[tor-relays] Re: Update: Tor relays source IPs spoofed to mass-scan port 22

[Ralph Seichter via tor-relays <tor-relays@xxxxxxxxxxxxxxxxxxxx>]

* Roger Dingledine:

> We should expect some more days of fallout, while mistaken abuse
> complaints are still being processed by various hosters.

You called it. Mere minutes ago, Hetzner forwarded another complaint,
for a grand total of 9 (yes, nine, what a gruesome level of abuse)
spoofed connection attempts over the course of November 5 and 6.

The destination addresses were part of the known class C subnets already
reported here, and the source of the complaint were of course the
tireless dolts at watchdogcyberdefense.com. Unsurprisingly, I can't tell
if Hetzner is not done processing old complaints, or if the complaining
party is still generating fresh mail based on their accumulated backlog.

Apart from that: My thanks to everybody who helped clamping down on this.

-Ralph
_______________________________________________
tor-relays mailing list -- tor-relays@xxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to tor-relays-leave@xxxxxxxxxxxxxxxxxxxx