> On 25 Aug 2015, at 23:54, Heiko Tropartz <[email protected]> wrote: > > > Hello, > > my ISP deactivated the network traffic of my tor-exit relay because the > server is part of the following botnets: > > - Wapomi > - AldiBot > - Darkness Bot > > In the last 2 hours I analysed the sparse log files and checked the system by > checksums I created after the installation. > The linux server is clean. > > I send an answer to my ISP, that the server is only an exit-relay for Tor > traffic. I also attached a list security software including configurations > that I installed. > But the network traffic keeps blocked until I guarantee for a secure network > traffic. > > Can someone advise me what to do? > Any tips and hints?
It's unfortunate your provider doesn't understand the concept of an overlay network, or even the concept of a proxy. If they are going to continue to judge you by your traffic, here's how you can change the traffic allowed through your exit: If the botnets connect to particular IP addresses or ports, you can block those in your Tor Exit policy or server firewall. Alternately, if the complainants / honeypots are on particular IPs, you can block those. You might have to ask your ISP what IPs or ports are generating the complaints. Tim (teor) Tim Wilson-Brown (teor) teor2345 at gmail dot com pgp 0xABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
