[tor-relays] DoS attacks are real
tordoswitchhunter at airmail.cc
tordoswitchhunter at airmail.cc
Sat Dec 16 15:35:18 UTC 2017
This message might be a bit controversial as I am disclosing bunch of
client IPs, but you should check incoming ORPort connections on your
relay, compare those IPs with usual clients and judge for yourself. I do
not believe those are real Tor clients. Those IPs have been collected
today from my guard node.
Most of them are from LeaseWeb and OVH.
:torrelayfilter - [0:0]
-A INPUT -p tcp -m tcp --dport 9001 -m connlimit --connlimit-above 4
--connlimit-mask 32 --connlimit-saddr -j torrelayfilter
-A torrelayfilter -s 198.7.59.194/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 199.115.112.79/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 207.244.70.120/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.178/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.191/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 207.244.110.200/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.177/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.179/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 85.10.193.240/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 162.210.192.70/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.188/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.180/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.185/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.187/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.190/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.104/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.106/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 149.202.66.206/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.186/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.184/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.192/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.193/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.103/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.107/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 54.36.51.189/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 51.15.161.135/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 213.227.137.6/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 212.83.3.154/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 5.79.72.231/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 212.32.226.237/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 51.15.162.120/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 5.79.77.152/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 213.227.137.7/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 95.211.95.10/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 95.211.95.18/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 212.32.226.236/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 95.211.95.14/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 5.79.72.66/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 5.79.77.151/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 213.227.137.8/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 37.48.86.87/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 37.48.106.246/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 37.48.86.90/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 212.32.226.235/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 37.48.86.89/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 213.227.137.5/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 37.48.104.231/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 37.48.106.245/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 213.227.137.10/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 37.48.86.88/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 213.227.137.9/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 212.32.226.234/32 -p tcp -j REJECT --reject-with
tcp-reset
-A torrelayfilter -s 37.48.105.240/32 -p tcp -j REJECT --reject-with
tcp-reset
More information about the tor-relays
mailing list