[tor-relays] Verizon Abuse Notice from Limited relay

Subject: [tor-relays] Verizon Abuse Notice from Limited relay

From: Michael Millspaugh <tk421storm@xxxxxxxxx>

Date: Wed, 9 May 2012 17:35:35 -0400

Delivery-date: Wed, 09 May 2012 17:36:12 -0400

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=qoKuLW6tXFgt54j6fNkha/eULP+m3K3iP8FBmbWlW6s=; b=BwgMvogYUUw5D47EP3AgPpz4GdUEP1C/LFM0a+UhBIRd3BTTutKrpnX5+hXdAqQERV tf9mGYWLLTxjZMOWeb+YFjkxIAEHFbOIO6ywqseECAfBRXO260PqLJiICZAdZjUoQn+S 97gvFIT5RMNn1V2WQxWlf33XmvG5g2MD8btwxheOFU1MtyDny05ZUoeTj4DYP/9Xz6+j cJGTL2opt55isOk5iDT5RNaH1Re7qGm/ydYWJLbwJHVnjKN2Kndkg0/xPsYn9RNwIJ2G cMe4ZFLY0C+MQYv4MIxqDrZlSmu3sSPkQ5Epch+U2t776tC5vWELMBGVq39Hne6R8uiK w4WQ==

List-archive: <http://lists.torproject.org/pipermail/tor-relays>

List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>

List-id: "This mailing list is for support and questions about running Tor relays \(exit, non-exit, bridge\)." <tor-relays.lists.torproject.org>

List-post: <mailto:tor-relays@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>

Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx

Sender: tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx

I've been running a relay here for about 2-3 years now, with limited problems, especially since I switched to the more restrictive reduced exit policy (only allowing a few ports). However, I just received this today, which is new and alarming. I've replied with the boilerplate, but I'm worried as I've never heard from verizon since I went reduced, and they are the fastest and most reliable ISP (fiber to the home) in my part of the states.

Here's the message, truncated:

On 05-09-2011, your account was reported to have been used in an attempt to gain unauthorized access to another system, or to transmit malicious traffic to another Internet user.

It is possible your system may have been infected by a virus or a botnet that is causing this action.

Report and/or Logs:

Timestamp: 2012-05-09 11:28:55 (GMT)
Alert: COSED [CSG-GOP-009] SCAN Sqlmap SQL Injection Scan
Source: 96.242.209.159 (49608)
Destination: 200.189.113.50 (80)
Content:
LL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL--%20%20AND%20%27tysA%27%3D%27tysA&codigo=09590039044&orgcom=116100&serie=E000874295&tipo=DEFESA%20PREVIA&result=INDEFERIDO&motivo=015&auto=116100-E000874295 HTTP/1.1
Accept-Encoding: identity
Accept-Language: en-us,en;q=0.5
Connection: close
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: sqlmap/1.0-dev (r4997) (http://www.sqlmap.org)
Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
Host: celepar7.pr.gov.br
Pragma: no-cache
Cache-Control: no-cache,no-store

--
TERMS OF USE. By reading this e-mail, you agree, on behalf of your employer, to release me from all obligations and waivers arising from any and all NON-NEGOTIATED agreements, terms-of-use, licenses, terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality, non-disclosure, non-compete and acceptable use policies ("BOGUS AGREEMENTS") that I have entered into with your employer, its partners, licensors, agents and assigns, in perpetuity, without prejudice to my ongoing rights and privileges. You further represent that you have the authority to release me from any BOGUS AGREEMENTS on behalf of your employer.

_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays