On Wed, 10 Jul 2013 17:04:12 +0200 Logforme <m7527@xxxxxx> allegedly wrote: > I assume the ISP did a port scan. Do you have port 9050 open in your > firewall? Unlikely. I think it would be very unusual for an ISP in any country to portscan anyone without prior authority (such as would appear in a contract). Such action is illegal in may jurisdictions. And in any case, Steve has already said that his socks port is bound only to localhost (127.0.0.1). The report from CERT-FI must simply record the fact that they have seen (or had reported) apparent open proxy relaying from Steve's IP address with source port 9050. Without a lot more detail about configuration, and the exact details of the reporting from CERT-FI it is difficult to make any assumptions. If I were Steve, I would contact CERT-FI directly for more information. They are likely to be very helpful. Mick > On 2013-07-10 15:57, Steve Snyder wrote: > > My ISP recently sent to me a CERT-FI auto-report on > > malware-infected servers in my ISP's address space. I was send > > this report because my IP address was among those flagged. My > > entry looks like this: --------------------------------------------------------------------- Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net ---------------------------------------------------------------------
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays