[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] DoS from my tor guard VPS
On 15 November 2016 at 20:41, Arisbe <arisbe@xxxxxxx> wrote:
> One of my tor guard relays is a medium size VPS operating in the Czech
> Republic. It's been up and stable for several years. Several weeks ago I
> was notified that my VPS was a source of UDP DoS traffic. It was shut down.
> Logs showed no intrusions.
>
> I installed a different instance of linux, changed my SSH port, added
> fail2ban and even installed clamav. I did not make changes to the tor exit
> policy. Then, this week I received the following:
>
> "Hello,
> surveillance system detected a disproportionate outgoing DoS traffic on your
> VPS torexitcz and then our network under a DDoS attack. Your server
> torexitcz has been stopped. This is another problem with your VPS. Your
> service will be terminated.
> Thanks for understanding."
>
> Can anyone offer an opinion as to how my relay was used for DoS? How can I
> avoid this in the future? My goal, as always is to provide stable nodes to
> the tor network while protecting myself and my VPS supplier.
>
> 4061C553CA88021B8302F0814365070AAE617270
> 185.100.85.101
Your relay allows exit, and based on the name that seems intentional
If you don't want it to possibly be used for attacks, you should not run an exit
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays