[tor-relays] Tor relays source IPs spoofed to mass-scan port 22?

Roger Dingledine arma at torproject.org
Tue Oct 29 06:01:23 UTC 2024


On Tue, Oct 29, 2024 at 04:33:33AM +0100, Pierre Bourdon wrote:
> Kind of like someone spoofing source IPs to send SYNs
> everywhere.

Sounds right. See
https://gitlab.torproject.org/tpo/network-health/analysis/-/issues/85
where I walked through the analysis, for transparency and to help other
folks learn more about how the internet works.

It is a shame that whoever is sending this traffic clearly wants to
undermine safety on the internet. :(

--Roger



More information about the tor-relays mailing list