[tor-relays] suspicious exit?
JB
technomental at gmail.com
Fri Jun 6 23:39:09 UTC 2014
Hi All,
FP! :)
I just setup my relay node today, and am keeping a hawkish(ish) eye on
traffic.... And noticed a flurry of activity from SSH port (22) at
5.104.224.5 - which is listed as an exit.
But it's also listed on http://cbl.abuseat.org/lookup.cgi?ip=5.104.224.5
as infected (or NATting for a computer that is infected) with the
Conficker botnet.
I've black-holed it in the meantime, but am wondering if I'm being
overly cautious...
Any advice/response/input appreciated.
TIA
Jeff.
More information about the tor-relays
mailing list