[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Got my first abuse

Running an Exit  node from home is asking for trouble. I can't imagine why anyone would want to. Anyways, /etc/hosts.allow and /etc/hosts.deny can also be used to limit SSH access. I highly recommend. 

Best,
Jason

Sent from my Android device. Please excuse my brevity and any typos that may occur.

On Thu, Apr 16, 2020, 3:32 PM Volker Mink <volker.mink@xxxxxx> wrote:
Not 100% accurate.
I was running an exit at my home connection for close to one year. I removed it because normal internet usage became absolutely anoying. Capchas and DOS-Protections nearly everywhere. No streaming-portal was running. And lots of complaints from my provider.
But no Cop action!
 
And now i am running 2 exits hosted in datacenters, one in germany, one in malaysia. No problems by now.
 
 
br,
volker
 
 
Gesendet: Donnerstag, 16. April 2020 um 13:32 Uhr
Von: "NOC" <tor@xxxxxxxxxx>
An: tor-relays@xxxxxxxxxxxxxxxxxxxx
Betreff: Re: [tor-relays] Got my first abuse
They raid your home even if the Tor node is run in a datacenter. Sadly
the police in germany is still stuck in the 90s and most of them don't
know and/or care what Tor is and how it works.

On 16.04.2020 12:45, Mario Costa wrote:
> Where you running an exit from home? It’s really discouraged because of what happened to you.
>
> -m
>
>> Il giorno 16 apr 2020, alle ore 04:50, Kolja Sagorski <hallo@xxxxxxxxxxxxxxxx> ha scritto:
>>
>> I had a police house search for my exit...
>> I hate the stupid German police.
>>
>>> Am 15.04.2020 um 22:53 schrieb "lists@xxxxxxxxxxxxxxx" <lists@xxxxxxxxxxxxxxx>:
>>>
>>> Hi,
>>>
>>> my Family¹ has had an exit for 2 weeks and today the first abuse mail has arrived.
>>>
>>> First of all, thanks for the templates:
>>>
>>> https://www.torservers.net/wiki/abuse/templates
>>>
>>> https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates
>>>
>>>
>>> I linked these two from the Tor-project:
>>>
>>> - Common Boilerplate (Tor Intro)
>>>
>>> - SSH Bruteforce Attempts
>>>
>>> and wrote the following myself:
>>> --------------------------------------
>>> Another good option that we use ourselves is: fail2ban
>>> And report to blacklists, which can then be loaded into the router firewalls:
>>> https://www.abuseipdb.com/user/33280
>>>
>>> Hope this helps!
>>> --------------------------------------
>>>
>>> I actually wanted to add that the SSH login attempts can be limited. (3-6)
>>> Because the logs from the abuse mail showed 100 attempts pro IP. ;-)
>>>
>>> _Are such notes useful or do such instructions cause even more problems?_
>>>
>>>
>>>
>>> ¹https://metrics.torproject.org/rs.html#search/TorOrDie4privacyNET
>>>
>>> --
>>> ╰_╯ Ciao Marco!
>>>
>>> Debian GNU/Linux
>>>
>>> It's free software and it gives you freedom!
>>> _______________________________________________
>>> tor-relays mailing list
>>> tor-relays@xxxxxxxxxxxxxxxxxxxx
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>> _______________________________________________
>> tor-relays mailing list
>> tor-relays@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays