Re: [tor-relays] Tor relays source IPs spoofed to mass-scan port 22?

We've definitely seen an up tick in this type of complain. One of the abuse reports for "port scanning" had a log of exactly 3 SYN packets to port 22, IDK why people bother with soemthing like that given the amount of actual SSH scans I see against our infrastructure constantly.

New one today though, apparently spoofed web exploit probing. That's probably going to trigger a bigger reaction if it becomes more wide spread than a few ssh packets.

-Jon