[tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
mick
mbm at rlogin.net
Tue Oct 29 07:47:53 UTC 2024
On Tue, 29 Oct 2024 06:52:13 +0100
Ralph Seichter via tor-relays <tor-relays at lists.torproject.org>
allegedly wrote:
> * Pierre Bourdon:
>
> > A few hours ago I received a forwarded abuse report from Hetzner for
> > one of my machines running a Tor relay (not exit). Some random ISP
> > was claiming I was sending SSH connections to them [...]
>
> Same here. Middle relay, automated abuse report forwarded by Hetzner,
> for alleged scans of TCP port 22 across several related IPv4 class-C
> networks. I wondered if that was a mistake on the reporting third
> party's end, but given that I am not the only on, it seems there is
> more to it.
Me too. Middle relay on Hetzner. Alleged SSH scans from my relay. I
have not yet had time to investigate, but will do so later today.
Mick
---------------------------------------------------------------------
Mick Morgan
gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312
blog: baldric.net
---------------------------------------------------------------------
More information about the tor-relays
mailing list