Botnet attack? [was: Re: Declining traffic]

Flamsmark flamsmark at gmail.com
Mon Apr 26 17:36:17 UTC 2010


On 26 April 2010 09:59, Timo Schoeler <timo.schoeler at riscworks.net> wrote:

> When running tor, I see
>
> i) CPU cycles being eaten up by tor almost entirely;
>
> ii) my machine experiences things like those:
>
> One is a chinese dialup, the other ones are from a big German ISP
> (Deutsche Telekom AG). For me it really seems as there's some kind of
> botnet attack going on.
>
>  Timo


What makes you think that this is a botnet attack? What are the
characteristics of a botnet attack, and how do these logs exhibit them? If
there are only a few IP addresses, wouldn't that contraindicate botnet
involvement?
On a loosely related note, it would generally be a good idea to mask IP
addresses on public mailing lists.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20100426/0bbf18ee/attachment.htm>


More information about the tor-talk mailing list