[tor-relays] Possible DDoS

[Christian Burkert]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi *,

I'm running a non-exit Tor node for a few months now on a virtual server
hosted in a professional datacenter.

That's the node:
https://globe.torproject.org/#/relay/4C246EA9C950B872FD77F761CEAAB41D93D9764D

Yesterday, December 25th, the support wrote me, that my server is
under a DDoS attack with 2GBit/s lasting over more than two hours. So,
the hoster black holed my traffic to protect the other customers.

The hoster wanted to know which services I'm running and told me that
if I continue running Tor and further attacks will happen, then I
would have to bear the costs.
Eventually, I took down the Tor node to avoid further confrontation.

Now I seek for your interpretation of this event:
- - Has there been more recent incidents against Tor nodes?
- - How can I investigate it?
- - How should one react to a hoster? I mean they could have made up the
whole thing...

Looking forward to your comments
Chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Icedove - http://www.enigmail.net/

iQIcBAEBCgAGBQJUnUdDAAoJEHAzZ6ooPDSy0nMP/1lyHPPFBxpAOvEiWL+ijrvA
SPViJvZH/cPUS/11M7qm+bsZa/fbiRk6kY8ADcY8abe1Z8lHzMYPGwZvKaIijiZG
M8hjCHtMWLipO6iLmVfFskDtRn37Ga2ibEhGkVesDV53kPcotgg4i7tIqIuNb11X
Gnkk+WpYwkrS9nPZjYNLmce093s4lux/N5GyRY/gQii+h9mfDJ++W+1ueNU94UQ0
bvK1wF7MdicWlu0kR49hCgFtDFh7uUjP87MPZmmQYHI82qWhTJxqOuuImrnJew2k
pCFSzn03x/hXg1QFNPNLsqHU9OhUob3/z17Azcpbir15mY4/YE7Gq14/LBM+FKh0
LqGjzaVbQo0hs0kE2yFk5sEP0Dsv5aiOUItqFIMTG52FYZ6cUh/eTxMd6vblHwfU
ujil0rFCRqtmbF6wIDBuXDxc0fmdaRMWTDfSlPxYGkfUaq1tSea1OAvjFpheOcNM
wu9QiTSq9BTLY010iHSYQDknSr+gFkc/ooNLsPV1AAZFyMlG0epLww6tqR7C9hZq
RyEX9piqGal7mU56gETxhDrD0Z/aKgXMbS+KvYfZhopGWEVg5vbWPGxAId53nhr6
hjvLyFmy68hBdbOB/pvp8qvw8veQR3niiHIxhxAl+BIQzXX45x0uVCPHFUpbbLp5
POIwpEJ46oaz7+cddAHf
=TcPt
-----END PGP SIGNATURE-----