Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-23 Thread Scott Bennett
teor wrote: > > > On 22 Sep 2017, at 23:03, relay 000 wrote: > > > >> Someone is using the hidden service rendezvous protocol to ask non-exit > >> relays to scan non-tor IP addresses. > > > > wow, people can misuse my *non*-exit relay to scan (aka send a

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-22 Thread teor
> On 23 Sep 2017, at 01:49, Iain R. Learmonth wrote: > > Hi teor, > > On Fri, Sep 22, 2017 at 11:14:07PM +1000, teor wrote: >> >>> On 22 Sep 2017, at 23:03, relay 000 wrote: >>> Someone is using the hidden service rendezvous protocol to ask

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-22 Thread Iain R. Learmonth
Hi, On Fri, Sep 22, 2017 at 04:52:02PM +0100, Pascal Terjan wrote: > There may be some timing difference, a faster response if the > connection fails/is rejected vs if nothing is listening Ah, I hadn't thought of that. Although I guess this would also be the case if there is congestion or a

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-22 Thread Pascal Terjan
On 22 September 2017 at 16:49, Iain R. Learmonth wrote: > Hi teor, > > On Fri, Sep 22, 2017 at 11:14:07PM +1000, teor wrote: >> >> > On 22 Sep 2017, at 23:03, relay 000 wrote: >> > >> >> Someone is using the hidden service rendezvous protocol to ask

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-22 Thread Iain R. Learmonth
Hi teor, On Fri, Sep 22, 2017 at 11:14:07PM +1000, teor wrote: > > > On 22 Sep 2017, at 23:03, relay 000 wrote: > > > >> Someone is using the hidden service rendezvous protocol to ask non-exit > >> relays to scan non-tor IP addresses. > > > > wow, people can misuse my

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-22 Thread teor
> On 22 Sep 2017, at 23:03, relay 000 wrote: > >> Someone is using the hidden service rendezvous protocol to ask non-exit >> relays to scan non-tor IP addresses. > > wow, people can misuse my *non*-exit relay to scan (aka send a TCP SYN > packet) other systems on the

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-22 Thread relay 000
> Someone is using the hidden service rendezvous protocol to ask non-exit > relays to scan non-tor IP addresses. wow, people can misuse my *non*-exit relay to scan (aka send a TCP SYN packet) other systems on the internet? ___ tor-relays mailing list

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-22 Thread teor
> On 22 Sep 2017, at 16:41, x9p wrote: > > >> >> There are two ways this can happen: >> >> Someone set up a tor relay on the "client", and your relay connected >> to it. >> >> Someone is using the hidden service rendezvous protocol to ask non-exit >> relays to scan

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-22 Thread x9p
> > There are two ways this can happen: > > Someone set up a tor relay on the "client", and your relay connected > to it. > > Someone is using the hidden service rendezvous protocol to ask non-exit > relays to scan non-tor IP addresses. Specifying a remote address is a > feature of the protocol.

Re: [tor-relays] abuse email for non-exit relay (masergy)

2017-09-21 Thread teor
> On 22 Sep 2017, at 08:49, relay 000 wrote: > > FYI, I got this email for a non-exit relay - please share if you get them as > well: > > ... > > You have a system on your network that is actively scanning and/or attacking > external sites on the Internet. This can come

[tor-relays] abuse email for non-exit relay (masergy)

2017-09-21 Thread relay 000
FYI, I got this email for a non-exit relay - please share if you get them as well: To Whom it May Concern, You have a system on your network that is actively scanning and/or attacking external sites on the Internet. This can come from many sources and because it is often difficult to detect