[tor-relays] Tor relays source IPs spoofed to mass-scan port 22?

Neel Chauhan neel at neelc.org
Fri Nov 1 02:15:17 UTC 2024 

On 2024-10-31 13:42, tor at nullvoid.me wrote:
> I got an abuse report on my Guard, Middle, relay hosted at OVH.
> I replied with the blog post and explanation that it's an attack 
> outside of my server spoofing packets. No reply back from OVH, no 
> account suspension either.

I got an abuse complaint from Verizon today since I have a middle relay 
on Fios (actually eight). I hope I don't get more and/or am forced to go 
bridge-only. I run eight exits on OVH over 2 IPs and have no abuse tho.

I thought maybe it's an issue with my MikroTik router or an infected 
Windows PC or Rocky server, I didn't realize it was TCP forgery on 
middle relays. FSB, maybe?

It would be hard to explain to Verizon I run Tor relays since they 
technically don't allow servers. I hope I'm not forced onto AT&T 
Internet Air as my particular co-op rental unit won't let met get 
Spectrum even when other units can, not that I wanted Spectrum, I don't.

-Neel

> Regards,
> 
> mick:
>> On Thu, 31 Oct 2024 11:25:30 +0200
>> "Dimitris T. via tor-relays" <tor-relays at lists.torproject.org>
>> allegedly wrote:
>> 
>>> similar situation here with hetzner.. got a first report 2 days ago,
>>> and just a while ago got another abuse report, by the same
>>> watchdogcyberdefence.... with more alleged activity from our ip...
>>> 
>>> like everybody else, there's nothing coming out from our relay ip, so
>>> we strongly believe "Theory three"[1] .
>>> 
>> Agree.
>> 
>> I have just received another "abuse" report. Hetzner have yet to
>> respond to my last reply to them.
>> 
>> Mick
>> 
>> ---------------------------------------------------------------------
>> Mick Morgan
>> gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
>> blog: baldric.net
>> ---------------------------------------------------------------------
>> 
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays at lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

More information about the tor-relays mailing list