[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Blocking outbound 22 or no?

To: <tor-relays@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-relays] Blocking outbound 22 or no?
From: Sebastian Urbach <sebastian@xxxxxxxxxx>
Date: Thu, 05 Oct 2017 22:58:56 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 05 Oct 2017 16:59:13 -0400
In-reply-to: <0669dd6c-1a2f-82bb-6e3d-f1b0bbb31b3f@o.banes.ch>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <CAH9HpnzdZB1Ov4k8F5Ss=FD91qXGoHjgOjbVr_=uGJ0Aqfktiw@mail.gmail.com> <0669dd6c-1a2f-82bb-6e3d-f1b0bbb31b3f@o.banes.ch>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: AquaMail/1.11.0-568 (build: 101100004)

Good Evening,

What Dirk just described is exactly what happened here. Timeframe matchesand i disabled port 22 as well. Adjusting the port for your own systemseems to be a good idea and it is working very well for me.

--
Sincerely yours / M.f.G. / Sincères salutations

Sebastian Urbach

---------------------------------------------------------------------------
Those who surrender freedom for security
will not have, nor do they deserve, either one.
---------------------------------------------------------------------------
Benjamin Franklin (1706-1790)



Am 5. Oktober 2017 20:55:54 schrieb tor-relay.dirk@xxxxxxxxxx:

Hello AMuse,

we faced the same about 1-2 month ago. Actuall people use fail2ban which
creates abuse mails to you provider.
Thats not new. But recently the abuse mails have risen to numbers which
lead us to believe there are acutally more people abusing ssh via tor
than people really using it.

In the end we disabled port 22. After all - any sysadmin who wants to
have peace and ever looked a ssh config will have its listen port
somewhere else than 22.

best regards

Dirk


On 05.10.2017 19:08, AMuse wrote:

Hi all!  I'm getting a number of ISP Abuse complaints around outbound
ssh brute-forcing from our exit relay.

I'm personally of the opinion that people should run fail2ban (or
equiv) and get on with life and I generally ignore the complaints -
but wondered, what are other operators doing?

Is anyone exit-policy blocking outbound 22 to make the internet a
kinder place?  Is anyone refusing to on principle?


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Blocking outbound 22 or no?
  - From: AMuse
- Re: [tor-relays] Blocking outbound 22 or no?
  - From: tor-relay . dirk

Prev by Author: Re: [tor-relays] Tor t-shirts
Next by Author: [tor-relays] Atlas / Onionoo ...
Previous by thread: Re: [tor-relays] Blocking outbound 22 or no?
Next by thread: Re: [tor-relays] Blocking outbound 22 or no?
Index(es):
- Author
- Thread