Re: [tor-relays] Blocking outbound 22 or no?
Am 05.10.2017 19:08 schrieb AMuse: Hi all! I'm getting a number of ISP Abuse complaints around outbound ssh brute-forcing from our exit relay. I'm personally of the opinion that people should run fail2ban (or equiv) and get on with life and I generally ignore the complaints - but wondered, what are other operators doing? Is anyone exit-policy blocking outbound 22 to make the internet a kinder place? Is anyone refusing to on principle? I'm generally refusing to block ports on my exit relay. Tor is supposed to be an overlay network and I love to be able use it for anything TCP :) I personally think the internet would be a kinder place if all ports would be open on exit relays, making the most out of the Tor network... And if all kinds of people would use Tor, even if they don't directly know it. (I'd love to see it integrated in the Gnome Desktop for example) That said, I had to disable port 25 some time ago, but I did do so after quite some discussions with my ISP and will ask again about enabling it. They had one semi-valid fear about email spam, but that's a different story. thanks martin ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Blocking outbound 22 or no?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 10/05/2017 08:55 PM, tor-relay.d...@o.banes.ch wrote: > In the end we disabled port 22. After all - any sysadmin who wants > to have peace and ever looked a ssh config will have its listen > port somewhere else than 22. +1 disabled exit pot 22 here long time ago. - -- Toralf PGP C4EACDDE 0076E94E -BEGIN PGP SIGNATURE- iI0EAREIADUWIQQaN2+ZSp0CbxPiTc/E6s3eAHbpTgUCWdan3RccdG9yYWxmLmZv ZXJzdGVyQGdteC5kZQAKCRDE6s3eAHbpTkI2AP9XMFbHoMeF9JKXVZsWM/45AiTK X3FqRZlSmWIlvR+iswD/UMHgiDQAKChAq6bvl3Mo+HqN9V4IvQgOEuiAuQ4ZZrk= =Impi -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Blocking outbound 22 or no?
Good Evening, What Dirk just described is exactly what happened here. Timeframe matches and i disabled port 22 as well. Adjusting the port for your own system seems to be a good idea and it is working very well for me. -- Sincerely yours / M.f.G. / Sincères salutations Sebastian Urbach --- Those who surrender freedom for security will not have, nor do they deserve, either one. --- Benjamin Franklin (1706-1790) Am 5. Oktober 2017 20:55:54 schrieb tor-relay.d...@o.banes.ch: Hello AMuse, we faced the same about 1-2 month ago. Actuall people use fail2ban which creates abuse mails to you provider. Thats not new. But recently the abuse mails have risen to numbers which lead us to believe there are acutally more people abusing ssh via tor than people really using it. In the end we disabled port 22. After all - any sysadmin who wants to have peace and ever looked a ssh config will have its listen port somewhere else than 22. best regards Dirk On 05.10.2017 19:08, AMuse wrote: Hi all! I'm getting a number of ISP Abuse complaints around outbound ssh brute-forcing from our exit relay. I'm personally of the opinion that people should run fail2ban (or equiv) and get on with life and I generally ignore the complaints - but wondered, what are other operators doing? Is anyone exit-policy blocking outbound 22 to make the internet a kinder place? Is anyone refusing to on principle? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Blocking outbound 22 or no?
Hello AMuse, we faced the same about 1-2 month ago. Actuall people use fail2ban which creates abuse mails to you provider. Thats not new. But recently the abuse mails have risen to numbers which lead us to believe there are acutally more people abusing ssh via tor than people really using it. In the end we disabled port 22. After all - any sysadmin who wants to have peace and ever looked a ssh config will have its listen port somewhere else than 22. best regards Dirk On 05.10.2017 19:08, AMuse wrote: > Hi all! I'm getting a number of ISP Abuse complaints around outbound > ssh brute-forcing from our exit relay. > > I'm personally of the opinion that people should run fail2ban (or > equiv) and get on with life and I generally ignore the complaints - > but wondered, what are other operators doing? > > Is anyone exit-policy blocking outbound 22 to make the internet a > kinder place? Is anyone refusing to on principle? > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Blocking outbound 22 or no?
Hi all! I'm getting a number of ISP Abuse complaints around outbound ssh brute-forcing from our exit relay. I'm personally of the opinion that people should run fail2ban (or equiv) and get on with life and I generally ignore the complaints - but wondered, what are other operators doing? Is anyone exit-policy blocking outbound 22 to make the internet a kinder place? Is anyone refusing to on principle? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
