alex-tor at alex-tor at
Mon Jun 14 22:27:20 UTC 2010

On Mon, Jun 14, 2010 at 05:36:02PM -0400, 7v5w7go9ub0o wrote:
> What, specifically, are they tracking to your IP? This unspecific
> complaint could be anything from an innocent series of pings, to an out
> and out stream from metasploit!?

I don't really know. I have no direct communication, only my provider's
tickets. According to them shadowserver alternately complains about
"IRC-Bots", "HTTP-Drones", "Botnet-Drones" and "Botnets".

Last thing was that their honeypots recorded access of an IRC-Bot to a
"Command & Control Server" from which it got orders to launch a
DDos-attack. First, I wonder why this bot contacts their honeypots and
gets new commands from them. And second, the exit policy of my node does
not allow IRC.

For me this makes no sense at all.
> Guess I'd politely tell server4you, with a copy to shadowserver, that
> you want to accommodate shadowserver; that they've been unresponsive;
> and that you'll need specific information to fix the problem.

Besides the "copy to shadowserver" I have tried all that. I will try
again next time and have shadowserver CCed.


We will see.

Thanks for your advice.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <>

More information about the tor-talk mailing list