Greetz, Richie Am 29.10.2024 um 15:12 schrieb mick <mbm@xxxxxxxxxx>:
On Tue, 29 Oct 2024 07:47:53 +0000mick <mbm@xxxxxxxxxx> allegedly wrote:Same here. Middle relay, automated abuse report forwarded by
Hetzner, for alleged scans of TCP port 22 across several related
IPv4 class-C networks. I wondered if that was a mistake on the
reporting third party's end, but given that I am not the only on,
it seems there is more to it.
Me too. Middle relay on Hetzner. Alleged SSH scans from my relay. I
have not yet had time to investigate, but will do so later today.
Mick
I have taken a look at my relay and noted activity like this a shortwhile ago.105.812429380 202.91.162.47 → 95.216.198.252 TCP 54 22 → 18588 [RST,ACK] Seq=1 Ack=1 Win=5840 Len=0113.387329574 202.91.163.206 → 95.216.198.252 TCP 54 22 → 41567[RST, ACK] Seq=1 Ack=1 Win=4128 Len=0So - resets coming from a host I have not attempted to connect to.I have informed hetzner and pointed them to the tor-project note athttps://gitlab.torproject.org/tpo/network-health/analysis/-/issues/85given by Roger Dingledine.Mick--------------------------------------------------------------------- Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 blog: baldric.net---------------------------------------------------------------------_______________________________________________tor-relays mailing listtor-relays@xxxxxxxxxxxxxxxxxxxxhttps://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
|