[tor-relays] Exit relay is apparently being used to attack other servers

I beatthebastards at inbox.com
Sun Jun 14 01:36:03 UTC 2015


I hope this advances your knowledge.
A couple of days ago one of my exits was threatened with suspension for being 'blacklisted'.
The VPS business gave me this (below) and was happy when I blocked the ports.
It is more limiting of TOR but the exit survived.

" Listing on the Sectoor TOR DNSBL indicates that this IP address is a tor node or a subnet (/24) containing a tor node. This listing does not indicate that your IP address has been blacklisted by Sectoor, as this list also contains subnets that contain a tor node. The subnet listing is not designed to block connections, but rather for use as a scoring mechanism. Your IP will only be blacklisted if it is the tor node itself and listed by Sectoor Exitnodes.

Sectoor TOR DNSBL lists every IP address which is known to run a tor server and allow their clients to connect to one of the following ports:

    Port 25
    Port 194
    Port 465
    Port 587
    Port 994
    Port 6657
    Ports 6660-6670
    Port 6697
    Ports 7000-7005
    Port 7070
    Ports 8000-8004
    Port 9000
    Port 9001
    Port 9998
    Port 9999
More information about SECTOOR can be found at their website: http://www.sectoor.de/tor.php 


More information about the tor-relays mailing list