Hello,
on the evening of 2022-10-18, we (Artikel10) started getting alerts about our
Tor servers, while our traffic declined sharply. When we investigated, we found
that there were hundreds of thousands of TCP connections (per server) open to a
single address, orders of magnitude more than any other address. We blocked
this address via "ExitPolicy reject", then another one, and since then things
seem to have improved.
I have thrown together a small Python script to detect this and generate
"ExitPolicy reject" lines automatically:
https://github.com/artikel10/surgeprotector
This is still experimental, so if you decide to give the script a try, please
keep an eye on it.
Kind regards,
Alexander
--
PGP Key: https://dietrich.cx/pgp | 0x52FA4EE1722D54EB
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
