On 15 November 2016 at 20:41, Arisbe <[email protected]> wrote: > One of my tor guard relays is a medium size VPS operating in the Czech > Republic. It's been up and stable for several years. Several weeks ago I > was notified that my VPS was a source of UDP DoS traffic. It was shut down. > Logs showed no intrusions. > > I installed a different instance of linux, changed my SSH port, added > fail2ban and even installed clamav. I did not make changes to the tor exit > policy. Then, this week I received the following: > > "Hello, > surveillance system detected a disproportionate outgoing DoS traffic on your > VPS torexitcz and then our network under a DDoS attack. Your server > torexitcz has been stopped. This is another problem with your VPS. Your > service will be terminated. > Thanks for understanding." > > Can anyone offer an opinion as to how my relay was used for DoS? How can I > avoid this in the future? My goal, as always is to provide stable nodes to > the tor network while protecting myself and my VPS supplier. > > 4061C553CA88021B8302F0814365070AAE617270 > 185.100.85.101
Your relay allows exit, and based on the name that seems intentional If you don't want it to possibly be used for attacks, you should not run an exit _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
