[tor-relays] How does CERT-FI know my SOCKS4 port?
Logforme
m7527 at abc.se
Wed Jul 10 15:04:12 UTC 2013
I assume the ISP did a port scan. Do you have port 9050 open in your
firewall?
On 2013-07-10 15:57, Steve Snyder wrote:
> My ISP recently sent to me a CERT-FI auto-report on malware-infected
> servers in my ISP's address space. I was send this report because my
> IP address was among those flagged. My entry looks like this:
>
> 51765|aa.bbb.ccc.dd|2013-07-08 02:39:23
> +0000|||Proxy|743230|Datasource: C, Type: SOCKS4 (9050)
>
> I am wondering how CERT-FI knows about this port. This is a snippet
> of my relay config:
>
> OutboundBindAddress aa.bbb.ccc.dd
> ORPort [aa.bbb.ccc.dd]:443
> DirPort [aa.bbb.ccc.dd]:80
> SocksPort [127.0.0.1]:9050
>
> Given that my SOCKS port is bound to localhost, how does CERT-FI know
> about it?
>
> (For more info on the auto-reporter, go to
> https://www.cert.fi/en/autoreporter/autoreporter.html and log into it
> with this username/password: auto/reporter)
>
> Thanks.
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
More information about the tor-relays
mailing list