[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Connections to botnet masters
K.N.(tor-admin@xxxxxxxxxxxxxxxxxxxxxxxxx)@Mon, Aug 27, 2007 at 02:42:04PM +0200:
> this exit-node problem you may have with Google and some DNSBL (SORBS
> and others?) too. Your exit node contacts several IRC channels. That is
> why your node is listed as "trojan hacked".
> Some times ago we have a thread about SORBS and many exit nodes were
> listed in this DNSBL with the attribut "trojan hacked". Conclusion of
> the thread was: "They have no glue!"
> Google sometimes does not work with several exit nodes and give you the
> message "You may have a virus or malware, please clean your computer!"
> (or something like that).
> I have changed the exit policity of my node and now it is no longer
> listed in SORBS and works fine with Google. May be, this is not a good
> solution. Any other suggestions?
I've butted heads with SORBS a few times in the past (something about
running Tor on a mail server...) and have come up with this:
* Block outgoing IRC traffic. This sucks, but allowing it will get you
listed time and time again. My blocking rules for that are below.
* If you get listed, use the webpage unblock form. Then go onto the IRC
server and talk to someone. Don't wait for them to do it, they might
not. Preferably, keep talking to people until you get someone who can
* When you get unlisted, immediately send notes to anyone who blocked your
email telling them to fix their shit. Seriously. postmaster@(each
domain) gets a form letter from me.
IRC blocking rules:
ExitPolicy reject *:6660-6670 # IRC
ExitPolicy reject *:7000-7001 # IRC
ExitPolicy reject *:7026 # IRC
ExitPolicy reject *:7777 # IRC
ExitPolicy reject *:8000 # IRC
ExitPolicy reject *:9999 # IRC
I'm sure that this doesn't cover everything, and that there is collateral
damage from this block, but it seems to work for me.
I don't have anything for you, man. Good job on the fertilization and
everything, but your situation is still something I'm desperately trying
-- Tycho, Penny Arcade