25 Feb
2015
25 Feb
'15
7:56 p.m.
On Wed, Feb 25, 2015 at 1:53 PM, Josef Stautner hello@veloc1ty.de wrote:
He said that he ran an reduced exit policy relay. Is portscanning even possible there?
Yes. The CMU Tor exit started with the reduced exit policy, and we wound up additionally removing access to ports 22 and 23 (that is, ssh and telnet) due to continual portscanning attempts. And I mean *continual* - multiple scans an hour, 24x7x365 if we'd let it go on.
Campus IT has also noticed a couple of attempts to scan port 3389 (Windows RDP) but that happens much less often.
zw