Thus spake Jon (torance.ca@xxxxxxxxx):
> > > On Tue, 22 May 2012 13:29:54 -0500
> > > Jon <torance.ca@xxxxxxxxx> allegedly wrote:
> > >
> > > > Yep same here, got notice today from ISP on a report of the 20th for
> > > > alledged hacking with someone using sqlmap. the reporting ip was a
> > > > brazilian gov ip address.
> > > >
> > > > I just blocked the port and kept on serving....
> >
> > As of yet, no one has mentioned the port. Out of curiosity, is it
> > included in the Reduced Exit Policy?
> > https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
> >
> > The port was 57734 - of course that doesn't mean another port could beAre you sure that's not the source port (which is randomized) for the
> used
incident? This is a weird destination port.
If so, simply switching to the Reduced Exit Policy (or adding a reject
line for *:57734) would prevent the attack from using your exit. No need
to stop exiting entirely.
--
Mike Perry
______________________________________________
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays