Re: [tor-relays] Faravahar messing with my IP address

Aren't the iptables rules going to change the source address of the forwarded traffic to the IP of the old server, causing it to misreport IP addresses? On Thu, Oct 22, 2015 at 1:38 PM, SiNA Rabbani wrote: > Dear Relay Operator, > > I am the operator of Faravahar, It has been

Re: [tor-relays] Tor node break-in attempts

Hi LB, SSH attacks happen 24/7 and are just stupid brute force mostly without any reason. You already setted up key auth and hopefully disabled password auth. You can block brute force by setting up a log watcher like fail2ban. That application follows the auth.log file on your server and adds

Re: [tor-relays] Tor node break-in attempts

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/22/2015 09:29 PM, Josef Stautner wrote: > Hi LB, > > SSH attacks happen 24/7 and are just stupid brute force mostly without > any reason. The most stupid of them you can avoid/ignore by just choosing a ssh port != 22. - -- Toralf, pgp key:

[tor-relays] Tor node break-in attempts

Hello, I need some advise on a situation new to me. I operate a VPS exit node in Romania, a VPS guard node in the Czech Republic, a middle node and bridge in the US. All are SSH public key authentication protocol 2. Over the last 5 weeks all of these servers have been under attack by IPs

[tor-relays] Faravahar messing with my IP address

I run the relay Logforme (855BC2DABE24C861CD887DB9B2E950424B49FC34) Saw this in yesterday's log file: Oct 22 03:17:55.000 [notice] Our IP Address has changed from 84.219.173.60 to 154.35.32.5; rebuilding descriptor (source: 154.35.175.225). Oct 22 03:17:55.000 [notice] Self-testing indicates your

Re: [tor-relays] Faravahar messing with my IP address

Dear Relay Operator, I am the operator of Faravahar, It has been having some network issues, specifically very long latency. But this is the first time I hear of an issue like this. 154.35.32.5 is Faravahr's older IP addresses which was replaced with and 154.35.175.225 is the new IP (current).

Re: [tor-relays] ntpd problems explanation

"ntp/time sync peculiarities in relays" Can you please elaborate? I may have missed an earlier discussion, and a quick Google search isn't providing too much help. I found the ticket below, which is interesting reading, but I'm not sure what specific peculiarities you're referring to.

Re: [tor-relays] Faravahar messing with my IP address

On 22 October 2015 at 19:22, Logforme wrote: > I run the relay Logforme (855BC2DABE24C861CD887DB9B2E950424B49FC34) > > Saw this in yesterday's log file: > Oct 22 03:17:55.000 [notice] Our IP Address has changed from > 84.219.173.60 to 154.35.32.5; rebuilding descriptor (source: >

Re: [tor-relays] Faravahar messing with my IP address

I see this from time to time as well. Here's another example: Oct 17 23:02:44.000 [notice] Our IP Address has changed from 52.64.142.121 to [CORRECT IP]; rebuilding descriptor (source: 86.59.21.38). 52.64.142.121 appears to be an instance on Amazon's EC2. I don't run any nodes on EC2.

Re: [tor-relays] Tor node break-in attempts

> > Attack counts are in the 100,000s. > This sort of thing posses no threat and is quite stupid as previously observed. Is mainly annoying for the mess it makes of /var/log/security. If you don't want to change the SSH port (best solution IMO), here's an 'iptables' rule that will fix it

Re: [tor-relays] Optimizing TOR Relay

Here we go. Thats the input i needed. Regarding to >> https://atlas.torproject.org/#details/E20FF09A9A800B16C1C7C16E8C0DF95F46F649B0 my advertised Bandwith is 681.33 KB/s , which is little more than 5MBps. So its kinda "maxed out" . > On 22 Oct 2015, at 01:42, 12xBTM <12x...@gmail.com> wrote: