[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] significant rise in fail2ban alerts for ssh abuse

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] significant rise in fail2ban alerts for ssh abuse
From: Zack Weinberg <zackw@xxxxxxx>
Date: Thu, 10 Aug 2017 16:31:15 -0400
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 10 Aug 2017 16:31:32 -0400
In-reply-to: <Zxi8HILu4E9RRSVHBjPFZ3O6p8RpsR0R-1C161b-St-LHtJ-McsNk0ecIeCr3WZMba6dnyQNu77aZ8SW_CmFGOuP1MRCrxKbezbeJSa32WA=@protonmail.ch>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <ff6c364a-5624-c2a1-7be6-b5e4afa6f6e9@o.banes.ch> <Zxi8HILu4E9RRSVHBjPFZ3O6p8RpsR0R-1C161b-St-LHtJ-McsNk0ecIeCr3WZMba6dnyQNu77aZ8SW_CmFGOuP1MRCrxKbezbeJSa32WA=@protonmail.ch>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

On Thu, Aug 10, 2017 at 4:15 PM, Keepyourprivacy
<keepyourprivacy@xxxxxxxxxxxxx> wrote:
> I can‘t talk about the source, but there are indeed more and more script
> kiddies out there who use Tor or VPNs just to test around. They hook up
> Linux Kali and thinking they are becoming the next big hacker. I‘ve read
> from another provider which supports tor exit, that they only accept exits
> if mail, irc and ssh ports are blocked, because they are the biggest vectors
> for abuse messages. So i guess you are not alone...

I also got endless complaints about port scans until I removed port 22
from cmutornode's exit policy.  Tried turning it back on a few times,
and the complaints started up again immediately.  It's sad, because
ssh-over-tor is actually quite valuable.

zw
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] significant rise in fail2ban alerts for ssh abuse
  - From: Dirk
- Re: [tor-relays] significant rise in fail2ban alerts for ssh abuse
  - From: Keepyourprivacy

Prev by Author: Re: [tor-relays] OS diversity of tor relays (was Re: Relay uptime versus outdated Tor version)
Next by Author: Re: [tor-relays] Go home GeoIP, you're drunk.
Previous by thread: Re: [tor-relays] significant rise in fail2ban alerts for ssh abuse
Next by thread: Re: [tor-relays] significant rise in fail2ban alerts for ssh abuse
Index(es):
- Author
- Thread