[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
From: "Dimitris T. via tor-relays" <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Date: Thu, 31 Oct 2024 11:25:30 +0200
Arc-authentication-results: i=1; cacofonix.stinpriza.org; auth=pass smtp.mailfrom=dimitris@xxxxxxxxxxxxx
Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=stinpriza.org; s=mail; t=1730366731; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:autocrypt:autocrypt; bh=SLOUZLdB4UA3AtwRjoePa2QpPrWqrBTEy9g7kXQ0bK8=; b=ATfI6hWdiA9OsNMaVAcTKdVAG7bcjsVxrn7PRfn0AgXO5oGZ5g/SugBUAAc7LU6ABKsov5 VNa9h3L6XlzPk2AfD/JlUZvQ87pGyMrdGu090RTipcfQHZUFgRRU68XKS38ihJuSK4kVy2 ms4/yOJGU3/hqTXQlELa9ZTu4CkxCnBaU4IH+9q1IKpji343AwgAtXvYvIUK55xmMe1YJE SR1ujpVh++s/wPZy9TDe2NwT1JtHey8GzH0AygDulvK/i4Zhe5gfho/usudvUlnJioJuJC nm8VY3HF6ggXPRmuTLvgbLFjBXRJysUWD8KxU1sntxgq7eUJB/+cIDxDb57qiQ==
Arc-seal: i=1; s=mail; d=stinpriza.org; t=1730366731; a=rsa-sha256; cv=none; b=tklI/X4SgT8hvEMwdQzLwLmEeO20Ez+XF6cRdJmnJ60VVUtoFecuoWjbpSAd7XQek3O5HG HjRfEvZQaTiyMC4BrgkDKewNYo7hjroQAGFt54wKiMn1DQbuNd7fRl8M46ldTh9mZSFpQt KYuoDaAKYkCvyKpn8CMuY/SsG3vKJvxP+YAhq+Rjth58KIIxHSrqL3LF/fA5K1/Ew4BUuT FiwsYVbkFeN6zcbOuVlvLpvExkLu6IbfdDXMXavZrCS0gTF8BXxCglJ6/B6Cde0hd23cZ8 /zqI7lRadgxSF+uqc5lmNWpbVd5dADJPyGKP6X9C7IpWlN84v+g4xIC52syXxA==
Autocrypt: addr=dimitris@xxxxxxxxxxxxx; keydata= xsFNBFT3A/8BEADDwSYJ2HFTO+Gego1uURdui0n95VmXK9hCkp3B8zU0YIOlek8GB9wyFmed Bzu3PQMVWkH29rmkD5aPjvq0ctaYpAj3i10V9BE4/6dS7rL2x4+HXod3pByHOiso/Py50bG3 IS20z0fhnJYaQj4e35TMd+XIXAqGe5HEef+LJlzxD9XmmfrskvYt7+tmVCejH8A2Cb7mK2Ri fEAg3VjbBbLwbw1EVvel3grZM5vv9RCIu3kqRaoCVAI/Rbg9HOqFFajQpCtNzR5tE8PNNdzA d0qXdKosEvvPoKOP59xuvFO6LcizxdmGsvQLnQUnHyRNnWerdSpq22Byzw0PhxAK//eIp9gS V6wbm0ArudJBFdkLX4n9uXyA9yY33ReaPO4xZIr+PYF/BodkOkd10oi1Ej+CJ97F+M5VaWGK AqzvzsunGkdEpavpvK2uAcl3f8b5uoYGIkxo/gA8Tq7cLV84OcU3M7jKk2vhfOVLOufDobKb vqpwu5VGevjwXnv6qiiDVezXDy3IcxrPh6+YEBeusvRkYer3bgREYhSVBXRyqBTywGqVodQu +CGvwqOWHdGv+XtONaHCSdQn+33pRcD9yQ9MfoEFKxj/A6c3tlwEhbEpj+3DKhwmb8pzgp1N EnyowKecXuaoyGd7Ifnx0QGr1xCFN4Lnmd/IEBfc/HTCvP5U2wARAQABzSFEaW1pdHJpcyA8 ZGltaXRyaXNAc3RpbnByaXphLm9yZz7CwZQEEwEKAD4CGyMFCwkIBwMFFQoJCAsFFgIDAQAC HgECF4AWIQQKmlQVQXsL1r562H/2NABHdWlrhgUCZSzzQgUJE/kHUQAKCRD2NABHdWlrhjwF D/4qkRUPZ8Lk+Q4gyaJ0Mptj+YVaWizPg4pGLqQJfO6VwwRFuS1XoSIZAr85yaY4EVkdu2In uXOrD4sEQQX4oaxYeYELjbfLzABEJ5f8GtN7rJiaCbn8ItJDai5h8mE/9obFiJxWT1+bP23I dlOxqsIaI+F9hGzou6NxzgS5Hp/kvrJbMcBIwYjxZagtk73wDKMbA+Te6A2ImuLweWuktEjM JnytXZKhM7P+vgeo2oGOCyAAiB765yoXT77D0HlODp390zEZecGY7jh4DyuLu1rmSvasBw7k R1SWXPaNI05BqjTpmtJHEs+fGkUKvYWi4dsBMozzOlgETY1QRlMI3KE/CByuj/Qbast6R5kt t3uF9+opZ8H6NnaRaKnVlD3N/U5OcE2pbjj/Arie5dLUdiWW10FDFXwqiMJET6WAQV6QdZYR Plc3dZSFN59Tpo1OAoYinvJxBrCJ4bCSwlVdKZ4UIxKc2kVTrDl1783ZDlmARwjchdBI9Qk6 3QqZ3s2GFqKe7e2u3RiF+U1cy1GVpgnFCtSI4U20F57UEnyg7sS7HmRIOVL2/I90/c4+ywLk jtOcX2QRj8yP58aWBu3yjOnNMku95fXhIjAXlgeJpyNyoUp+y5HoDdShqPYd6aOhr4f3tPL7 5RYCNmnAtGAhZPxgTS4DBt0ANhmglkqjmlk7lM7BTQRU9wP/ARAA57HAZOhRve2gP4Jbc7GJ VQThMAMUo1gxaWDpxKqqNwuaf1QjAaF44jmhuTRGQeYFNQrAYDd1iHBOzwKDdQF03tL6PgGR E1s9kgpt3mQ4JK3gKuJgD+KdzY4qRyjfKYBrfrVDuaJl5wZ54lq2tGJ14SBS4+wziiY3aJoy lT0RazXCbADBjENKVBgSj0oZ4aY4ou2WZgCXMWySy+LHeEeMtSokBwDaXkHUCASwP1ZeIXy6 uZHO2pOKYFNfkRgTr75IR8pB33rB0a8IFgBxKfa6OVCZTUSzdZbNkgJL3xOa7lAEZEHoci5l k/1rnDA3ZDP257upbrTdOaCIR0yv+SretBCIgZbudPYrohuv2Ie4xX+X9v/kE1sj4DfrxLV+ qPO2Bv/P42WmBSUOPOeOfonuxwRsqa9I10U2/tDpJTt4Av7/O3P2Xt/XoS9w6e1aeOCmc21e 74YLabAwrPTJw7qdLP1SHGCAoRMWmpvEb4ZYgFyGFG2RbEtlbz/ha+lDEvlyRkOOlkFsZSU1 u2gHT6yU5evnGdLFUJ56jZHFrMLAKd3lYPk4B+PgoIJrKqNDSpAogpK0olZ4z0zL83oAk1B7 yXepsJKvQ6nhJhHuzc9MUiz2cvzgOUWtG5nvYFtH++GhLsbpOC0MLOj+/olD3tq0U/zK+lmQ C7zM31d26eJbodEAEQEAAcLBhgQYAQoAJgIbDBYhBAqaVBVBewvWvnrYf/Y0AEd1aWuGBQJl LPNCBQkT+QdRABQJEPY0AEd1aWuGCRD2NABHdWlrhvD0D/9G4WJM7MME4yEVUADa6mo1Z5sL USpCQcRNaklTzVFwH3Kr9CTKWWpdEAdKxICmQBXdArGDUaMlsyO3DMGdqN/6VOFgtt4y3jwX vHvBV3q384m7Ld5rjYIEmIycAbvmtXPbCA+PlswkpQZO9VVnhbMuIW0q6gmJXcKH+X534qJs MkhuNIyDp02F2oN2M9lEF4lR2DBkows84i4rand+xhEcnorBkELKCz9i9XEp/kezRphPmhUt q95O41duSve23D5O3VNCPKox3gYpEk3HnB7gHo8qZCtQoTBdANRVfWXXETMlgo8GbviVkKio df0VyuaO1Wi00ZEpXik4YIy7f9NFC2v/t8zxV6+8UkHhHqTkTGB6w3kwRJ2rXis3J7tHc0s0 KYPUccwtVMIC4uEYFZOumXxH0eR1P3mgyzdLo+/zAAkrafzu/SW6wu2xj42Aya8pPU/BG+RW HnrxOygdRO48+ceFEnEgerLmsHrfZ5GXEBjP1kNmx9yuLbWdgeORyxvqrogdZFJE9YmZIYwQ DK/qmllhEOEQ9f7/iq4sIZ5P/0pmDJuCVTij/EW+PlRIXa590b79OqF0d2Ar6Xvi/a6K82Dw 9lvx7+r313thNvx82TzFLNJ11wUmxDCTPqtXzwbZrCmDIeYbLYGUaavRXMTFJRnrVuGHHdxD LDzPAItN8Q==
Cc: "Dimitris T." <dimitris@xxxxxxxxxxxxx>
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 31 Oct 2024 07:26:01 -0400
Dkim-signature: v=1; a=rsa-sha256; c=simple/simple; d=lists.torproject.org; s=2022-eugeni; t=1730373954; bh=GbiAwZmqDokPzPzXOMDXb81FxqOJ011ypxsApyY31NA=; h=Date:To:References:In-Reply-To:Subject:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc: From; b=f7MJRmVs2UkOpiJAk1kc0vDsQusxNQpJIoU+C8M5EnSQb0+2YPgXoDpZIH3YxScjC neeAz6KoiyquX2KMceJMeKZCNxKW4XEHkcavrxT1QtSbeHhfsQxoFNQeZKwNr4pPEF 6CndFOCjdNsmsuoLFbwRN0uQMIbcRHMmYBHt18kIXaXM5jNwZv+5/eSDGuQO9zey3n rlyTZ486Zwx2s9rs8dVcqyWdHhfgWSDlW66o9gf3A7dwTJpP+PAIkA8xgZSSqIOoO2 Am/j57Pm4b2bOhqvk9VLjMjkc9r+J4WK67h0+TUp92vs/1+vE6MEnXo9sjZIF3/jL8 jp56vtKeCxEnw==
In-reply-to: <20241029132317.1b8d4c28.mbm@rlogin.net>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <CA+V6dmizGEo4Y=3tCFmK_xNm7W=d7zh4W=0aypyyzVR+Hn4uoA@mail.gmail.com> <D5820VWCTMJZ.3DZ0C1VS96GKW@ml.seichter.de> <20241029074753.7d783593.mbm@rlogin.net> <20241029132317.1b8d4c28.mbm@rlogin.net>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla Thunderbird

Hey all,

similar situation here with hetzner.. got a first report 2 days ago, andjust a while ago got another abuse report, by the samewatchdogcyberdefence.... with more alleged activity from our ip...

like everybody else, there's nothing coming out from our relay ip, so westrongly believe "Theory three"[1] .

d.

[1]https://gitlab.torproject.org/tpo/network-health/analysis/-/issues/85#note_3097528


Στις 29/10/24 15:23, ο/η mick έγραψε:

I have informed hetzner and pointed them to the tor-project note at
https://gitlab.torproject.org/tpo/network-health/analysis/-/issues/85
given by Roger Dingledine.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
  - From: mick

References:
- [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
  - From: Pierre Bourdon
- Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
  - From: Ralph Seichter via tor-relays
- Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
  - From: mick
- Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
  - From: mick

Prev by Author: Re: [tor-relays] Botnet targeting Tor relays
Next by Author: Re: [tor-relays] Next Tor Relay Operator meetup - October 26th, 2024 at 1900 UTC
Previous by thread: Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
Next by thread: Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
Index(es):
- Author
- Thread