[tor-relays] webiron requesting to block several /24 subnet

Dhalgren Tor dhalgren.tor at gmail.com
Wed Oct 21 05:20:01 UTC 2015


>snake oil service like webiron

A most excellent characterization!

As a sales maneuver WebIron has been grandstanding
for months saying that Tor operators are "unwilling
to cleanup" when they know full-well that tor operators
can not / should not filter traffic due to minor brute-
force login attempts.  For contrast, Fail2ban in 2012
was modified to silently block login attacks without
spamming Tor operators in a reasonable gesture of
politeness.  SSH brute-force attacks have been a
fact-of-life for 20 years.  Hardly anyone thinks
it worth the effort to spam abuse@ desks over it
when a simple rate-limit does the job nicely.

WebIron has become so obnoxious that Spamhaus
placed their domain on the Domain Block List
last Friday

http://www.spamhaus.org/query/dbl?domain=webiron.com

and in addition, the IP of their reporting
system appears on the Spamhaus snow-shoe list
and thereby on the big-bazooka Zen DNSBL.

http://multirbl.valli.org/lookup/23.239.20.29.html

Spamhaus is highly conservative, highly respected
and only  lists egregious  unrepentant abusers.

The only reason to comply is in deference to
the overworked abuse-desk of your ISP if they
do not have an automated system for dealing
with this nonsense.


More information about the tor-relays mailing list