ettings to
give proper ICMP error messages to make diagnosing more easy.
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
Am 10.02.2025 um 11:35:42 Uhr schrieb Azraxiel via tor-relays:
> I followed every step in the Documention for setting up a Relay but
> it doesn't work and the opnsense community can't help either.
You have to allow all incoming TCP traffic on the listening port and
all outgoin
Hello,
does anybody use the Opensense Plugin for Tor?
I followed every step in the Documention for setting up a Relay but it doesn't
work and the opnsense community can't help either.
Best regards
Azra
Sent from Proton Mail Android
publickey - azraxiel@proton.me - 0x2AAAF94E.asc
D
Hello!
A couple of days ago, on 2025-02-06, an unknown family with 24 exit
relays showed up in the Tor network. We followed our usual approach[1]
in those cases: reaching out to the operator welcoming them in our
community while at the same time being cautious and keeping the relays
in a
On Sunday, 9 February 2025 19:35 ZK via tor-relays wrote:
> I'm asking the Torpoject to publicly answer the question: why do you add
> BadExit and MiddleOnly flags to new relays?
The TorProject is an open source project and you can read all the information
about
what, why, when and h
seems that the person harvested emails and indiscriminately
spammed everybody: the recipients list contains @torproject.org too.
I agree regarding this not being malicious. However. If we’re wrong,
I see two options to be cautious about. It may be FUD against Tor: the
network or the project. W
Am 09.02.2025 um 18:35:51 Uhr schrieb ZK via tor-relays:
> I'm asking the Torpoject to publicly answer the question: why do you
> add BadExit and MiddleOnly flags to new relays?
Please give the Nickname for the affected relay.
> Please don't lie as you did before and lis
I'm asking the Torpoject to publicly answer the question: why do you add BadExit
and MiddleOnly flags to new relays?
Please don't lie as you did before and list the criteria here
_______
tor-relays mailing list -- tor-relays@lists.torproj
ongoing attack
I have some evidence of the attack: the Torproject doesn't allow people to run
relays by removing them from the network or making them unusable as Guard or
Exit for no known reason for years. A random person cannot run a Guard or Exit
relay. Thus the Tor network is entirely r
Appreciate the details!
Some questions to better understand:
1) Why did you limit relay bandwidth? How did you calculate the values to use
for the limits?
"BandwidthRate 75 MBits
BandwidthBurst 100 MBits"
2) CPU - how did you decide to only use 4 out of 6 cores?
Why use 4 cores to 1
On Friday, February 7th, 2025 at 12:22 PM, George Hartley via tor-relays
wrote:
> Hi there "usetor",
>
> I am going to answer a few of your questions:
>
>
> 1. "If a full IPv4 /24 Class C was available to host Tor relays, what are
> some optimal ways
15 min from htop
RAM Capacity: 64GB + 64GB Swap
RAM Usage: 55G + 14G Swap (previously maxed out 64G and needed swap added)
Tor Relays: 30, 2 per IPv4
IPv4 Addresses: 15
Time: 45 days, 9/15/2022 - 10/30/2022
Traffic: 2 PB total. Max In: 2.15 gbps, Max Out: 2.15 gbps
Per Day: 40TB, (0.04 PB) = 2 PB /
Hi there "usetor",
I am going to answer a few of your questions:
1. "If a full IPv4 /24 Class C was available to host Tor relays, what are some
optimal ways to allocate bandwidth, CPU cores and RAM to maximize utilization
of the IPv4 /24 for Tor?"
With 2 IPv4 addreses
we wrote down some notes on our experiece:
https://osservatorionessuno.org/blog/2025/02/how-to-configure-multiple-tor-relays-on-the-same-interface-with-different-ips/
On 2/4/25 9:41 AM, bic wrote:
hello
I have a configuration quite similar[1] to yours and previously posted a
similar question
can
have from 6 to 40MBs
2. Run a separate tor instance for every physical core that you have
3. Allocation ~500MB of memory for every instance, this is quite
empirical for my experience
5. Try to use a different ip for every instance, this is not mandatory
but if you share multiple relay on the
Hi All,
Looking for guidance around running high performance Tor relays on Ubuntu.
Few questions:
1) If a full IPv4 /24 Class C was available to host Tor relays, what are some
optimal ways to allocate bandwidth, CPU cores and RAM to maximize utilization
of the IPv4 /24 for Tor?
2) If a full
Web tunnel bridges Port 443, https
I set up three of these. One in UK, one in Australia and one in USA.
Only the USA service is attracting traffic. This might be normal.
The others are very quiet.
Then I look at it on Tor Relay metric it reports Running
<ht
002
This will do nothing, unless you actually configure the relay to be a bridge.
Try to comment both HashedControlPassword and the obfs4 settings, and restart
the relay.
nyx should now work - additionally, you might want to check the log using
journalctl -u tor.
There should be a line st
Hello,
Thank you. I have read all of it.
I have also re-sent my Email, please let me know if you see it now.
Thank you.
___
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
Hello!
petition_tricky750--- via tor-relays:
Hello,
What are some of the most common reasons for relays and exits to be banned from
Tor?
Had it happen to all of my 5 nodes and I'm currently awaiting response from
bad-relays list.
I don't see an email from you there yet. You mig
Hello,
What are some of the most common reasons for relays and exits to be banned from
Tor?
Had it happen to all of my 5 nodes and I'm currently awaiting response from
bad-relays list.
They all present this in logs
Jan 18 20:41:40 example.com Tor[2439671]: http status 400 ("Fingerpr
On Wed, Jan 15, 2025 at 12:06:09PM -0300, x9p via tor-relays wrote:
> I am running a relay and other servers. Sometimes doing SSHD over Tor via a
> hidden service in a VPS in openbsd.amsterdam. In all my other setups, in
> other providers, I do not see this problem happening.
>
>
> Possible attack on servers via Tor Guard relays
With the written above, the Tor node attributes should not play
a role.
> the connection is terminated. (MSG1) Upon connecting for
> the second time, everything goes smooth. (MSG2)
Starting with MSG2 the ssh connection seems to work.
be first fixed.
--
Gruß
Marco
Send unsolicited bulk mail to 1736954742mu...@cartoonies.org
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
Am Wed, 15 Jan 2025 16:01:44 +
schrieb nyyymi :
> Nickname is nyymi. It doesn't show up on the relay search
That is an indicator that something isn't working.
Please post your torrc (without comments).
and the IP addresses of the machine.
______
Am 14.01.2025 um 19:50:19 Uhr schrieb nyyymi via tor-relays:
> For the past few days I've been trying to open a tor-relay on
> my old laptop running arch. The tor service starts fine but when I
> check nyx no traffic goes through me, both download and upload is 0.
New relays p
Hi,
I am running a relay and other servers. Sometimes doing SSHD over Tor
via a hidden service in a VPS in openbsd.amsterdam. In all my other
setups, in other providers, I do not see this problem happening.
Upon connecting for the first time, I do get a "banner line contains
in
indeed is new, it might take a while for it to pick up
speed.. for Guard relays, this can take longer than 8 weeks, for exit relays it
is usually around 1-2 weeks.
On Tuesday, January 14th, 2025 at 4:59 PM, s7r via tor-relays
wrote:
> The VPS does not provide the advertised speed, the ne
Hey there,
to efficiently help you, could you please post your /etc/tor/torrc?
Otherwise, the relays that you see in Russia are likely on a host that does not
enforce the ban of the Tor Project.
However, your nyx data is quite weird.
Did you run it as the Tor user?
- sudo -u tor nyx
Hello. For the past few days I've been trying to open a tor-relay on my old
laptop running arch. The tor service starts fine but when I check nyx no
traffic goes through me, both download and upload is 0. Nyx shows
Unknown:portnumber. I doubt that the port is closed or somehow unavai
Carlo P. via tor-relays wrote:
Hello experts,
I have, from the same provider, two VPS with same specs (also same port
speed of 200MBit/s, verified via speedtest-cli) - one in Germany, one in
South Africa.
Whilst the German one behaves as expected (two fast relays on it), the
two relays in
with https://mailfence.com
Secure and private email_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
)
Best regards,
atari
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
Hello!
On Tuesday, January 7th, 2025 at 11:38, atari … via tor-relays
wrote:
> is related to not exposing your ORPort (which is highly recommended). See
> these 2 tickets:
Can you please clarify what is recommended? To expose ORPort or not? At first
from your quoted message I decide
On Mon, Jan 06, 2025 at 01:11:15PM +, Brook Rameev via tor-relays wrote:
> Today all my web tunnel relays become offline according to
> https://metrics.torproject.org/rs.html#search/BrookRameev (my web
> tunnel bridges have the 'W' suffix). But they are surely online
>
/community/-/issues/329
If you can use your bridge and its shown as “webtunnel: functional” when you
check here: https://bridges.torproject.org/status?id=$YOURFINGERPRINT
everything should be fine.
Best regards,
atari
___
tor-relays mailing list -- tor-relays
ms in logs,
nothing changed in their configuration. I also checked them using tor browser.
All of them "went down" at the same time: " 1 hour 17 minute and 48 seconds"
from the current moment. The problem relates only to webtunnels, ordinal re
relay provided close to 180 Terabytes of traffic to the Tor network.
Looks like you are German, I speak German and sound like a native speaker..
maybe because I am German? Who knows!
Let's talk, I could maybe cover the cost and server maintenace if the relay
provided any meaningful throu
On Thursday, December 26th, 2024 at 12:00,
tor-relays-requ...@lists.torproject.org
wrote:
>
>
> Send tor-relays mailing list submissions to
> tor-relays@lists.torproject.org
>
> To subscribe or unsubscribe via email, send a message with subject or
> body '
Thank you for your service!
On 2024-12-30 01:22, Tschador via tor-relays wrote:
FYI: My Tor node »TorMachine« (6A7551EEE18F78A9813096E82BF84F740D32B911)
will be shut down on 2024-12-31.
Sorry folks – but I'm too old for the job.
Good luck and all the best wishes for the f
FYI: My Tor node »TorMachine« (6A7551EEE18F78A9813096E82BF84F740D32B911)
will be shut down on 2024-12-31.
Sorry folks – but I'm too old for the job.
Good luck and all the best wishes for the future!
_______
tor-relays mailing list -- tor-r
possible to make a change!
Zachary___
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
Individual bridge IPs are not published anywhere and so cannot be
blocked like this.
Unless they are collateral damage from a block of IPs being banned
because of relays. Like all IPs from a VPS provider.
Cheers.
On 12/26/2024 4:02 AM, ndub via tor-relays wrote:
I'm also facing the
ndub via tor-relays wrote:
I'm also facing the same problem. I'm wondering whether this also
happens to bridges and if it doesn't, why not running a bridge ?
Because of how everyone *thinks* that understands internet and
particularly internet security... not to mention the
I'm also facing the same problem. I'm wondering whether this also
happens to bridges and if it doesn't, why not running a bridge ?
--
ndub
On 25/12/2024 08:29, Richie via tor-relays wrote:
Hi, tierce,
can confirm (germany), and afaik a known issue for quite a long time
now. M
.
Looking up the relay, there is a name, e-mail contact and PGP key ID for this
node operator:
"Tom"
t...@kh6ilt.org
0x620836CF
Just ask this operator first to check his server for something that could cause
this, and if he is running something special alongside Tor.
Then, if tha
uptime and throughput) as well as clean (i.e. not
government or surveillance agency controlled nodes).
You can message the websites administrator and tell him to use the Tor Exit
block-list only - this makes much more sense than blocking traffic from nodes
that do not allow exiting.
However
even guard)…
https://metrics.torproject.org/rs.html#details/89B4597169A9DBB171F0B4629C73C0FD55D767C7
https://metrics.torproject.org/rs.html#details/07E3A0DC6AD4A5F07D1AF942626EBBF6CC0C72C7
If I browse the web using a common browser using the basic services of the ISPs
(no torbrowser, no tor n
that the server in question was never located at
the home/mail address of our organization.
- This was clear even before the case was handed off to the local
department responsible for our current registered address.
- At least some of the people involved also fully understand Tor and the
ell them/offer
them migitation methods). I'd be happy to hear success stories on
deblocking tor relay IPs, but i doubt that i'll see this happen.
Thanks for running a relay,
Richie
Am 24.12.24 um 08:07 schrieb gniping via tor-relays:
Hello,
I'm located in Belgium.
I keep two
ing a common browser using the basic services of
the ISPs (no torbrowser, no tor network) and at least since may 2023,
I've observed that some websites (banks, federal services,…) simply
don't respond when I want to open their webpages.
If I use another IP from the same locations
http://hctxrvjzfpvmzh2jllqhgvvkoepxb4kfzdjm6h7egcwlumggtktiftid.onion/rs.html#details/87EBD436D6EC7E2A83AC1CAAF46B44CFF15CDCA8
( CCed)
always from port 9001 but to different, high number destination (on my vps)
ports which ufw is blocking.
This isn't Tor traffic I'm blocking, right? That would only come to my O
one
forced DSL disconnect every 24 hours).
I currently don't have enough money for a decent dedicated server or VM and a
host that I can trust which doesn't have too many Tor relays already.
In total, according to vnstat, we routed 20TB's of exit traffic per month for
the last 3
the manual:
> ORPort [address:]PORT|auto [flags]
>
>
>
> Advertise this port to listen for connections from Tor clients and servers.
> This option is required to be a Tor server. Set it to "auto" to have Tor pick
> a port for you. Set it to 0 to not run an ORP
There is a hacky fix available:
https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/snowflake/-/merge_requests/460
___
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le
Hello,
Join us for Tor activities @ 38th Chaos Communication Congress (38C3):
https://events.ccc.de/congress/2024/
The 38th Chaos Communication Congress runs from December 27 to 30, 2024 in
Hamburg.
We've got a lineup of Tor activities happening during this congress!
- Decemb
On Monday, December 9th, 2024 at 07:45, gus via tor-relays
wrote:
> ### Phase one, Ben's talk
>
> https://direct.mit.edu/books/oa-monograph/5761/TorFrom-the-Dark-Web-to-the-Future-of-Privacy
I had to miss the meetup, so thanks for these notes from Ben Collier's visit.
I
On 2024-12-16 06:39, George Hartley via tor-relays wrote:
Hi,
it seems that your address is not reachable for me:
You were pinging his link local fe80 address, which isn't routable. He
is having troubles listening on the real IPv6 address, which he
obfuscated.
On 2024-12-15
q=3 Destination unreachable: Address
>unreachable
>From fe80::6e62:6dff:fe85:b8f9 icmp_seq=4 Destination unreachable: Address
>unreachable
Did you check that you can actually have IPv6 connectivity FROM your server?
All the best,
-GH
On Monday, December 16th, 2024 at 12:37 AM, Eddie via tor-
ation at
fault, not tor, but I thought I'd throw it out for ideas, as I'm not
that confident (yet) with IPv6 stuff.
Here's the interface:
2: eth0: mtu 1500 qdisc fq_codel state
UP group default qlen 1000
link/ether a6:6a:08:73:42:27 brd ff:ff:ff:ff:ff:ff
altname enp
Sorry for the late reply, but at least on ArchLinux, Tor already comes with a
service file for systemd and an example configuration file at
> /etc/tor/torrc
To make Tor auto-start on system boot, use:
> systemctl enable tor
systemd also offers variable sandboxing mechanisms, which sho
heers
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
Hello,
Thanks everyone for joining us last Saturday. Here are the meetup notes.
Our next online meetup will happen at the end of January 2025.
I'll announce it in January.
cheers,
Gus
## Tor Relay Operator Meetup - 2024-12-07
### Phase zero, announcements
New WebTunnel bridges cam
, it'd just look like Wireguard traffic. Any thoughts or fools errand?_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
the bug report.
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
Hi all,
Haven't posted in a while here, it's good to see that this list is still
going strong :)
I hope that some Tor Project employee can reply on list item 2 below.
I've been co-operating an exit relay for some four years now. My usual
response to abuse notifications is addin
1703 |
+--+--+--+
More parsimonious explanation fitting the evidence is a bug on ORPort
directive which causes it to enable NoListen.
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-rela
Bug 40994 (reported at
https://gitlab.torproject.org/tpo/core/tor/-/issues/40994) has become a
fairly serious impediment to running relays. I generally obtain two
ipv4 addresses on my machines and the ports I want to use for tor are
not available on both addresses. So listening on 0.0.0.0 is
ation & discussion
https://direct.mit.edu/books/oa-monograph/5761/TorFrom-the-Dark-Web-to-the-Future-of-Privacy
## How to join
Meetup details:
- Room link: https://tor.meet.coop/gus-og0-x74-dzn
- Date & Time: Saturday, December 7th, 2024 @ 19.00 UTC
- Duration: 60 to 90 minutes
Thanks all.
--Keifer
On Mon, Dec 2, 2024 at 11:24 PM William Denton
wrote:
> On Sunday, December 1st, 2024 at 14:15, Keifer Bly
> wrote:
>
> > So on Debain 12, is there a way to configure tor to start automatically
> when the os boots? Thanks.
>
> One way is to use th
sses for a small fee so I'm planning to run 5 bridges from 1 VPS to make
> management easier. Is this enough horsepower to run 5 WebTunnel bridges?
>
> - 4 vCore AMD EPYC Rome
> - 8 GB memory
> - 48 GB SSD
The tor process is by far the main consumer of resources in a webtun
sudo systemctl enable tor
On Sun, Dec 1, 2024 at 2:15 PM, Keifer Bly <keifer@gmail.com> wrote:
Hi,
So on Debain 12, is there a way to configure tor to start automatically
when the os boots? Thanks.
--Keifer
signature.asc
Description: OpenPGP digital sig
On Sun Dec 1, 2024 at 8:15 PM CET, Keifer Bly wrote:
> Hi,
>
> So on Debain 12, is there a way to configure tor to start automatically
> when the os boots? Thanks.
>
> --Keifer
Do you mean something like, `systemctl enable tor`?
_______
> So on Debain 12, is there a way to configure tor to start
> automatically when the os boots? Thanks.
If you've installed Tor from the repositories it will install a systemd
.service and it should be enabled by default.
Check the status of tor.service :
$ systemctl status tor
Hej Dionysios,
guess you have to additionally put the following to your torrc:
ORPort [::1]:auto
AssumeReachableIPv6 1
Best regards,
atari
___
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le
it helps to diagnose the problem further. Meanwhile, I disabled
rechecking and simply try until I get lucky during the NAT testing.
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
pdate module github.com/pion/ice/v4 to v4.0.3
I wonder if this is a problem of my local setup or a bug snowflake itself. Any
ideas?
Best regards,
0x5fcfbd30
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email t
d.
D.
_______
tor-relays mailing list -- tor-relays@lists.torproject.org
To unsubscribe send an email to tor-relays-le...@lists.torproject.org
Does your server CPU support hardware AES extensions?
Run this command in your shell (bash most likely):
lscpu | grep aes
If it returns the string AES, then you can make use of the crypto hardware
acceleration.
This severely reduces CPU usage by Tor.
Also, if you want to reduce CPU usage
Greetings fellow relay operators!
Sorry for the last minute notice, but we're postponing the usual relay
operators meeting previously set for tomorrow.
Stay tuned for a new date.
George
--
43C2 85B0 41B6 4AC1 0E02 2767 7092 AEB3 40B0 C804
______
Add Tor's repo in your system:
https://support.torproject.org/apt/tor-deb-repo/
Then install unattended-upgrades too:
https://wiki.debian.org/UnattendedUpgrades
Unattended-Upgrade::Origins-Pattern {
"origin=*";
};
This way (by including all origins) you basically keep al
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Great tip
Thank you! :)
- -- Original Message --
From "Chris Kerr"
To tor-relays@lists.torproject.org
Date 18/11/2024 5:45:28 μμ
Subject [tor-relays] Re: Journal warnings spam
On 15/11/2024 13:01, Dionysios K. wrote:
Hey
On 15/11/2024 13:01, Dionysios K. wrote:
Hey guys,
Do you have any solution to stop the spam caused by tor:
The IPv4 ORPort address 127.0.0.1 does not match the descriptor
address . If you have a static public IPv4 address, use 'Address
' and 'OutboundBindAddress '.
In
ridgeDistribution email
> ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy
> ServerTransportListenAddr obfs4 0.0.0.0:
> ExtOrPort auto
> ExitPolicy reject *:*
> ContactInfo keiferdodderblyyatgmaildoddercom
>
> --Keifer___
tor-r
Hi, I had very similar reports to
[tor-operator_urdn.co](https://forum.torproject.org/u/tor-operator_urdn.co):
DateTime Action AttackClass SourceIP Srcport Protocol DestinationIP DestPort
0 30-Oct-2024 14:06:13 BLOCKED attempted-recon 92.51.45.21 0 202.91.162.47 22
1 30-Oct-2024 14:43:35 BLOCKED
Hey guys,
Do you have any solution to stop the spam caused by tor:
The IPv4 ORPort address 127.0.0.1 does not match the descriptor address
. If you have a static public IPv4 address, use 'Address ' and
'OutboundBindAddress '.
Indeed I have a static IP but behind nat, so
ned amateurs, the last one is dated 12 Nov 2024 07:57:06
+0800. All mentioned addresses are those of Tor relays, and the
destination port is still ssh.
Excerpt from the report:
5 11-Nov-2024 12:32:52 DENIED 193.218.118.89 54796 TCP
202.91.160.87 22
This could be sim
Hey, I took a look at their boards and the AML-A311D-CC SBC looked like a great
choice.
6 cores total, 4x ARM-73, 2x ARM-53 which also feature the crypto extensions.
Said crypto roviding up to 40x more speed decoding / encoding AES which is
great for openssl (and by extension, thus also Tor
on my own, and it is still enabled on boot, or at least should be, but
it wasn't.
I checked since I believe arma mentioned it.
All the best,
-GH
On Sunday, November 10th, 2024 at 6:50 PM, George Hartley
wrote:
> Hello, add me to the list too.
>
> Started receiving packets 3 day
Hello, add me to the list too.
Started receiving packets 3 days ago and Tor Weather sent me an e-mail
regarding it.
Sad that I could not respond further.. I try to maintain an extremely high
uptime. So far, the node has only been been offline for 6 hours in 6 months..
now it's been 72
idge, from the initial installation/deploy 5+ years ago.
My server was noted as being "blocked in Russia" earlier on the relay search
tor metrics page, I have noted that this info have been removed from the page,
I don't know if that is due to the server not being blocked (unlikely
Dear experts,
my relay
https://metrics.torproject.org/rs.html#details/0FBABB8C7B22CEDDFC849331E8E9E29C18081235
is shown as "down since more than three days" in Metrics.
The logs on the server however seem to show normal activity:
Nov 10 06:45:35 odin Tor[87753]: Heartbeat: It see
enabled?
On 9/11/24 23:15, tor-opera...@urdn.com.ua wrote:
I can confirm that the attack has not stopped and that we continue to
monitor spoofed packets with Tor relay's IP addresses including the
addresses of relays that are at our network.
This continues to trigger the sending of reports
I can confirm that the attack has not stopped and that we continue to
monitor spoofed packets with Tor relay's IP addresses including the
addresses of relays that are at our network.
This continues to trigger the sending of reports from the same ama
Adding another me too.
2 of 5 different ISPs for middle and entry nodes shared same abuse complaints
other received.
First time in 10 years to receive abuse complaints from middle/entry nodes.
Not fun.
It'd be great for Tor to publish a blog on what is happening / what happened so
w
shut down today, thanks to the assistance
> from Andrew Morris at GreyNoise and anonymous contributors.
Are you sure that it has been effectively shut down? We're still
receiving spoofed packets with IP addresses of Tor relays set as source
after this message has been posted. We've
On 2024-11-08 08:47, tor-relays+tor-rel...@queer.cat wrote:
This rule will also count SYN-ACKs sent from your own server to bots
trying to connect to your SSH on port 22.
The rule is on the source port = 22, not the destination port = 22.
Incoming bot connections will not have a sport = 22
l
receiving spoofed packets with IP addresses of Tor relays set as source
after this message has been posted. We've also received more "reports"
from the same newbies after this message was posted.
Our traps even see packets with the IP addresses of Tor relays that are
in the same
On 8/11/24 08:47, tor-relays+tor-rel...@queer.cat wrote:
On 8/11/24 03:14, Red Oaive via tor-relays wrote:
I just reset my SYN-ACK detection nft counter and it's still showing
activity:
tcp sport 22 tcp flags == 0x12 counter packets 9 bytes 504
This rule will also count SYN-ACKs
On 8/11/24 03:14, Red Oaive via tor-relays wrote:
I just reset my SYN-ACK detection nft counter and it's still showing
activity:
tcp sport 22 tcp flags == 0x12 counter packets 9 bytes 504
This rule will also count SYN-ACKs sent from your own server to bots
trying to connect to you
1 - 100 of 1198 matches
Mail list logo
