[tor-relays] potentially compromised Linux servers running a tor exit relay without consent of the owner?

Virgil Griffith i at virgil.gr
Tue Mar 8 01:37:15 UTC 2016


On Monday, 7 March 2016, nusenu <nusenu at openmailbox.org> wrote:

>
> Dear abuse handlers at universities,
>
> the following two servers run a tor exit relay
> (exit policy: accept *:*).
>
> Due to ~80 other servers [1] around the world joining the tor network
> with the same bitcoin donation address in the contact field my wild
> guess is that it was not the owner making this server a tor exit relay.
>
> If you can confirm that these servers were indeed compromised - this
> would be valuable information for us.
>
>
> AS name: University of California at Berkeley
> IP address: 169.229.227.122
> started to run as a tor relay at: 2016-03-07 17:37:24
>
>
> AS name: University of Vienna, Austria
> IP: 77.80.14.190
> started to run as a tor relay at: 2016-03-07 17:32:29
>
>
> (I'm not associated with the torproject)
>
>
> [1]
>
> https://gist.githubusercontent.com/nusenu/fb19034a7860dba6c203/raw/5531768e75928970ad37517dfd3bbfed4698eaca/2016-03-07_79relays.txt
>
> https://lists.torproject.org/pipermail/tor-relays/2016-March/008857.html
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160307/b85ef370/attachment-0001.html>


More information about the tor-relays mailing list