Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread Chris Enkidu-6
As others have mentioned, this does not look like a Tor issue to me. It more seems like a compromised or misconfigured server. You mentioned you reinstalled the OS. Did you use the same root password? My suggestion is that you go about this step by step. First reinstall the OS with a different roo

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread Gary C. New via tor-relays
>From the abuseipdb report, it almost seems like your server has been >compromised and a rogue actor is attempting to ssh brute force attack the >reporting plaintiffs' servers. As suggested previously, use tcpdump on the server in question to confirm the outbound tcp/22 traffic. If the issue is

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread John Crow via tor-relays
Hello,It is honestly still puzzling to me considering that the relay wasn’t compromised or misconfigured.If you or anyone wants to check out the reportshttps://www.abuseipdb.com/check/23.132.184.31 On Wed, Jul 26, 2023 at 2:16 PM, mpan - tor-1qnuaylp at mpan.pl

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread Xiaoqi Chen (Danny)
Hey John, Perhaps one thing you can try in debugging is to run tcpdump on the server in question, to check if it is indeed sending out a lot of port-scanning packets. You can use the following command to filter for port 22 only. Make sure to test with tor turned off as well. "*sudo* *tcpdump -vv

[tor-relays] (no subject)

2023-07-27 Thread amanyaz Amangeldiyew
Hi. I am from. Turkmenistan. I have obtained obsf4 bridge from internet but only ip address is readable. If anybody knows fully obsf4 bridge please send me to my mail. Ip address is: obsf4 93.104.161.141 ___ tor-relays mailing list tor-relays@lists.torpr

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread Jonathan van der Steege
Hello John, Unfortunately I don't have an answer and are not familiar with this problem. It's not exactly clear to me what is scanning what. Are the complains about traffic coming from your relay as port scanning devices around the internet on port 22? Or lots of incoming traffic scanning your

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread mpan
In the past 24 hrs, I have been receiving complaints from my hosting provider that they're receiving hundreds of abuse reports related to port scanning. I have no clue why I'm all of the sudden receiving abuse reports when this non-exit relay has been online for months without issues. In additi