[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] webiron requesting to block several /24 subnet

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-relays] webiron requesting to block several /24 subnet
From: Dhalgren Tor <dhalgren.tor@xxxxxxxxx>
Date: Wed, 21 Oct 2015 05:20:01 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 21 Oct 2015 01:20:13 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:date:message-id:subject:from:to:content-type; bh=DPq8OQHVgVn/PzWiiYIoF3hAzB/ZTMcdFJVuzYCABCA=; b=PDng8+793X0htLYEeBzkYtEFgF7alLfLxOQSn7fhLH0tqH+F/nZAc3Tj9/fpw3Hiyp b2xjKHvgRiKM9chJKuORIE8ZJGzGyLY7asBFm3ZS/qgpISpMz3rIPd/3ajgNhXG/cUE5 /0q0sVD9aelKjRgaPj7tsLUbjrtJd/bCWycc9+VvTXqQbgiss/snwk4kBbhhwfOk0oRU GTrJjPrqqt0fK9RQcrO5nLnbkfEvXFqPX0Ps+zH/UXYdW00spfq8uW1wI8qsrEszEh59 TRlrJzxMdFL0X6jgD8aTV0m+lcI9ZUonT+fMpJVoUGKKZne/LmQMEMUC3a+HjZgKrQoR KlkQ==
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

>snake oil service like webiron

A most excellent characterization!

As a sales maneuver WebIron has been grandstanding
for months saying that Tor operators are "unwilling
to cleanup" when they know full-well that tor operators
can not / should not filter traffic due to minor brute-
force login attempts.  For contrast, Fail2ban in 2012
was modified to silently block login attacks without
spamming Tor operators in a reasonable gesture of
politeness.  SSH brute-force attacks have been a
fact-of-life for 20 years.  Hardly anyone thinks
it worth the effort to spam abuse@ desks over it
when a simple rate-limit does the job nicely.

WebIron has become so obnoxious that Spamhaus
placed their domain on the Domain Block List
last Friday

http://www.spamhaus.org/query/dbl?domain=webiron.com

and in addition, the IP of their reporting
system appears on the Spamhaus snow-shoe list
and thereby on the big-bazooka Zen DNSBL.

http://multirbl.valli.org/lookup/23.239.20.29.html

Spamhaus is highly conservative, highly respected
and only  lists egregious  unrepentant abusers.

The only reason to comply is in deference to
the overworked abuse-desk of your ISP if they
do not have an automated system for dealing
with this nonsense.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Prev by Author: [tor-relays] LeaseWeb automated abuse notifications
Next by Author: Re: [tor-relays] HoneyPot?
Previous by thread: Re: [tor-relays] webiron requesting to block several /24 subnet
Next by thread: [tor-relays] ntpd problems explanation
Index(es):
- Author
- Thread