Not today, but it happens quite often ....
I get nice abuse mails like this:
Direction IN Internal 188.40.99.164 Threshold PacketsDiff 200.000 packets/s, Diff: 475.160 packets/s Sum 142.643.000 packets/300s (475.476 packets/s), 5 flows/300s (0 flows/s), 198,002 GByte/300s (5.406 MBit/s) External 185.21.xxx.xxx, 142.642.000 packets/300s (475.473 packets/s), 4 flows/300s (0 flows/s), 198,002 GByte/300s (5.406 MBit/s)
xxx out the attackers IP. :)
2016-01-26 20:32 GMT+01:00 Green Dream greendream848@gmail.com:
My hosting provider alerted me of a DDoS attack on one of my relays. It started around 2016-01-26 12:42 UTC. They claim they tried "filtering, routing, and network configuration changes" to mitigate the attack, but as a last resort they temporarily disconnected the host from the network for 3 hours.
I know such attacks are not uncommon, but I'm curious if any other operators experienced a DDoS around the same time?
I'm also curious to know more about the nature of such attacks -- what type of attack was it, what is the general end goal of attacking a random Tor (non-exit) relay, etc. My hosting provider is unable or unwilling to share additional information.
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays