[tor-relays] OVH Mitigation
Dr Gerard Bulger
gerard at bulger.co.uk
Wed Sep 9 11:00:37 UTC 2020
I know we should dilute our dependence on OVH, but cheap and seem to ignore
the fact the machine is an exit node.
OVH has a seemingly patented a system to deal with denial of service
attacks. I am not sure what they detect but when they do we get this:
"We have just detected an attack on IP address x.x.x.x. In order to protect
your infrastructure, we vacuumed up your traffic onto our mitigation
infrastructure. The entire attack will thus be filtered by our
infrastructure, and only legitimate traffic will reach your servers. At the
end of the attack, your infrastructure will be immediately withdrawn from
the mitigation"
To be fair, the automated system takes it off after an our or two. If my
tor server is left in this mitigated state, the tor exit gets labelled a BAD
EXIT which is something to avoid as takes days to be trusted again. As
soon as I get their email I now stop TOR to prevent that embarrassing label,
and perhaps doing so stops whatever it is OVH is detecting. Being shutdown
for a few hours seems better than being a bad exit.
Gerry
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20200909/bd841826/attachment.htm>
More information about the tor-relays
mailing list