> I received a botnet/drone complaint from shadowserver.org today
If the complaint was sent directly to you, rather than to you via your
ISP, it is unlikely you need to do anything. Unless you're concerned
about possibly having your own IP space blacklisted (which is normally
an ISP concern).
If
I received a botnet/drone complaint from shadowserver.org today (delayed
due to holidays) regarding my exit node:
timestamp ip port type infection cc cc_port
12/29/2011 19:52 173.208.132.210 48586 32097 US MISSOURI KANSAS CITY tcp
mebroot ukixxuug.com|MAOS/0EC20201 14DF137A55320641 84.163.151.1
> If someone chose to use, or only could use, his relays.
> Or to give a reason other than being raided or broke :)
A heads up would make sense if he was providing bridges, since that
would impact reachability for his users. However, if it's a normal
relay then there's really no point in sending a
> Why and for whom is that relevant? Keep in mind that the Tor network
> handles churn quite well.
If someone chose to use, or only could use, his relays.
Or to give a reason other than being raided or broke :)
___
tor-relays mailing list
tor-relays@list
Am 2012-01-02 12:23, schrieb cmeclax-sazri:
> On Sunday 01 January 2012 23:36:13 grarpamp wrote:
>> This 'attack' has been going on for YEARS. Nobody's really getting
>> shells (well some are), just dictionaried. The problem is that
>> OpenSSH logs this by default and people freak out when they
>>
Am 2012-01-02 12:25, schrieb cmeclax-sazri:
> Sometime this week (I haven't decided when yet) I'll be down for a few hours
> to upgrade memory.
>
>
Why and for whom is that relevant? Keep in mind that the Tor network
handles churn quite well.
Paul
__
Sometime this week (I haven't decided when yet) I'll be down for a few hours
to upgrade memory.
cmeclax
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Sunday 01 January 2012 23:36:13 grarpamp wrote:
> This 'attack' has been going on for YEARS. Nobody's really getting
> shells (well some are), just dictionaried. The problem is that
> OpenSSH logs this by default and people freak out when they
> see it in their logs. It's just background noise.
