Re: [tor-relays] rejected hit from China
Sounds like fairly typical background noise to me. Null route the IP if you're concerned but it's probably a zombie in someone's botnet or a chinese user trying his luck. If your IP is listed publicly on tor, expect to be probed every now and then. On 3 July 2014 04:14, Larry Brandt lbra...@cni.net wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Today my router blocked two hits from Chinese server 218.77.79.43:59762 to my 68.66.154.214:21. I don't listen to port 21. I don't listen to 21. Should I take some action? Is this normal or academic or...? glowworm -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBAgAGBQJTtMqbAAoJEGtidykNvjCmS+AH/353bFiZs8tJ+3iUwCPARUOj 9stR4/Hhq+vCk9NCnaYYJ/rQn3d0ZQW8SaZXmxzaqsTe+8eioy9n8sAELLEe9xMe VMenA5tYMkjIl08V7PW3v05S7Ap631BtTuO2TXeCickmz0frcDnEHVHAbfklFNLZ h67U/uAN2OYp1iu6++IBBoZOTpU6dAsDpRUGZofS9gWpNdqWB5En3hzaoCS2hEXT sG6N/mkExMBbmQri3pp02KIakOx8OzYi3Nl+ByxDHIqtmLEmu+3+clEEpYlSI6yN 3je75ek+e42HLVSepvLXhfA8rDQabl3TjGOq+VXdDZNwPWntBfpnfkwBhp+TnQk= =/PSG -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] (no subject)
Fabiano, You're aware this is a public mailing list, where everything posted here is already public right, and any police force who want to can already see it? And you're also aware that while you're subscribed to the mailing list, you will receive everything in said list? You can't tell the entire list to shut up because you don't want to receive them anymore, what you can do is unsubscribe by going here: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Watching the attacks on my relay
You self signed your site certificate...? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor exit notice
if a given IP address is actually a Tor exit server Should probably be node rather than router, that seems to fit better. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Being flooded.........
they are all being stretched to their capacity. 1: Anti virus and malware detection don't have a 'capacity' - no idea what you're talking about. Make it so no one can connect to Tor unless they are certified clean. 2: Whether your an exit relay or not, viruses would not come from Tor. Your relay is just a tunnel for encrypted traffic to pass through, there is simply no way a virus could get onto your machine that way as nothing stops at your machine and if you were to sniff what went through it would all be encrypted. If you've been on Tor yourself and downloaded things from the onion sites then it's your own fault, same as the regular web. You're blaming the wrong program. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Disappointing AUP - (was Re: DDOS?)
This might be a bit of a shameless plug, but I used to use bitfolk ( bitfolk.com) - they have a generous allowance of bandwidth and allow tor as long as you set it up correctly. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
I have a real world example of this. My forum was being abused by several users all originating from the Tor network, so the first thing I did (and any sane admin would do) was block Tor access (with a note) for a few hours while I figured out what to do. I ended up unbloacking the network and showing Tor users a low-fi version of the forum, and not letting them sign in without captcha (a simple qualitative question) - reducing load and spam. But something must be done temporally, I agree that Tor users shouldn't be blocked permanently but quiet is needed in order to implement a solution and to get that quiet you need to block at network level, then you can begin a more permanent mitigation plan. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] too many abuse reports
I can also confirm same attack it must have been huge o.o On 22 May 2012 20:17, tor-admin tor-ad...@torland.me wrote: mick m...@rlogin.net wrote on 22.05.2012: I assume you mean IP address rather than port here. Despite offering, I wasn't given the opportunity to do that. Interesting that you also seem to have been used in targetting the brazilian government. I can confirm abuse messages for same target, same attack. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays