On Wed, Apr 30, 2014 at 2:14 PM, Delton Barnes delton.barnes@mail.ru wrote:
I'd suggest the problem is administrators treating a Tor exit node the same as a compromised machine.
Sure, and it's part of the sometimes improper administrivia kneejerk response. And the SCREAMING involved with this one certainly incites an unbalanced response upon the less experienced/knowledgeable.
these attacks, so administrators should have to just accept them."
The operator of agnostic midpoint carriage services / relay is different than the ISP of the following two machines, and different than the targeted machine, or the attacking machine. Each has different rules of play available to them, with the midpoint carrier likely having least duty among them to do anything. It's not as if blocking exit:22 to the reporter's machine is going to do anything useful on their end given the rest of the internet they're open to, but if you want to appease them and your upstream, feel free. I wouldn't, but to each their own relay policy :)