[tor-relays] What to do about port scans?
swsnyder at snydernet.net
Wed Jul 31 18:48:05 UTC 2013
I wouldn't have thought that the Tor network was fast enough for port
scanning, but apparently it is. I have recently seen a rash of SSH port
scanning (or so my ISP reports). What can/should I do about this?
I know I can limit the rate of connections using iptables. What's the
consensus on this? Is this considered advisable, or a breach of
expected exit node behavior?
Do I have any options other than iptables to restrict the rate of port
22 connection attempts?
More information about the tor-relays