
6 Jun
2014
6 Jun
'14
8:39 p.m.
Hi All, FP! :) I just setup my relay node today, and am keeping a hawkish(ish) eye on traffic.... And noticed a flurry of activity from SSH port (22) at 5.104.224.5 - which is listed as an exit. But it's also listed on http://cbl.abuseat.org/lookup.cgi?ip=5.104.224.5 as infected (or NATting for a computer that is infected) with the Conficker botnet. I've black-holed it in the meantime, but am wondering if I'm being overly cautious... Any advice/response/input appreciated. TIA Jeff.