[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tor nodes blocked by e-gold
SORBS marks TOR servers as zombie spammers I believe.
Um, in the interest of settling this argument :
grep router cached-routers |grep -v signature |awk -F " " '{print "host
"$3".dnsbl.sorbs.net"}' |sh
(most return NXDOMAIN, meaning not listed by SORBS). The ones that do,
return the database in which they're listed as the last octet.
http.dnsbl.sorbs.net 127.0.0.2
socks.dnsbl.sorbs.net 127.0.0.3
misc.dnsbl.sorbs.net 127.0.0.4
smtp.dnsbl.sorbs.net 127.0.0.5
new.spam.dnsbl.sorbs.net 127.0.0.6
recent.spam.dnsbl.sorbs.net 127.0.0.6
old.spam.dnsbl.sorbs.net 127.0.0.6
spam.dnsbl.sorbs.net 127.0.0.6
escalations.dnsbl.sorbs.net 127.0.0.6
web.dnsbl.sorbs.net 127.0.0.7
block.dnsbl.sorbs.net 127.0.0.8
zombie.dnsbl.sorbs.net 127.0.0.9
dul.dnsbl.sorbs.net 127.0.0.10
badconf.rhsbl.sorbs.net 127.0.0.11
nomail.rhsbl.sorbs.net 127.0.0.12
Of the 887 IPs I have in my cached-routers file, 709 return NXDOMAIN.
The others :
0 http.dnsbl.sorbs.net
0 socks.dnsbl.sorbs.net
0 misc.dnsbl.sorbs.net
0 smtp.dnsbl.sorbs.net
2 *.spam.dnsbl.sorbs.net
0 web.dnsbl.sorbs.net
0 block.dnsbl.sorbs.net
0 zombie.dnsbl.sorbs.net
46 dul.dnsbl.sorbs.net
0 badconf.rhsbl.sorbs.net
0 nomail.rhsbl.sorbs.net
So, according to SORBS, they're blacklisted because they're in dynamic
IP ranges
Cheers,
Michael Holstein CISSP GCIA
Information Security Administrator
Cleveland State University