[tor-relays] IP and SWIP for a Tor exit node
starlight.2015q3 at binnacle.cx
starlight.2015q3 at binnacle.cx
Sat Sep 26 23:35:32 UTC 2015
(1) In the guide it is advised to "Get a separate IP for the node. . .
You have the right idea. Tor-exit node IPs end up on all
sorts of black-lists and it's best to segregate exit traffic
from all other traffic. Try pulling up a few exits using
http://multirbl.valli.org
and you will see this. In particular, Tor
exits usually test positive on
http://www.abuseat.org/
(aka the Spamhaus CBL) as all sorts of infectious malware
bot(s).
(2) SWIP/RWHOIS + ARIN/RIPE
SWIP'ing is a bit exotic though some ISPs provide it.
Be sure to use a PO box in the contact info rather than
your real address if you obtain this. What happens is
that the handful of IP addresses assigned to your server
get their own WHOIS sub-record listed first before the
ISP address-block record. Has the advantage many abuse
complaints will go directly to you instead of first to
the ISP. At one time some residential ISPs SWIP'ed
their customers by default, but this produced all kinds
of problems and complaints so the practice is gone.
Not necessary if you can manage a constructive dialog with
the abuse department of the ISP. Start with an email to the
address that
http://www.abusix.org/
lists for the IP and ask them what procedures they might
have where you can have abuse reports forwarded directly to
you and/or have the IP noted as a Tor Exit / VPN / Proxy in
whatever system they have for handling abuse reports. Most
abuse reports are automated spam from WordPress blogs
complaining about brute-force password attacks and automatic
malware-detecting honeypots. If you hear from a real person
it will be extraordinary.
More information about the tor-relays
mailing list