Scott Bennett wrote:
> I still don't understand the thinking of those people. I have no reason
> to believe that the Chinese government is allowing the NSA to control IP
> addresses allocated to, and served inside, China. It makes no sense at all,
> and leads me to conclude that the whole l
On Thu, 20 Dec 2007 13:11:15 + Mike Cardwell <[EMAIL PROTECTED]>
wrote:
>Kyle Williams wrote:
>
>> This is just a theory, no hard facts to back it up.
>> When I'm messing around with Tor's ControlPort, I've noticed that my Tor
>> traffic just hangs until whatever I'm doing on the ControlP
On Wed, 19 Dec 2007 13:44:09 -0800 "Kyle Williams"
<[EMAIL PROTECTED]> wrote:
>On Dec 19, 2007 12:46 AM, Scott Bennett <[EMAIL PROTECTED]> wrote:
>
>> A little while ago, I added another filter rule to the router here to
>> stop an apparently endless, rapid-fire series of directory request
On Wed, 19 Dec 2007 10:17:08 -0800 "F. Fox" <[EMAIL PROTECTED]> wrote:
>I know on HyperWRT/Thibor, it has QoS functions for port ranges and
>Ethernet ports.
>
>I recently moved "kitsune" to an older machine (still enough for the
>small amount of bandwidth I'm relaying anyway - and at least it'
On Wed, 19 Dec 2007 10:46:56 -0500 Roger Dingledine <[EMAIL PROTECTED]>
wrote:
>On Wed, Dec 19, 2007 at 02:46:04AM -0600, Scott Bennett wrote:
>> A little while ago, I added another filter rule to the router here to
>> stop an apparently endless, rapid-fire series of directory requests h
On Wed, 19 Dec 2007 09:11:02 -0500 Michael Holstein
<[EMAIL PROTECTED]> wrote:
>> The symptom, like the last time, was that output rate on my
>> machine's main Ethernet interface was running steadily around the transmit
>> rate limit imposed by my ADSL line.
>tweak as desired ... this would pe
On Wednesday 19 December 2007 21:44:09 you wrote:
>
>
> BTW, the SOA for your DIG request, ns.bta.net.cn (202.96.0.133), had a
> direct match on http://cryptome.org/nsa-ip-update13.htm
> Just thought you should know...
Anyone know what 'NSA-Affiliated' actually means?
I can't find a cryptome defi
I assume a correlation between these two events, although I wonder how
(blocked) window shrinks could lead to this. My idea was to
automatically search in syslog for window shrink events and then block
the guilty IPs for 24 hours with iptables. But I hope that anybody
understands what was the
Hello,
On 19.12.2007, at 09:46, Scott Bennett wrote:
Is anyone else having this kind of trouble, regardless of the apparent
origin(s) of the attack(s)?
This night I some TCP attacks (?) reported by syslog. About one half
on TOR's Dir Port, the rest on port , approximately also opened by
T
Kyle Williams wrote:
This is just a theory, no hard facts to back it up.
When I'm messing around with Tor's ControlPort, I've noticed that my Tor
traffic just hangs until whatever I'm doing on the ControlPort stops.
There have been a couple of times where I do something very wrong on the
con
On Dec 19, 2007 12:46 AM, Scott Bennett <[EMAIL PROTECTED]> wrote:
> A little while ago, I added another filter rule to the router here to
> stop an apparently endless, rapid-fire series of directory requests
> hitting
> my tor server's DirPort from 125.35.9.66, which appears to be in China.
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Roger Dingledine wrote:
(snip)
> My first guess is that it's a runaway Tor client, or a runaway cache
> between the Tor client and you, rather than any intentionally abusive
> behavior. (It's amazing what can go wrong on the Internet when you have
>
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
I know on HyperWRT/Thibor, it has QoS functions for port ranges and
Ethernet ports.
I recently moved "kitsune" to an older machine (still enough for the
small amount of bandwidth I'm relaying anyway - and at least it's a
dedicated Linux box now!).
On Wed, Dec 19, 2007 at 02:46:04AM -0600, Scott Bennett wrote:
> A little while ago, I added another filter rule to the router here to
> stop an apparently endless, rapid-fire series of directory requests hitting
> my tor server's DirPort from 125.35.9.66, which appears to be in China. The
>
The symptom, like the last time, was that output rate on my
machine's main Ethernet interface was running steadily around the transmit
rate limit imposed by my ADSL line.
tweak as desired ... this would permit 1 connection per minute from a
given IP. Replace (torDirPort) with whatever TCP port
Sorry, I've just realize I unintentionally drove the conversation
off-list: looks like this morning caffeine didn't do its job :-/
Just for reference and future googlers, this thread and its follow-ups are
a good starting point about bandwidth limiting possibilities:
http://archives.seul.org/or/tal
On Wed, 19 Dec 2007 09:55:41 +0100 (CET) "Marco Bonetti"
<[EMAIL PROTECTED]> wrote:
>On Wed, December 19, 2007 09:46, Scott Bennett wrote:
>> we need to think up an automated way to deny directory service to
>> abusers in order to put a stop to such activity.
>you could try rate limiting the c
On Wed, December 19, 2007 09:46, Scott Bennett wrote:
> we need to think up an automated way to deny directory service to
> abusers in order to put a stop to such activity.
you could try rate limiting the connections or adapting mine or perry's
script to your needs.
--
Marco Bonetti
Slackintosh L
A little while ago, I added another filter rule to the router here to
stop an apparently endless, rapid-fire series of directory requests hitting
my tor server's DirPort from 125.35.9.66, which appears to be in China. The
last time I reported this type of thing, you may recall, it came from a
19 matches
Mail list logo
