[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] abuse reports from shadowserver.org



Hi everybody,

my ISP keeps on receiving abuse reports from shadowserver.org. They
claim that an IRC bot operates from the IP that belongs to my tor exit.

The strange thing is that my exit policy only allows web and mail ports.
Furthermore, the IPs of the shadowserver honeypots have a ptr entry for
*.sinkhole.shadowserver.org.

So, I could block their servers either by means of the exit policy or
with iptables. Which one would you prefer?

I additionally wanted to ask here if there is any experience with
shadowserver in this regard?

Explaining the issue to my ISP failed. They keep on getting nervous.

Talking to shadowserver also failed, because subscription to their
public mailing list is moderated and my direct mails have been ignored
for several months now.

Any advice?

regards

Alex

Attachment: signature.asc
Description: Digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays