Abuse received for middle node (part of the curent problem) - tor-relays - lists.torproject.org

List overview All Threads
Download

Abuse received for middle node (part of the curent problem)

Possible compression bomb,...

Can't update tor relay on Debian,...

Olaf Grimm

2 Nov 2020 2 Nov '20

8:53 p.m.

I have just received two abuse messages from ISP Scaleway Elements for two of my middle nodes. Until now I thought this was not possible.

No problem for me. Only here for your information.

Olaf

Reply

Show replies by date

George

2 Nov 2 Nov

10:23 p.m.

On 11/2/20 3:53 PM, Olaf Grimm wrote:

I have just received two abuse messages from ISP Scaleway Elements for two of my middle nodes. Until now I thought this was not possible.

No problem for me. Only here for your information.

This happened to me a while ago, even though there was no exit traffic from the long-term relay.

Roger mentioned that sometimes the suspicious are confusing ingress and egress traffic. Sounds idiotic, but that would speak to the state of the sysadmin craft today.

I do think it's worth asking them if they're sure it's incoming and not someone connecting *from* their network.

g

Reply

Roger Dingledine

10:26 p.m.

On Mon, Nov 02, 2020 at 09:53:09PM +0100, Olaf Grimm wrote:

I have just received two abuse messages from ISP Scaleway Elements for two of my middle nodes. Until now I thought this was not possible.

No problem for me. Only here for your information.

I get periodic abuse complaints to my directory authority, from people who think I am attacking them, when really what they are seeing is connections from *their* users to *my* Tor relay.

Their crappy firewall software interprets the "syn ack" from my server as being an outgoing connection attempt to them, and so they think they need to complain to my hoster.

See one example that somebody else experienced here: https://lists.torproject.org/pipermail/tor-relays/2020-May/018450.html

Keep fighting the good fight, --Roger

Reply

lists＠for-privacy.net

3 Nov 3 Nov

10:13 p.m.

On 02.11.2020 23:26, Roger Dingledine wrote:

See one example that somebody else experienced here: https://lists.torproject.org/pipermail/tor-relays/2020-May/018450.html

Yeah that was me. I changed the ports of the relays in question to 443 and 80. Then there was silence. ;-) Deeply confused ISP Masergy didn't reply to an email from me.

-- ╰_╯ Ciao Marco! Debian GNU/Linux It's free software and it gives you freedom!

Reply

Casper

7 Nov 7 Nov

7:38 p.m.

lists@for-privacy.net a écrit :

On 02.11.2020 23:26, Roger Dingledine wrote:

...
See one example that somebody else experienced here: https://lists.torproject.org/pipermail/tor-relays/2020-May/018450.html

Yeah that was me. I changed the ports of the relays in question to 443 and 80. Then there was silence. ;-)

I agree with you sir. Sysadmins are watching logs all the time, but if they see 80 and 443 they will close their eyes. If your 80/443 is already in use on your machine, then try 143/993(imap), 110/995(pop3), etc...

-- GnuPG: AE157E0B29F0BEF2 at keys.openpgp.org CA Cert: https://dl.casperlefantom.net/pub/ssl/root.der

Reply

1477

Age (days ago)

1482

Last active (days ago)

tor-relays@lists.torproject.org

4 comments

5 participants

tags (0)

participants (5)

Casper
George
lists＠for-privacy.net
Olaf Grimm
Roger Dingledine