[tor-relays] Tor node break-in attempts

Larry Brandt lbrandt at cni.net
Thu Oct 22 19:13:00 UTC 2015

I need some advise on a situation new to me.  I operate a VPS exit node 
in Romania, a VPS guard node in the Czech Republic, a middle node and 
bridge in the US.  All are SSH public key authentication protocol 2.  
Over the last 5 weeks all of these servers have been under attack by IPs 
in the range to Maybe 24 different IP 
addresses.  I have contacted the operator in Hong Kong on four different 
occasions but I've received no relief from the attempted attacks nor 
have they communicated back to me--as I have requested.  Attack counts 
are in the 100,000s.
I have no personal information stored on any of these servers--only 
public info via Tor is available.  And then, how the hell did they get 
the address of my bridge?
I see break-in attempts all the time but never at this volume.  The 
break-in attempts have been thwarted to date and will probably remain 
so.  But I find the situation disconcerting and irritating.
Should I ignore these efforts?  Should I send abuse reports to someone?  
Who?  Any sage advice out there?
Did I give away any secure info just now?  lol

More information about the tor-relays mailing list