[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)

To: tor-relays <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
From: Thomas Hand <th6045@xxxxxxxxx>
Date: Tue, 5 Nov 2013 14:09:40 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 05 Nov 2013 09:09:52 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=NCum1LoSacfSw36/CUIfxdV5cGZ9QS20ZMABZ6TfjBk=; b=sSDDVwRabGKJPeS5XWeQ62zYKuG6ZWp4trCNjo6PyEgVGPlrPPxXJ+gPvupKswBfzV msk49mFKBX/hMDEVEXQ9bN8FAAsaIOen7OwgYMEdJizarnq7EOsYl8W9xGs/u7yGfOPj JTIQehMcpurYYaz/SmAc+xU1BmiwJkCtPrkXhUXO/wy1fSiilWprhVAhYuG4o7gxdw5T yW/08gWi27fo38yNoZ3MT6g3ZgxpJEksrFXTsyZeiPkH7GG5S+1FHDk9p0NtCYJDQtbP xWztbvNXhzSrut22Z1mya/w1s5jB4QIm9PHPGaVUUyo/w4PZB5aPBbtLCGrmGoNnxG6S eklw==
In-reply-to: <CAGT8D4Nfmw_fTqABcZT_fS28v6vT7awV+1t0xwvsFgs5RMV0dQ@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <CAGT8D4PJXzsTzcn9qPCPYmWiXoZ2C3xbZpLhEOHHnCvZLOnz+A@xxxxxxxxxxxxxx> <2826286.SjnxGMFDgD@vostok> <CAGT8D4Nfmw_fTqABcZT_fS28v6vT7awV+1t0xwvsFgs5RMV0dQ@xxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

What is the fingerprint of your exit node, maybe someone here can take a look?

Also, use iptables! If it is a dedicated VPS then drop anything you dont recognize, leaving only Tor ports (9001,9030 default) and maybe a service port like 22 for SSH for something. Port 9050 should not be visible from outside...

Tom

On 5 November 2013 08:36, jj tor <jjproyects@xxxxxxxxx> wrote:

Sorry for the confusión, the exact line in my torrc is "Socksport 0", so, SOCKS port is closed. Moreover, I haven't got any exit rule towards port 9050

Even if I block this traffic using iptables, I am very curious about why the server is receiving that huge amount

Maybe, because my relay's exit policy? (exit policy--> doc/ReducedExitPolicy – Tor Bug Tracker & Wiki : https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy)

2013/11/5 Paritesh Boyeyoko <parity.boy@xxxxxxxxx>

@jj tor

...and before I forget, yes deploy IPtables anyway. :)

Best,

--

Parity

parity.boy@xxxxxxxxx

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
  - From: Andreas Krey
- Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
  - From: I

References:
- [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
  - From: jj tor
- Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
  - From: Paritesh Boyeyoko
- Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
  - From: jj tor

Prev by Author: Re: [tor-relays] Is there any reason to keep the default exit policy?
Next by Author: Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
Previous by thread: Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
Next by thread: Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
Index(es):
- Author
- Thread