Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-08-03 Thread Tortue via tor-relays
Hi John, Would it be possible that another device on your network is responsible for the network scanning? If you have an infected PC for instance, your provider would not see the difference. Regards, Paul --- Original Message --- Op donderdag 27 juli 2023 om 21:54 schreef John Crow

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread Chris Enkidu-6
As others have mentioned, this does not look like a Tor issue to me. It more seems like a compromised or misconfigured server. You mentioned you reinstalled the OS. Did you use the same root password? My suggestion is that you go about this step by step. First reinstall the OS with a different

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread Gary C. New via tor-relays
>From the abuseipdb report, it almost seems like your server has been >compromised and a rogue actor is attempting to ssh brute force attack the >reporting plaintiffs' servers. As suggested previously, use tcpdump on the server in question to confirm the outbound tcp/22 traffic. If the issue is

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread John Crow via tor-relays
Hello,It is honestly still puzzling to me considering that the relay wasn’t compromised or misconfigured.If you or anyone wants to check out the reportshttps://www.abuseipdb.com/check/23.132.184.31 On Wed, Jul 26, 2023 at 2:16 PM, mpan - tor-1qnuaylp at mpan.pl

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread Xiaoqi Chen (Danny)
Hey John, Perhaps one thing you can try in debugging is to run tcpdump on the server in question, to check if it is indeed sending out a lot of port-scanning packets. You can use the following command to filter for port 22 only. Make sure to test with tor turned off as well. "*sudo* *tcpdump -vv

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread Jonathan van der Steege
someone has some insights about this and you can resolve your issue. Regards, Original Message From: John Crow via tor-relays Sent: July 24, 2023 12:07:44 AM GMT+02:00 To: tor-relays@lists.torproject.org Cc: ad...@prsv.ch Subject: [tor-relays] Receiving abuse reports for Non

Re: [tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-27 Thread mpan
In the past 24 hrs, I have been receiving complaints from my hosting provider that they're receiving hundreds of abuse reports related to port scanning. I have no clue why I'm all of the sudden receiving abuse reports when this non-exit relay has been online for months without issues. In

[tor-relays] Receiving abuse reports for Non-Exit Relay

2023-07-26 Thread John Crow via tor-relays
Hello all, In the past 24 hrs, I have been receiving complaints from my hosting provider that they're receiving hundreds of abuse reports related to port scanning. I have no clue why I'm all of the sudden receiving abuse reports when this non-exit relay has been online for months without