[tor-relays] Bots, love 'em or hate 'em?

starlight.2015q3 at binnacle.cx starlight.2015q3 at binnacle.cx
Wed Aug 19 15:11:59 UTC 2015

My relay says it receives about 50k v1/v2/v3
connections each day to the 60k v4
connections that come in.

"Entry-ips" says it has about 35k guard-
clients.  Blutmagie says there are no
pre-0.2.4 relays talking anything other
than v4.

So I'm left thinking that 95% or more of the
bandwidth consumption and client count is from
crusty old botnet bots running ancient versions
of the Tor daemon.

But all that bot traffic creates a lot
of statistical "background noise," and
so may be providing a service in making
it more difficult for advanced adversaries
to perform traffic correlation analysis.

Thoughts anyone?

More information about the tor-relays mailing list