On 04.12.2017 19:00, s7r wrote:
I've had an ongoing debate with a hosting service over a fresh exit node being abused for network scans (ports 80 and 443) almost hourly for the last few days.
This is just a defective policy of that hoster. If a hoster goes mad because it receives some useless junk notifications, that is not much of a hoster.
This is not about third party X complaining to the hoster about their network being scanned. The hoster itself is automatically monitoring all their machines for outgoing network scans, as these scans are prohibited by their terms of use. If an outgoing scan is detected, the hoster sends log excerpts to the "offending" customer, and if it happens repeatedly over a longer period, the scan's source server is automatically prevented from opening further outbound connections that match this pattern. Getting these restrictions lifted unfortunately requires a lot of time and energy. :-P
-Ralph