[tor-relays] Traffic in port 9050 in a relay (denial of service attack?)
Gordon Morehouse
gordon at morehouse.me
Tue Nov 5 23:56:42 UTC 2013
On Tue, 5 Nov 2013 20:10:09 +0100, jj tor <jjproyects at gmail.com> wrote:
> Hello again,
>
>
> indeed, the port 9050 is closed, but not filtered. I've set up a drop rule
> in the VPS firewall( Parallels Plesk Panel) on this port, but it's not
> working fine.
>
> I am amazed by all the amount of this kind of traffic, more than 700
> packets/second. According to Kent Backman, this is the clickfraud net
> called "Rotpoi$on" (a lot of info at
> https://b.kentbackman.com/2013/04/15/rotpoion-botnet-powered-by-thousands-of
> -servers/)
>
> Maybe I'll be able to block all these incoming connections, but I'm afraid
> that overall relay performance will decrease drastically because all the
> filtering work...
iptables DROP is cheap.
Best,
-Gordon M.
More information about the tor-relays
mailing list