On 13-07-21 08:40 PM, rotpoison throngnet wrote: > I am an exit relay operator in Honolulu that has posted to this list > before, on the same subject. I am hoping that some other exit relay > operators can sniff for packets to destination port 8118 (usually used > for Privoxy) to confirm that they are seeing the same thing I am on all > exit relays that I have set up in the last half year. Depending on your > network configuration, you might have to instead record firewall logs > for that port. Don’t worry, unless you have your Privoxy service open > to the world, you won’t be intercepting or eavesdropping on any > legitimate traffic. You should just be seeing SYN packets from a few > hundred-strong net of Windows servers now hosted at Gorilla Servers, > Ubiquity/Nobistech, and Limestone Networks, with a handful at Psychz. I > am calling this malicious (?) net of Windows servers Rotpoi$on. > > I have more details in the most recent blog post at > https://b.kentbackman.com
I am not running an exit at present, but i am curious. Shouldnt a SYN flood attack be handled automatically by the ISP? I don't think we can do anything on the node itself. _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
