Tor nodes blocked by e-gold
Michael Holstein
michael.holstein at csuohio.edu
Fri Apr 27 18:47:03 UTC 2007
> SORBS marks TOR servers as zombie spammers I believe.
Um, in the interest of settling this argument :
grep router cached-routers |grep -v signature |awk -F " " '{print "host
"$3".dnsbl.sorbs.net"}' |sh
(most return NXDOMAIN, meaning not listed by SORBS). The ones that do,
return the database in which they're listed as the last octet.
http.dnsbl.sorbs.net 127.0.0.2
socks.dnsbl.sorbs.net 127.0.0.3
misc.dnsbl.sorbs.net 127.0.0.4
smtp.dnsbl.sorbs.net 127.0.0.5
new.spam.dnsbl.sorbs.net 127.0.0.6
recent.spam.dnsbl.sorbs.net 127.0.0.6
old.spam.dnsbl.sorbs.net 127.0.0.6
spam.dnsbl.sorbs.net 127.0.0.6
escalations.dnsbl.sorbs.net 127.0.0.6
web.dnsbl.sorbs.net 127.0.0.7
block.dnsbl.sorbs.net 127.0.0.8
zombie.dnsbl.sorbs.net 127.0.0.9
dul.dnsbl.sorbs.net 127.0.0.10
badconf.rhsbl.sorbs.net 127.0.0.11
nomail.rhsbl.sorbs.net 127.0.0.12
Of the 887 IPs I have in my cached-routers file, 709 return NXDOMAIN.
The others :
0 http.dnsbl.sorbs.net
0 socks.dnsbl.sorbs.net
0 misc.dnsbl.sorbs.net
0 smtp.dnsbl.sorbs.net
2 *.spam.dnsbl.sorbs.net
0 web.dnsbl.sorbs.net
0 block.dnsbl.sorbs.net
0 zombie.dnsbl.sorbs.net
46 dul.dnsbl.sorbs.net
0 badconf.rhsbl.sorbs.net
0 nomail.rhsbl.sorbs.net
So, according to SORBS, they're blacklisted because they're in dynamic
IP ranges
Cheers,
Michael Holstein CISSP GCIA
Information Security Administrator
Cleveland State University
More information about the tor-talk
mailing list