Possible Tor node


I noticed my CPU average has increased of late and there are lots of apache2 processes running now. netstat -a shows a bunch of tor-exit and torrentflame addresses and I suspect someone's using my server without my consent.

Does anyone have any good resources I could use to confirm and/or correct this please?


1 Reply

Hi Kris,

I did some digging on this and came across the following information that might prove helpful:

Set up a usage policy on your network || Deep packet inspection


The above Reddit thread goes over things like setting up a usage policy on your network, and performing "deep packet inspection". For example:

My opinion is that this isn't a technical issue - it's a policy issue. Make all your users sign a usage policy that explicitly bans the use of file-sharing networks and systems, including BitTorrent, and ensure that appropriate punishments can be enforced should people violate that policy.

Set up a Reduced Exit Policy:

The Tor Project provides firewall options for a reduced exit policy on their site, which "allows as many Internet services as possible while still blocking the majority of TCP ports."



Please enter an answer

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct