[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] Attacker IP database



Is there any kind of compiled list of IPs that relay operators can refer to that are known bad IPs (sources of brute force SSH attempts, etc.)? Is there a reason to NOT block (drop) traffic from these IPs?

Here are some that I have seen recently trying to brute force common user accounts and root password attempts:
198.50.197.98
220.161.148.178
223.4.217.47
199.187.125.250
175.99.95.252
62.64.83.38
125.209.110.234
37.235.53.172

Also, in general what are some good security practices to keep in mind while running a Tor relay?

Thanks,
Bryan
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays