unusual connection activity?

[john smith]

I'm guessing you didn't set your Address line

correct

Can you give me a few more hints? Anything else in the logs?

i rarely use the box that runs my tor relay for any other purposes
beyond running the tor relay & when i noticed the details in the log i
had not previously been making any other connections to the internet.
no other applications running on the box beyond the vidalia bundle &
nothing else in the logs really beyond the information i detailed in
my previous mail.

I have disabled many processes within the operating system that could
be regarded as unnecessary [i could detail which ones if you think
that would be useful] however my relay has run for quite a few months
now with these services disabled without anything like this happening.
there is one change that i had made in Administrative Tools>Services
just before starting tor 0.1.2.19 - this was to enable the DNS Client
service which was previously disabled (i had not realised that this
service was disabled) & i enabled it because it is generally regarded
as being a service that should be left running (although this did not
seem to affect the running of my node previously). The windows xp
service DNS client is described as:

"Resolves and caches Domain Name System (DNS) names for this computer.
If this service is stopped, this computer will not be able to resolve
DNS names and locate Active Directory domain controllers. If this
service is disabled, any services that explicitly depend on it will
fail to start."

so, enabling this DNS service was the only change that i made before
running 0.1.2.19 as relay server.

other (maybe useful) info:

the reason i have taken this long to reply to you is because my
internet connection died last night. this problem first occured 2
nights ago & there were some issues with the router these past few
days that my isp attributed to firmware. now i have updated the
firmware & the connection is working again. when speaking with my isp
[BeUnlimited] they explained they had attenuated my connection's
signal to noise ratio to try to achieve maximum through-put/capacity
with a service they call fast path, apparently fast path can lead to
varying degrees of instability [disconnections, intermittent
hard-to-diagnose problems] & my connection was using fast path when
the unusual connection occurred. last night i asked my isp to stop
this service for the time being until i can be sure this isn't
creating problems for me.

during the process of resolving issues with the router my isp offered
me some new DNS addresses for both the preferred & alternate DNS
connections & my connection was using these new addresses when the
'unusual' connection occurred although i was told there were no
reported problems with these DNS addresses.

i don't know if any of the information i provide here will prove
useful/informative - i just try to provide you with as much
information as i can about how my network/connection was running when
the log messages appeared.

Is this repeatable?

as you can see it has been a busy 48hrs in the life of my network/net
connection! maybe some of these changes/problems [firmware/fast path]
were a contributing factor in creating this unusual connection - i'm
not sure.

Do you run a hidden service too?

no

Had your relay been running for a long time or short time before this happened?

my relay had been running nearly 20 hours & some 1.5GB of traffic generated.

well, i try to be as detailed here as i can - i hope to have my relay
running again soon & will keep you posted on any re-occurance of this
issue & of course if you have other questions i will try to answer!

regards,

john smith