Hi Gus,
Would you please expand on that a bit please? Was it a single server, a network of them, one provider or multiple of them, etc...?
I doubt this was the work of a single person simply because they were bored. I'm assuming we should still keep a lookout for them to simply rent a bunch of more servers and continue.
By the way, I just received two more abuse reports an hour ago regarding scans that happened on Nov. 6 so this might hopefully be before the stop of the attacks.
Thank you
Enkidu
On 11/7/2024 1:49 PM, gus wrote:
Hello everyone,
I'm writing to share that the origin of the spoofed packets has been identified and successfully shut down today, thanks to the assistance from Andrew Morris at GreyNoise and anonymous contributors.
I want to give special thanks to the members of our community who have dedicated their time and efforts to track down the perpetrators of this attack.
Although this fake abuse incident had minimal impact on the network -- temporarily taking only a few relays offline -- it has been a frustrating issue for many relay operators. However, I want to reassure everyone that this disruption had no effect on Tor users whatsoever.
We're incredibly fortunate to have such a skilled and committed group of relay operators standing with Tor.
Thank you all for your resilience, ongoing support and for making the Tor network possible by running relays.
Gus
tor-relays mailing list -- tor-relays@lists.torproject.org To unsubscribe send an email to tor-relays-leave@lists.torproject.org