I think it is relevant.

There are two sides to creating a connection and traffic can be filtered on
both ends.
On the initiator: any invalid outgoing packets can be filtered
On the receiver: any not expected / invalid packets can be filtered

Just a question: how can the hoster determine whether a packet is part of a
port scan or valid connection request?
Unless the packet is mangled/invalid (ex: out of sequence like fin / syn
scan) it can't as it is unaware what services are running at the other end.
Effectively what the hoster is also doing, is imposing a rate limit on rate
and number of connections.

On Tue, 5 Dec 2017 at 19:51 Ralph Seichter <m16+...@monksofcool.net> wrote:

> On 05.12.17 19:24, r1610091651 wrote:
>
> > Having servers on-line and complaining about such things is just
> > unreasonable and laziness on the operator side: don't want scans,
> > then setup proper firewall rules. Done.
>
> Your comment is not applicable in this particular case; please read my
> other messages in this thread to see why.
>
> -Ralph
> _______________________________________________
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Reply via email to