[tor-relays] Port scanning via exit node
ken at kenbaker.co.uk
ken at kenbaker.co.uk
Sat May 21 21:35:33 UTC 2016
Yeah, he knows, he'd just kind of like it to go away.
A bit of googling yielded something called tortunnel which links direct
to the exit node and allows a scan. It'd be nice to make a bit of an
effort though, so, anyone know how to interfere with that? It's Moxie,
mind you, so it's probably bulletproof.
K.
On 21/05/16 21:46, Green Dream wrote:
> There's really nothing to do. Based on the limited logs, it looks like
> someone was just looking for open TCP port 22 (ssh). You can't really
> block the scans by source since you don't know the source address
> (because Tor). You could prevent connections to port 22, but that
> would prevent everyone else from using ssh through your exit, and
> also, it wouldn't stop port scanning of any other ports allowed
> through the exit.
>
> I'd just explain you're running a Tor exit, and thus you cannot
> identify the source of the scan.
>
> As common as port scanning is (and has been for as long as the
> Internet has been around), I'm surprised providers still worry about
> it this much.
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160521/7d7e3b8f/attachment.html>
More information about the tor-relays
mailing list