[tor-relays] A way to reduce spam and brute attacks...
tor-operator at urdn.com.ua
tor-operator at urdn.com.ua
Tue Nov 10 11:24:20 UTC 2020
rush23 at gmx.net wrote:
> is there any way to stop or if not reduce the spam, brute force
> attacks that are leaving my exit? Well port blocking or destination
> IP blocking is one way but without any relevant information except
> this hard, right? => https://cleantalk.org/blacklists/51.15.80.14
>
> Stopped my exit for about 2-3 weeks awaiting lower number of
> complaints but nothing changed.
>
> In the end I have to migrate from exit to relay unfortunately.
I don't think that there is any reason to try to limit that. All those
brute forces are inoffensive. There's only lot of them because there is
enough idiots that setup their access with ridiculous passwords. If
there wouldn't be that many idiots, the brute force attacks would just
disappear as they wouldn't be profitable to the script-kiddie anymore.
I have learned by experience that noobs learn best when they get to
taste their inexperience. So in a sense, the brute force attacks are
beneficial.
Unfortunately, a lot of noobs that foolishly rely on centralized
blacklists. There's not much that can be done but teaching them how to
do without them.
We have never delegated our filtering to third parties and never felt
that we should do so. We get thousands of brute force attacks a day,
SSH, SMTP AUTH, whatever. And so what? It does absolutely nothing.
More information about the tor-relays
mailing list