[tor-relays] attack on my Finland exit/backup directory [9B31F1F1C1554F9FFB3455911F82E818EF7C7883]
potlatch
potlatch at protonmail.com
Wed Aug 28 04:34:40 UTC 2019
I still haven't been able to rid myself of the Iranian servers revealed on the NYX connections page. I don't know their purpose but they slow the relay by about 85%. I have dropped them in the iptable input chain, restarted the VPS, but they show up after a day or two in spite. Today there were 121 of them with a large range of IPs. There have been as many as 1400 in a single day. None have identifiable hashed fingerprints.
I've enclosed a couple attachments of my input table (partial) and the NYX connection page (also partial).
Can anyone enlighten me regarding this situation? I will probably dump the exit relay if I can't fix this intrusion. Thanks people!!
-potlatch
Sent with [ProtonMail](https://protonmail.com) Secure Email.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20190828/86184d11/attachment-0001.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Fin_intrusion.txt
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20190828/86184d11/attachment-0001.txt>
More information about the tor-relays
mailing list