[tor-relays] abuse reports from shadowserver.org
Alexander Bernauer
alex-tor at copton.net
Sat Mar 19 11:28:38 UTC 2011
Hi everybody,
my ISP keeps on receiving abuse reports from shadowserver.org. They
claim that an IRC bot operates from the IP that belongs to my tor exit.
The strange thing is that my exit policy only allows web and mail ports.
Furthermore, the IPs of the shadowserver honeypots have a ptr entry for
*.sinkhole.shadowserver.org.
So, I could block their servers either by means of the exit policy or
with iptables. Which one would you prefer?
I additionally wanted to ask here if there is any experience with
shadowserver in this regard?
Explaining the issue to my ISP failed. They keep on getting nervous.
Talking to shadowserver also failed, because subscription to their
public mailing list is moderated and my direct mails have been ignored
for several months now.
Any advice?
regards
Alex
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20110319/347f1067/attachment.pgp>
More information about the tor-relays
mailing list