[tor-relays] G-Core Labs and their humanoid robots
Ningú
n1ngu at riseup.net
Fri Jun 11 09:06:36 UTC 2021
On 10/6/21 22:50, Tor Relays wrote:
>
> On Tue, Jun 08, 2021 at 01:56:33PM +0200, Tor Relays wrote:
> And Tor exits are particularly susceptible to getting put on these
> kind
> of blocklists, because all it takes is one person trying to
> connect to the
> honey address, and bam the exit relay's IP address gets on the
> blocklist.
>
> --Roger
>
> This would explain it when the relay in question would be an exit
> relay, but it is an ordinary relay.
>
> Maybe it impacts your own trust level when you frequently connect to
> IPs with a bad reputation (e.g. exits).
Or maybe they flagged as suspicious the activity towards ports 9001?
Maybe its worth the effort to debug this by only accepting tor circuits
involving downstream relays over port 443 for some time so as to see if
G-Core Labs whitelists you again? (No idea how to actually do this) This
could mean an additional point to encourage people to deploy relays on
port 443.
Also, maybe someone is running a relay on port 25/465/587/whatnot and
that is what triggered G-Core Labs alarms? I don't know how to find this
with relay search. Orport shows in the results but searches for
orport:NNN will fail.
> When they don't provide any information it's only speculation
That's it :(
Salut
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20210611/731ca47e/attachment.htm>
More information about the tor-relays
mailing list