[tor-relays] Got my first abuse

NOC tor at afo-tm.org
Fri Apr 17 06:37:37 UTC 2020 

I said most not 100%. My exits were in a Datacenter yet they showed up 
at my home. Actually it depends who it is. The local police here was 
very friendly and send me a invitation to visit them in cases with 
computer fraud that were made over the exits, the BKA just gave zero 
fucks and showed up at 06:00 at my home. And took anything looking like 
tech.

The exits had this.is.a.tor.exit.node as reverse dns and displayed on 
port 80 what tor is, how it works and why i don't have any usefull data 
for them. So if they would have done any kind of more than asking the 
provider who pays for that IP they could have get a hint that they won't 
find anything useful for their case at my home or on the servers....

On 16.04.2020 20:18, Volker Mink wrote:
> Not 100% accurate.
> I was running an exit at my home connection for close to one year. I 
> removed it because normal internet usage became absolutely anoying. 
> Capchas and DOS-Protections nearly everywhere. No streaming-portal was 
> running. And lots of complaints from my provider.
> But no Cop action!
> And now i am running 2 exits hosted in datacenters, one in germany, 
> one in malaysia. No problems by now.
> br,
> volker
> *Gesendet:* Donnerstag, 16. April 2020 um 13:32 Uhr
> *Von:* "NOC" <tor at afo-tm.org>
> *An:* tor-relays at lists.torproject.org
> *Betreff:* Re: [tor-relays] Got my first abuse
> They raid your home even if the Tor node is run in a datacenter. Sadly
> the police in germany is still stuck in the 90s and most of them don't
> know and/or care what Tor is and how it works.
>
> On 16.04.2020 12:45, Mario Costa wrote:
> > Where you running an exit from home? It’s really discouraged because 
> of what happened to you.
> >
> > -m
> >
> >> Il giorno 16 apr 2020, alle ore 04:50, Kolja Sagorski 
> <hallo at koljasagorski.de> ha scritto:
> >>
> >> I had a police house search for my exit...
> >> I hate the stupid German police.
> >>
> >>> Am 15.04.2020 um 22:53 schrieb "lists at for-privacy.net" 
> <lists at for-privacy.net>:
> >>>
> >>> Hi,
> >>>
> >>> my Family¹ has had an exit for 2 weeks and today the first abuse 
> mail has arrived.
> >>>
> >>> First of all, thanks for the templates:
> >>>
> >>> https://www.torservers.net/wiki/abuse/templates 
> <https://www.torservers.net/wiki/abuse/templates>
> >>>
> >>> 
> https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates 
> <https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates>
> >>>
> >>>
> >>> I linked these two from the Tor-project:
> >>>
> >>> - Common Boilerplate (Tor Intro)
> >>>
> >>> - SSH Bruteforce Attempts
> >>>
> >>> and wrote the following myself:
> >>> --------------------------------------
> >>> Another good option that we use ourselves is: fail2ban
> >>> And report to blacklists, which can then be loaded into the router 
> firewalls:
> >>> https://www.abuseipdb.com/user/33280 
> <https://www.abuseipdb.com/user/33280>
> >>>
> >>> Hope this helps!
> >>> --------------------------------------
> >>>
> >>> I actually wanted to add that the SSH login attempts can be 
> limited. (3-6)
> >>> Because the logs from the abuse mail showed 100 attempts pro IP. ;-)
> >>>
> >>> _Are such notes useful or do such instructions cause even more 
> problems?_
> >>>
> >>>
> >>>
> >>> ¹https://metrics.torproject.org/rs.html#search/TorOrDie4privacyNET
> >>>
> >>> --
> >>> ╰_╯ Ciao Marco!
> >>>
> >>> Debian GNU/Linux
> >>>
> >>> It's free software and it gives you freedom!
> >>> _______________________________________________
> >>> tor-relays mailing list
> >>> tor-relays at lists.torproject.org
> >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
> >> _______________________________________________
> >> tor-relays mailing list
> >> tor-relays at lists.torproject.org
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
> > _______________________________________________
> > tor-relays mailing list
> > tor-relays at lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20200417/151e5928/attachment.html>

More information about the tor-relays mailing list