Here is what Top on our Tor relay is doing today:
PID USER PR NI VIRT RES SHR S %CPU %MEMTIMECOMMAND
1163 _tor 20 0 628m 286m 34m R 106.3 15.3 4693:47 tor
Logs filled with:
Sep 03 04:12:20.000 [warn] Your computer is too slow to handle this
many circuit creation re
That tool is claiming this about our relay: "This IP is infected with,
or is NATting for a machine infected with s_ddos_dirtjumper". Says the
problem connection was an attempt to connect to port 80 on a
"s_ddos_dirtjumper Command and Control server with contents unique to
s_ddos_dirtjumper". B
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
For my relay, it was the first time.
Is your relay in AT? Mine is (serverelrippo)
I'll leave rkhunter as it is in the Moment. I am curious how many times I get
this warning...
Paul Staroch schrieb:
>Am 2013-09-01 10:48, schrieb elrippo:
>> "Wa
Am 2013-09-01 10:48, schrieb elrippo:
> "Warning: Network TCP port 60922 is being used by /usr/sbin/tor. Possible
> rootkit: zaRwT.KiT
> Use the 'lsof -i' or 'netstat -an' command to check this."
>
> I guess this is a false positive in conjucntion to the massive raid of
> traffic
> incr
Hy Folks :D
Today i got this warning from rkhunter.
"Warning: Network TCP port 60922 is being used by /usr/sbin/tor. Possible
rootkit: zaRwT.KiT
Use the 'lsof -i' or 'netstat -an' command to check this."
I guess this is a false positive in conjucntion to the massive raid of traffic
in