Hello all,

In the past 24 hrs, I have been receiving complaints from my hosting provider that they're receiving hundreds of abuse reports related to port scanning. I have no clue why I'm all of the sudden receiving abuse reports when this non-exit relay has been online for months without issues. In addition, I have other non-exit relays hosted by the same provider with no issues and more across other providers.

I proceeded to reinstall the OS and reconfigure Tor.  I was then quickly notified by my hosting provider again of more abuse reports all showing port 22 as target port.

I have not changed my torrc at all and it's still setup as a non-exit relay. No other applications/services were installed alongside Tor. Tor Metrics does not show the relay as Exit either.

It feels like Tor Exit Traffic is leaking through my non-exit relay?

Has anyone else experienced any behavior similar to this? Any ideas on how to fix or prevent this?

prsv admin