[tor-relays] SSH scans from Tor exit

grarpamp grarpamp at gmail.com
Tue Apr 29 06:53:08 UTC 2014

On Mon, Apr 28, 2014 at 6:31 PM, I <beatthebastards at inbox.com> wrote:
> Is this happening to anyone else?

Yes. Many relay ops effectively ignore it, as they have often
positioned themselves beforehand to do so.

> Does anyone know what can be done to stop it?

Block *:22 in your exit policy.
Offer your vps that you will accept and respond directly to
any complainants if the vps lets you keep 22 open.

> I have just been kicked of another one after paying a year in advance.

They may owe you on contract for unused months, if you are not anon.

> If we have no authoritative retort when they raise the first 'abuse'
> When I have said the restricted port list can be added and it has proved
> to be successful some have given me another chance.

Try to tell your future hosts what they can expect of abuse, get their
approval in writing before signup and paying.

All of this, canned responses, and more are in the archives of this
list, on the website, the wiki, etc.

More information about the tor-relays mailing list