Botnet attack? [was: Re: Declining traffic]

Flamsmark flamsmark at
Mon Apr 26 17:36:17 UTC 2010

On 26 April 2010 09:59, Timo Schoeler <timo.schoeler at> wrote:

> When running tor, I see
> i) CPU cycles being eaten up by tor almost entirely;
> ii) my machine experiences things like those:
> One is a chinese dialup, the other ones are from a big German ISP
> (Deutsche Telekom AG). For me it really seems as there's some kind of
> botnet attack going on.
>  Timo

What makes you think that this is a botnet attack? What are the
characteristics of a botnet attack, and how do these logs exhibit them? If
there are only a few IP addresses, wouldn't that contraindicate botnet
On a loosely related note, it would generally be a good idea to mask IP
addresses on public mailing lists.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the tor-talk mailing list