[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] So long and thanks for all the abuse complaints

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] So long and thanks for all the abuse complaints
From: r1610091651 <r1610091651@xxxxxxxxxx>
Date: Tue, 05 Dec 2017 19:21:58 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Tue, 05 Dec 2017 14:22:29 -0500
In-reply-to: <81bf7428-0c79-2a5a-ca5c-c47e56ab27eb@monksofcool.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <CAHvkzy==7nYcsV5XBGusR8BnJD7-w5m-0Qbq0wZgrhj_4Bx8JQ@mail.gmail.com> <5ea33e7f-5aa5-7afd-cf79-2b95f71dd5e1@monksofcool.net> <8f46b869-d94e-155a-de14-742c646f58cd@monksofcool.net> <CAD4+ng-ruXw_5QeS1dNZT-ffxV30HMRKniPFScNZm3PADqeoWA@mail.gmail.com> <81bf7428-0c79-2a5a-ca5c-c47e56ab27eb@monksofcool.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

I think it is relevant.

There are two sides to creating a connection and traffic can be filtered on both ends.

On the initiator: any invalid outgoing packets can be filtered

On the receiver: any not expected / invalid packets can be filtered

Just a question: how can the hoster determine whether a packet is part of a port scan or valid connection request?

Unless the packet is mangled/invalid (ex: out of sequence like fin / syn scan) it can't as it is unaware what services are running at the other end. Effectively what the hoster is also doing, is imposing a rate limit on rate and number of connections.

On Tue, 5 Dec 2017 at 19:51 Ralph Seichter <m16+tor@xxxxxxxxxxxxxxx> wrote:

On 05.12.17 19:24, r1610091651 wrote:

> Having servers on-line and complaining about such things is just
> unreasonable and laziness on the operator side: don't want scans,
> then setup proper firewall rules. Done.

Your comment is not applicable in this particular case; please read my
other messages in this thread to see why.

-Ralph
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] So long and thanks for all the abuse complaints
  - From: Ralph Seichter

References:
- [tor-relays] So long and thanks for all the abuse complaints
  - From: James
- Re: [tor-relays] So long and thanks for all the abuse complaints
  - From: Ralph Seichter
- Re: [tor-relays] So long and thanks for all the abuse complaints
  - From: Ralph Seichter
- Re: [tor-relays] So long and thanks for all the abuse complaints
  - From: r1610091651
- Re: [tor-relays] So long and thanks for all the abuse complaints
  - From: Ralph Seichter

Prev by Author: Re: [tor-relays] So long and thanks for all the abuse complaints
Next by Author: Re: [tor-relays] DoS attacks are real (probably)
Previous by thread: Re: [tor-relays] So long and thanks for all the abuse complaints
Next by thread: Re: [tor-relays] So long and thanks for all the abuse complaints
Index(es):
- Author
- Thread