[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Exit relay is apparently being used to attack other servers

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Exit relay is apparently being used to attack other servers
From: I <beatthebastards@xxxxxxxxx>
Date: Sat, 13 Jun 2015 17:36:03 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sat, 13 Jun 2015 21:36:21 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; q=dns/txt; d=inbox.com; s=s1; h=mime-version:date:message-id:subject:from:to:content-type; bh=Rdd7Eo/7aSb9ErYTeYU3Equ8EX7Q0f1cg6k9YY/wDv8=; b=O79XHQULgb8i/Icjs8JHrpHzjfVQIJ2YqMdojxgBgco6n52eo6Y5OCrHqVcYjx0CMlnS AlEuvE3M5kBv8+3Qi9CJPJwEnGZDdNfA0tUrEktmSUHT2y45WdSehYyj8MWclARzq3OQle bAK0GTxSLvQ50iu+h8ZVxPK0+jb/404W0=
Domainkey-signature: q=dns; a=rsa-sha1; c=nofws; d=inbox.com; s=s1; h=mime-version:date:message-id:from:subject:to:content-type; b=AeGrbIR2ZAie2qDjVf+LblQRg58Eyy0pOKzqce6gkG1XMxw77YPFVhi6uNqkZCsFzP63 tfmuirifANBuWLhAa+v7VvAKcWGvMwV0HaiDEBS85HHCBKa4fgZfTyO2SX/ftZx8976nkd Rvh71O5Xdjt8oPUi24LJROH8l6XywmACQ=
In-reply-to: <0487B5E3-DAB7-41B0-A249-E8D5DA7F19EE@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

Trillium,

I hope this advances your knowledge.
A couple of days ago one of my exits was threatened with suspension for being 'blacklisted'.
The VPS business gave me this (below) and was happy when I blocked the ports.
It is more limiting of TOR but the exit survived.

" Listing on the Sectoor TOR DNSBL indicates that this IP address is a tor node or a subnet (/24) containing a tor node. This listing does not indicate that your IP address has been blacklisted by Sectoor, as this list also contains subnets that contain a tor node. The subnet listing is not designed to block connections, but rather for use as a scoring mechanism. Your IP will only be blacklisted if it is the tor node itself and listed by Sectoor Exitnodes.

Sectoor TOR DNSBL lists every IP address which is known to run a tor server and allow their clients to connect to one of the following ports:

    Port 25
    Port 194
    Port 465
    Port 587
    Port 994
    Port 6657
    Ports 6660-6670
    Port 6697
    Ports 7000-7005
    Port 7070
    Ports 8000-8004
    Port 9000
    Port 9001
    Port 9998
    Port 9999
More information about SECTOOR can be found at their website: http://www.sectoor.de/tor.php 

Robert


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Exit relay is apparently being used to attack other servers
  - From: trillium

References:
- [tor-relays] Exit relay is apparently being used to attack other servers
  - From: trillium

Prev by Author: Re: [tor-relays] (n00b) Exit node question
Next by Author: Re: [tor-relays] Qualities of a good relay (Sean Saito)
Previous by thread: Re: [tor-relays] Exit relay is apparently being used to attack other servers
Next by thread: Re: [tor-relays] Exit relay is apparently being used to attack other servers
Index(es):
- Author
- Thread