[tor-relays] Verizon Abuse Notice from Limited relay

Michael Millspaugh tk421storm at gmail.com
Wed May 9 21:35:35 UTC 2012 

Hey all -

I've been running a relay here for about 2-3 years now, with limited
problems, especially since I switched to the more restrictive reduced exit
policy (only allowing a few ports). However, I just received this today,
which is new and alarming. I've replied with the boilerplate, but I'm
worried as I've never heard from verizon since I went reduced, and they are
the fastest and most reliable ISP (fiber to the home) in my part of the
states.

Here's the message, truncated:

On 05-09-2011, your account was reported to have been used in an attempt to
gain unauthorized access to another system, or to transmit malicious
traffic to another Internet user.

It is possible your system may have been infected by a virus or a botnet
that is causing this action.

Report and/or Logs:

Timestamp: 2012-05-09 11:28:55 (GMT)
Alert: COSED [CSG-GOP-009] SCAN Sqlmap SQL Injection Scan
Source: 96.242.209.159 (49608)
Destination: 200.189.113.50 (80)
Content:
LL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%
20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%
20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%
20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%20NULL,%
20NULL,%20NULL,%20NULL--%20%20AND%20%27tysA%27%3D%27tysA&
codigo=09590039044&orgcom=116100&serie=E000874295&tipo=
DEFESA%20PREVIA&result=INDEFERIDO&motivo=015&auto=116100-E000874295 HTTP/1.1
Accept-Encoding: identity
Accept-Language: en-us,en;q=0.5
Connection: close
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: sqlmap/1.0-dev (r4997) (http://www.sqlmap.org)
Accept-Charset: ISO-8859-15,utf-8;q=0.7,*;q=0.7
Host: celepar7.pr.gov.br
Pragma: no-cache
Cache-Control: no-cache,no-store

-- 
TERMS OF USE. By reading this e-mail, you agree, on behalf of your
employer, to release me from all obligations and waivers arising from any
and all NON-NEGOTIATED agreements, terms-of-use, licenses,
terms-of-service, shrinkwrap, clickwrap, browsewrap, confidentiality,
non-disclosure, non-compete and acceptable use policies ("BOGUS
AGREEMENTS") that I have entered into with your employer, its partners,
licensors, agents and assigns, in perpetuity, without prejudice to my
ongoing rights and privileges. You further represent that you have the
authority to release me from any BOGUS AGREEMENTS on behalf of your
employer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120509/58f4bd08/attachment.html>

More information about the tor-relays mailing list