[tor-relays] exit node experience: abuse over HTTP, stealrat infection
Tom van der Woerdt
info at tvdw.eu
Fri Oct 24 07:16:49 UTC 2014
Manuel Gebauer schreef op 19/10/14 15:29:
> Hi, Tom and Rejo. Same with me. Half of the abuse complaints I
> get are from Valuehost Ru. Because I run on a cheap VPS I don't
> get a reassigned IP. Therefore I always fear that my provider
> might lose patience and shut down my server. That's why I decided
> to block Valuehost's range 184.108.40.206/24 completely.
> I also wrote to Valuehost Ru and asked them politely to consider
> that their own customers might like to use tor and to reconsider
> their policy for abuse complaints. No answer yet. I think they
> have an automated abuse complaint system and don't care much for
So I tried getting in contact with them again in an attempt to reduce
the amount of abuse mails they send us. This time they replied :
We make abuse notices not only for TOR exit node operators, we make it
to their uplinks too.
If we will stop to do it, it will lead for:
- TOR exit node operators will cease to think to solve this serious
problem (with all due respect to noble purposes of TOR, like censorship
resistance for Chinese dissidents etc., we see that a large part of of
TOR traffic is malicious)
- TOR exit node uplinks will not notified about malicious activity in
Also, if we'll except over 1000 IP's of Tor exit nodes from the security
system, it will be spent too many resources.
So we suggest to ignore abuse messages if you don't care about the
safety of Internet.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3729 bytes
Desc: S/MIME-cryptografische ondertekening
More information about the tor-relays