[tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
Paritesh Boyeyoko
parity.boy at gmail.com
Tue Nov 5 17:42:42 UTC 2013
@jj tor
The fact that your relay is refusing connections says that the port isn't
open, which is a good thing.
I suspect that persons unknown have port scanned your VPS, realised that you
have Tor running (on standard ports) and is speculatively using a bot to
(hopefully) connect to the SOCKS interface.
I would
a) move the Tor relay to non-standard ports
b) use iptables to drop all incoming connections apart from the (new) Tor
ports and shell access.
Best,
--
Parity
parity.boy at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20131105/8aa14a79/attachment-0001.html>
More information about the tor-relays
mailing list