5 Nov
2013
5 Nov
'13
5:42 p.m.
@jj tor
The fact that your relay is refusing connections says that the port isn't open, which is a good thing.
I suspect that persons unknown have port scanned your VPS, realised that you have Tor running (on standard ports) and is speculatively using a bot to (hopefully) connect to the SOCKS interface.
I would
a) move the Tor relay to non-standard ports b) use iptables to drop all incoming connections apart from the (new) Tor ports and shell access.
Best,
--
Parity
parity.boy@gmail.com