[tor-relays] Fwd: [Abuse[...]] GameoverZeus-Infektionen

Ch'Gans chgans at gna.org
Sun Jul 20 05:40:37 UTC 2014

On 20/07/14 05:58, Zack Weinberg wrote:
> On Sat, Jul 19, 2014 at 12:32 PM, Thomas White <thomaswhite at riseup.net> wrote:
>> Speaking from experience of operating 25 servers doing 4Gbps, I can
>> quite safely say that if your host has been supportive of Tor, I would
>> simply respond with the normal boilerplate regardless of what the
>> complaint is or who made it.
> I have found that if the complaint is of this type - that is, "this
> machine appears to be [infected with $MALWARE | running an unsafely
> obsolete version of $OPERATING_SYSTEM | part of $BOTNET]" - it is
> useful to augment the normal boilerplate along the lines of
> | Scanners that aim to detect misconfigured, vulnerable, or infected
> | computers will, from time to time, pick up Tor exits as false
> | positives, whenever they happen to be emitting traffic that
> | originates from such computers. By design, we have no way to pass
> | your report along to the true source of the traffic. We can assure
> | you that the actual computer at [EXIT'S IP ADDRESS] is not infected
> | with any malware and is kept up to date with security fixes.
> | However, you should expect it to continue to appear in your scans as
> | a false positive.

Tanks Zack for this example of explanation, I think i will re-use it in 
my answer.

Thanks again!

> zw
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

////////// Parser ///////////
#define fL1S(s) QString::fromLatin1(s)
namespace { // MSVC2010 doesn't seem to know the semantics of "static" ...

More information about the tor-relays mailing list