On 2015-01-04 09:07, Daniel Case wrote:
On 4 January 2015 at 11:00, <k...@kura.io> wrote:
I should have specified that I was talking about brute force attempts against
http servers, not SSH servers. I don't get any complaints about SSH brute force
attempts.
I have also had a spike these last few days, mainly against sysads
running Wordpress. I just send a standard reply...
I find these come in short waves. In my case, they're also about claimed (and
probably accurately so) activity from one relay, but not from another relay
that also exits to port 80.
Perhaps at least one someone is running scans, and explicitly selecting one
particular relay or set of relays rather than letting Tor pick randomly.
Richard
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
