[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] Tor node break-in attempts

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-relays] Tor node break-in attempts
From: Larry Brandt <lbrandt@xxxxxxx>
Date: Thu, 22 Oct 2015 12:13:00 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 22 Oct 2015 15:23:12 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0

Hello,

I need some advise on a situation new to me. I operate a VPS exit nodein Romania, a VPS guard node in the Czech Republic, a middle node andbridge in the US. All are SSH public key authentication protocol 2.Over the last 5 weeks all of these servers have been under attack by IPsin the range 43.229.52.00 to 43.229.55.255. Maybe 24 different IPaddresses. I have contacted the operator in Hong Kong on four differentoccasions but I've received no relief from the attempted attacks norhave they communicated back to me--as I have requested. Attack countsare in the 100,000s.I have no personal information stored on any of these servers--onlypublic info via Tor is available. And then, how the hell did they getthe address of my bridge?I see break-in attempts all the time but never at this volume. Thebreak-in attempts have been thwarted to date and will probably remainso. But I find the situation disconcerting and irritating.Should I ignore these efforts? Should I send abuse reports to someone?Who? Any sage advice out there?

Did I give away any secure info just now?  lol
LB


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Tor node break-in attempts
  - From: Josef Stautner

Prev by Author: Re: [tor-relays] (no subject)
Next by Author: [tor-relays] Faravahar messing with my IP address
Previous by thread: Re: [tor-relays] Faravahar messing with my IP address
Next by thread: Re: [tor-relays] Tor node break-in attempts
Index(es):
- Author
- Thread