Hello TOR Community,
since my English is not sufficient to write the text, for your information, I will have it translated via Deepl.
The following issue:
My internet provider wrote to me, my public IP was used to attack other computers via PORT 22.
My setup:
I operate a TOR relay in my home network. In a Proxmox VM with Ubuntu. I installed the package sources from the TOR project in the VM. My system was therefore up-to-date and also ran very reliably and stably.
Why do I think this has to do with TOR?
Out of concern that a hacker was sitting in my system, I immediately looked into the matter. I spoke to other IT nerds via Discord, one of whom also has a TOR relay and runs it in the data center at HETZNER. He told me that he currently has the same problem. He was also contacted. He showed me chat logs and emails as proof.
My question:
How safe is it to operate a TOR relay in the home network? Are there already similar cases and can anyone tell me more about this? Has anyone had similar problems?
I have switched off my TOR relay for security reasons. I closed the PORT.
The mail from the provider
On request, my provider gave me the log files