[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] Re: Hetzner abuse reports

To: "support and questions about running Tor relays (exit, non-exit, bridge)" <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: [tor-relays] Re: Hetzner abuse reports
From: Johan Nilsson via tor-relays <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Date: Sun, 15 Mar 2026 18:29:59 +0100
Cc: Johan Nilsson <jn@xxxxxxx>
In-reply-to: <f343a169-8ebf-7c26-8134-ad02bddcdbe3@nerdbynature.de>
List-id: "support and questions about running Tor relays (exit, non-exit, bridge)" <tor-relays.lists.torproject.org>
References: <4a2c1a64-f99f-0d1a-cf49-584f3ce9fedf@nerdbynature.de> <f343a169-8ebf-7c26-8134-ad02bddcdbe3@nerdbynature.de>
Reply-to: "support and questions about running Tor relays (exit, non-exit, bridge)" <tor-relays@xxxxxxxxxxxxxxxxxxxx>

On Sun, Mar 15, 2026 at 04:47:13PM +0100, Christian Kujau via tor-relays wrote:

This just happened again, and Hetzner forwarded another abuse report to
me. This time the "target" addresses were all part of a group called "1st
Amendment Encrypted Openness LLC" and they themselves are running Tor
infrastructure - unlikely that they contacted Hetzner about connections
from other nodes. Destination port was always 443/tcp (https).

But now I see the post "Advisory: Unauthenticated remote trigger of
Hetzner's "Netscan" detection" from invisibleprefixes on this list[0] that
explains the whole thing in detail -- thank you for posting that!

I hope Hetzner reads their emails and understands this issue. But I'm
unsure what they are supposed to do here. Can these "portscans" maybe
prevented on a technical level from the relay's end?


Please don't try to solve this on your relay. Relays should be able to
reach all other relays all the time and must not interfer with the
traffic they should relay.

Best regards,
Johan
_______________________________________________
tor-relays mailing list -- tor-relays@xxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to tor-relays-leave@xxxxxxxxxxxxxxxxxxxx

Follow-Ups:
- [tor-relays] Re: Hetzner abuse reports
  - From: Christian Kujau via tor-relays

References:
- [tor-relays] Hetzner abuse reports
  - From: Christian Kujau via tor-relays
- [tor-relays] Re: Hetzner abuse reports
  - From: Christian Kujau via tor-relays

Prev by Author: [tor-relays] Re: IPV6 Reachable ?
Next by Author: [tor-relays] Save the date - Updates about Relay Operator Meetup in France
Previous by thread: [tor-relays] Re: Hetzner abuse reports
Next by thread: [tor-relays] Re: Hetzner abuse reports
Index(es):
- Author
- Thread