|
This may be similar to my situation with my Finland exit relay [1]. I was finally forced to deal with kern overload that shut my cpu down. I had several thousand IP's without hashed fingerprints opting to get into Tor. A combination of hardening, banning and increasing kern processing to 100,000 helped. Since then I have a Consensus Weight of 600 rather than the 8000 before the intrusion. Strange thing: ufw banning and reboot does not seem to stop a few of the Iranian IP addresses--they're still there. -potlatch On 8/19/2019 2:44 AM, niftybunny wrote:
Same here +1On 15. Aug 2019, at 16:43, Tim Niemeyer <tim@xxxxxxxx> wrote: Signed PGP part Hello I've noticed a reduction in tor traffic about 50% since Sunday. The cpu load stayed almost same. The amount of TCP Sessions increased from ~34k to ~65k. Also the abuse rated about network scans got increased since Sunday. Does anyone knows what's there going on? My guess is that since Sunday anyone uses Tor for extended network scans, which results in a very high packet rate. Personally I've no problem with some network scans, but this is a bit annoying and I asked myself if this is still a scan or more a DOS. https://metrics.torproject.org/rs.html#search/family:719FD0FA327F3CCBCDA0D4EA74C15EA110338942 Kind regards Tim --
1. When a distinguished but elderly scientist states that something is possible, he is almost certainly right. When he states that something is impossible, he is very probably wrong. 2. The only way of discovering the limits of the possible is to venture a little way past them into the impossible. 3. Any sufficiently advanced technology is indistinguishable from magic. - Arthur C. Clarke |
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays