[tor-relays] So long and thanks for all the abuse complaints
r1610091651
r1610091651 at telenet.be
Tue Dec 5 18:24:29 UTC 2017
Port scans are part of internet life in my opinion. One cannot have
internet access and no (occasional) port scan, spam mails, worms, ...
Having servers on-line and complaining about such things is just
unreasonable and laziness on the operator side: don't want scans, then
setup proper firewall rules. Done.
Just a "food for thought": how does one distinguishes between slow port
scan (as is possible with for example nmap) and actual connection attempts?
Regards
On Tue, 5 Dec 2017 at 17:38 Ralph Seichter <m16+tor at monksofcool.net> wrote:
> Quoting myself:
>
> > I've had an ongoing debate with a hosting service over a fresh exit
> > node being abused for network scans (ports 80 and 443) almost hourly
> > for the last few days.
>
> I had the former exit node unlocked an ran it in relay mode for a day.
> Today I switched back to exit mode, and a few hours after the exit flag
> was reassigned, I already received the next complaint about an outgoing
> network scan. The logs sent to me clearly confirm scans taking place,
> this is not about the hoster being obstinate.
>
> Looks like I will have to shut down this particular exit for good if
> I cannot find a way to prevent it from being abused as network scan
> central. :-(
>
> -Ralph
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20171205/692c6c85/attachment.html>
More information about the tor-relays
mailing list