Abuse received for middle node (part of the curent problem)
I have just received two abuse messages from ISP Scaleway Elements for two of my middle nodes. Until now I thought this was not possible. No problem for me. Only here for your information. Olaf
On 11/2/20 3:53 PM, Olaf Grimm wrote:
I have just received two abuse messages from ISP Scaleway Elements for two of my middle nodes. Until now I thought this was not possible.
No problem for me. Only here for your information.
This happened to me a while ago, even though there was no exit traffic from the long-term relay. Roger mentioned that sometimes the suspicious are confusing ingress and egress traffic. Sounds idiotic, but that would speak to the state of the sysadmin craft today. I do think it's worth asking them if they're sure it's incoming and not someone connecting *from* their network. g
On Mon, Nov 02, 2020 at 09:53:09PM +0100, Olaf Grimm wrote:
I have just received two abuse messages from ISP Scaleway Elements for two of my middle nodes. Until now I thought this was not possible.
No problem for me. Only here for your information.
I get periodic abuse complaints to my directory authority, from people who think I am attacking them, when really what they are seeing is connections from *their* users to *my* Tor relay. Their crappy firewall software interprets the "syn ack" from my server as being an outgoing connection attempt to them, and so they think they need to complain to my hoster. See one example that somebody else experienced here: https://lists.torproject.org/pipermail/tor-relays/2020-May/018450.html Keep fighting the good fight, --Roger
On 02.11.2020 23:26, Roger Dingledine wrote:
See one example that somebody else experienced here: https://lists.torproject.org/pipermail/tor-relays/2020-May/018450.html
Yeah that was me. I changed the ports of the relays in question to 443 and 80. Then there was silence. ;-) Deeply confused ISP Masergy didn't reply to an email from me. -- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!
lists@for-privacy.net a écrit :
On 02.11.2020 23:26, Roger Dingledine wrote:
See one example that somebody else experienced here: https://lists.torproject.org/pipermail/tor-relays/2020-May/018450.html
Yeah that was me. I changed the ports of the relays in question to 443 and 80. Then there was silence. ;-)
I agree with you sir. Sysadmins are watching logs all the time, but if they see 80 and 443 they will close their eyes. If your 80/443 is already in use on your machine, then try 143/993(imap), 110/995(pop3), etc... -- GnuPG: AE157E0B29F0BEF2 at keys.openpgp.org CA Cert: https://dl.casperlefantom.net/pub/ssl/root.der
participants (5)
-
Casper -
George -
lists@for-privacy.net -
Olaf Grimm -
Roger Dingledine