Definitely abusive. Fortunately, because of how nearby most of the IPs are, Tor will treat them as family even if the operator neglected to, so it doesn't pose a risk to anonymity (other than the one outlying node, but even then it's a maximum of two), but this definitely looks like a badexit situation.
Honestly, why does somebody run a tor node if they keep connection/session logs? Seems like an odd place to look for a paycheck. - John Brooks On Tue, Jun 2, 2009 at 4:52 AM, Alexander Cherepanov <[email protected]> wrote: > Hello! > > Just stumbled upon a banner injected in html at tor exit node. > Nodes in question: > > router TRHCourtney01 94.76.246.74 443 0 9030 > router TRHCourtney02 94.76.247.136 443 0 9030 > router TRHCourtney03 94.76.247.137 443 0 9030 > router TRHCourtney04 94.76.247.138 443 0 9030 > router TRHCourtney05 94.76.247.139 443 0 9030 > router TRHCourtney06 94.76.247.140 443 0 9030 > router TRHCourtney07 94.76.247.141 443 0 9030 > router TRHCourtney08 94.76.247.142 443 0 9030 > router TRHCourtney09 94.76.247.143 443 0 9030 > router TRHCourtney10 92.48.84.113 443 0 9030 > contact Courtney TRH <[email protected]> > > All of them inject a piece of html at end of web pages. Text under > banner reads: > > Courtney TOR/VPN & Wifi Exit Node :: Usage subject to Terms and > Conditions/Acceptable Use Policy :: Want to advertise here? Contact > us > > Check for yourself: http://www.torproject.org.TRHCourtney01.exit/ . > > Some more concerns. Page http://courtney.nullroute.net/ contains: > > WARNING: The TOR Exit Node must *not* be used for illegal means. > Connection and session logs are kept and *will* be forwarded onto > the police in the event of an abuse report > > There is no family set for these nodes in descriptors. > > Port 110 (POP3) accepted in exit policy but not port 995 (POP3/SSL). > > Just to let you know. > > Alexander Cherepanov > >
