Hello again,
indeed, the port 9050 is closed, but not filtered. I've set up a drop rule in the VPS firewall( Parallels Plesk Panel) on this port, but it's not working fine. I am amazed by all the amount of this kind of traffic, more than 700 packets/second. According to Kent Backman, this is the clickfraud net called "Rotpoi$on" (a lot of info at https://b.kentbackman.com/2013/04/15/rotpoion-botnet-powered-by-thousands-of -servers/) Maybe I'll be able to block all these incoming connections, but I'm afraid that overall relay performance will decrease drastically because all the filtering work... The relay--> Atlas: newTorThird : https://atlas.torproject.org/#details/ACED456D102F634F8DB3CBE8BC9A96F2569EC33C 2013/11/5 Paritesh Boyeyoko <parity....@gmail.com> > @jj tor > > > > The fact that your relay is refusing connections says that the port isn't > open, which is a good thing. > > > > I suspect that persons unknown have port scanned your VPS, realised that > you have Tor running (on standard ports) and is speculatively using a bot > to (hopefully) connect to the SOCKS interface. > > > > I would > > > > a) move the Tor relay to non-standard ports > > b) use iptables to drop all incoming connections apart from the (new) Tor > ports and shell access. > > > > Best, > > -- > > Parity > > parity....@gmail.com > > _______________________________________________ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > >
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
