1.20 and 0.1.0.17.
Is this a problem or expected behavior?
[Automatically added by flyspray2trac: Operating System: All]