[tor-relays] AWS abuse handling

Tristan supersluether at gmail.com
Wed Jul 27 18:26:31 UTC 2016 

If Tor exits are against the AUP, you shouldn't be running one.

On Jul 27, 2016 1:24 PM, "Snehan Kekre" <snehan at minerva.kgi.edu> wrote:

> Hi All,
>
> I have a *free* membership for a year on Amazon's AWS (*capped* at
> 15GB/month of traffic each way).
>
> I've been running an exit node with a reduced exit policy on an ec2
> instance for months and have received my first abuse notice. I'm sure a few
> on this mailing list may have received the same or similar abuse
> notification from Amazon. Besides shutting down the exit, what measures did
> you take to deal with this? What would be the consequences of ignoring
> their email and continuing to run it?
>
> Note: I'm a student and am running on a really tight budget at the moment
> (reason for not hosting it on a paid vps)
>
> Any suggestion(s)/help is appreciated :)
>
>
> Best,
> Snehan
>
> -----------------------------------------------
> The contents of the Abuse notice:
> Hello,
>
> We've received a report(s) that your EC2 instance(s)
>
> Instance Id:
> IP Address:
>
>
>
> has been has been operating as a TOR Exit node. Operating a TOR Exit node
> is forbidden in the AWS Acceptable Use Policy (hxxps://aws.amazon.com/aup/).
> We've included the original report below for your review.
>
> Please take action to stop the reported activity and reply directly to
> this email with details of the corrective actions you have taken. If you do
> not consider the activity described in these reports to be abusive, please
> reply to this email with details of your use case.
>
> If you're unaware of this activity, it's possible that your environment
> has been compromised by an external attacker, or a vulnerability is
> allowing your machine to be used in a way that it was not intended.
>
> We are unable to assist you with troubleshooting or technical inquiries.
> However, for guidance on securing your instance, we recommend reviewing the
> following resources:
>
> * Amazon EC2 Security Groups User Guide:
>
> hxxps://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
>  (Linux)
>
> hxxps://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/using-network-security.html
>  (Windows)
>
> * Tips for Securing EC2 Instances:
> hxxps://aws.amazon.com/articles/1233 (Linux)
> hxxps://aws.amazon.com/articles/1767 (Windows)
>
> * AWS Security Best Practices:
> hxxp://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf
>
> If you require further assistance with this matter, you can take advantage
> of our developer forums:
>
> hxxps://forums.aws.amazon.com/index.jspa
>
> Or, if you are subscribed to a Premium Support package, you may reach out
> for one-on-one assistance here:
>
>
> hxxps://console.aws.amazon.com/support/home#/case/create?issueType=technical
>
> Please remember that you are responsible for ensuring that your instances
> and all applications are properly secured. If you require any further
> information to assist you in identifying or rectifying this issue, please
> let us know in a direct reply to this message.
>
> Regards,
> AWS Abuse "
>
> ---------------------------------------------------------------------------
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160727/affeb347/attachment.html>

More information about the tor-relays mailing list