[tor-relays] Exit relay is apparently being used to attack other servers
I
beatthebastards at inbox.com
Sun Jun 14 01:36:03 UTC 2015
Trillium,
I hope this advances your knowledge.
A couple of days ago one of my exits was threatened with suspension for being 'blacklisted'.
The VPS business gave me this (below) and was happy when I blocked the ports.
It is more limiting of TOR but the exit survived.
" Listing on the Sectoor TOR DNSBL indicates that this IP address is a tor node or a subnet (/24) containing a tor node. This listing does not indicate that your IP address has been blacklisted by Sectoor, as this list also contains subnets that contain a tor node. The subnet listing is not designed to block connections, but rather for use as a scoring mechanism. Your IP will only be blacklisted if it is the tor node itself and listed by Sectoor Exitnodes.
Sectoor TOR DNSBL lists every IP address which is known to run a tor server and allow their clients to connect to one of the following ports:
Port 25
Port 194
Port 465
Port 587
Port 994
Port 6657
Ports 6660-6670
Port 6697
Ports 7000-7005
Port 7070
Ports 8000-8004
Port 9000
Port 9001
Port 9998
Port 9999
More information about SECTOOR can be found at their website: http://www.sectoor.de/tor.php
Robert
More information about the tor-relays
mailing list