Am 05.10.2017 19:08 schrieb AMuse:
Hi all! I'm getting a number of ISP Abuse complaints around outbound ssh brute-forcing from our exit relay.
I'm personally of the opinion that people should run fail2ban (or equiv) and get on with life and I generally ignore the complaints - but wondered, what are other operators doing?
Is anyone exit-policy blocking outbound 22 to make the internet a kinder place? Is anyone refusing to on principle?
I'm generally refusing to block ports on my exit relay. Tor is supposed to be an overlay network and I love to be able use it for anything TCP :)
I personally think the internet would be a kinder place if all ports would be open on exit relays, making the most out of the Tor network... And if all kinds of people would use Tor, even if they don't directly know it. (I'd love to see it integrated in the Gnome Desktop for example)
That said, I had to disable port 25 some time ago, but I did do so after quite some discussions with my ISP and will ask again about enabling it. They had one semi-valid fear about email spam, but that's a different story.
thanks
martin