[tor-relays] Tor relays source IPs spoofed to mass-scan port 22?

Ralph Seichter ralph at ml.seichter.de
Tue Oct 29 05:52:13 UTC 2024


* Pierre Bourdon:

> A few hours ago I received a forwarded abuse report from Hetzner for
> one of my machines running a Tor relay (not exit). Some random ISP was
> claiming I was sending SSH connections to them [...]

Same here. Middle relay, automated abuse report forwarded by Hetzner,
for alleged scans of TCP port 22 across several related IPv4 class-C
networks. I wondered if that was a mistake on the reporting third
party's end, but given that I am not the only on, it seems there is more
to it.

-Ralph


More information about the tor-relays mailing list