[tor-relays] traffic pattern indicates MITM?

ea ea at riseup.net
Mon Nov 19 15:29:18 UTC 2012


For four days the BW graph and usage table of my bridge indicated
noticeable traffic and then the graph dropped precipitously  to near
zero & the table shows no recent usage. Vidalia/tor are working fine. I
did try rebooting my router-modem gateway last night, but as far as I
could monitor it, the traffic has still been near zero (maybe a few KB
every hour or so). If I'm reading it correctly, onionoo is showing that
the bridge is still published.

I'm not complaining about this pattern, but wondering if the abrupt
drop-off in traffic for a still-published bridge is diagnostic of MITM
activity. Maybe there's a way to further monitor my bridge from within
the network? If MITM is suspected, should I shut down the bridge for a
day or so?


More information about the tor-relays mailing list