[tor-relays] Received botnet/drone abuse complaint

[Steve Snyder <swsnyder@xxxxxxxxxxxxx>]

I received a botnet/drone complaint from shadowserver.org today (delayed 
due to holidays) regarding my exit node:

timestamp ip port type infection cc cc_port
12/29/2011 19:52 173.208.132.210 48586 32097 US MISSOURI KANSAS CITY tcp 
mebroot ukixxuug.com|MAOS/0EC20201 14DF137A55320641 84.163.151.128 80 
3320 DE 1

If I'm reading this correctly, they identify "mebroot" as the source of 
the problem.  As this is a Windows MBR trojan it obviously doesn't apply 
to my Linux system.  I scanned my system anyway and found no unexpected 
processes running.

My DirPort is set to 80, which may explain that value in the complaint.

Any thoughts on what to do to avoid further complaints?  Shadowserver 
addresses the topic of Tor exits here:

http://www.shadowserver.org/wiki/pmwiki.php/Involve/TORNodesAndReporting

Thanks.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays