[tor-relays] Blocked SYN floods?

Subject: [tor-relays] Blocked SYN floods?

From: Michael Millspaugh <tk421storm@xxxxxxxxx>

Date: Sat, 26 Feb 2011 09:27:59 -0500

Delivery-date: Sat, 26 Feb 2011 09:28:32 -0500

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:from:date:message-id:subject:to :content-type; bh=tJgnqr7i5z2ITu8PKSJyWPyaZPDPNvV75vRdEiBnReI=; b=q6DN90EStUgGLOZGIzeFT+8FRPyyBvGoVDPIJJFX+vEp5x2P2Uyy1Bs0eekUd8GzzR pnJj2yyIgfwI4/WNmYIxCXw/ZJ1ea4lmTIBP5WNO7wHsHcvNEFQDRr0n0pfnVXWb0HvB eNTSj29Aa4kz/ipqxGoj7yizFFnvggI1UYWsg=

Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=sKKJ4obuaOdd2A1v+8W7c80MjAZPGUBky6Zkn5YdQIovqfYZL4uJM2nrJlSQyIC2Sx v8SDgU2jzNOVFDlUPN+/4dxJYkLoFlJaSl+oZ/x6skCQIus6kzv6Eym1z5Mm6eU1Y+JT gxcBSgrdwCkF//uiG4iI4dpSo7weUCZNr2M4g=

List-archive: <http://lists.torproject.org/pipermail/tor-relays>

List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>

List-id: "This mailing list is for support and questions about running Tor relays \(exit, non-exit, bridge\)." <tor-relays.lists.torproject.org>

List-post: <mailto:tor-relays@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>

Reply-to: "This mailing list is for support and questions about running Tor relays \(exit, non-exit, bridge\)." <tor-relays@xxxxxxxxxxxxxxxxxxxx>

Sender: tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx

02-26-2011 09:09:41 Daemon.Debug ROUTER kernel: [2011 Feb 26 09:09:33] FVS338 SYN-FLOOD IN=LAN OUT=WAN SRC="" DST=85.78.242.156(unresolved) PROTO=TCP SPT=63848 DPT=23

02-26-2011 09:09:41 Daemon.Debug ROUTER kernel: [2011 Feb 26 09:09:33] FVS338 SYN-FLOOD IN=LAN OUT=WAN SRC="" DST=31.92.154.101(unresolved) PROTO=TCP SPT=63820 DPT=443

02-26-2011 09:09:41 Daemon.Debug ROUTER kernel: [2011 Feb 26 09:09:33] FVS338 SYN-FLOOD IN=LAN OUT=WAN SRC="" DST=188.88.159.200(unresolved) PROTO=TCP SPT=63839 DPT=5060

Most of them are on port 23 or 443, some are on 5060 and the rest are on random ports. I have read that port 23 is for MIRC, and that "syn-floods" are part of the way it operates - could that be causing these errors? Is it removing some functionality of mirc that is important to it's operation? I'd feel better knowing my firewall is stopping these syn-floods before my ISP can see them, and knowing that the relay is still working optimally.

-Mike

--
TERMS OF USE. By reading this e-mail, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, terms-of-use, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays