Re: [tor-relays] Sinkhole IPs to block for Cryptolocker and Gameover Zeus
On Wed, Jun 11, 2014 at 4:17 AM, Adam Brenner wrote: > I have complied a list of Sinkholes from CBL for both Cryptolocker and > Gameover Zeus. Consider adding these IPs to your ExitPolicy reject list. Here are lists of other useless "bad' stuff on the clearnet for which exit operator might receive a complaint for contacting: ... ... ... Has anyone evaluated the network [dirdata, client] cost of bloating 1200+ exits worth of 1000+ line exitpolicies, versus [circuit] cost blocking them with external packet filters. And the classic issue of when those IP's are eventually cleared and used for "good' stuff, but laziness tends not to delist them, so exit becomes less useful and traffic skews. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Sinkhole IPs to block for Cryptolocker and Gameover Zeus
As you know, the Tor network can be used for mischievous and in some countries illegal activity hurting the reputation of Tor. Two of these activities include Cryptolocker[1] and Gameover Zeus[2]. Recently my exit node was inserted into a few block lists due to this two issues mentioned above and I would guess this hinders 'good' traffic within the Tor network using an exit node. I have complied a list of Sinkholes from CBL for both Cryptolocker and Gameover Zeus. Consider adding these IPs to your ExitPolicy reject list. ExitPolicy reject 85.159.211.119 # Cryptolocker ExitPolicy reject 212.71.250.4 # Cryptolocker ExitPolicy reject 54.83.43.69 # Cryptolocker ExitPolicy reject 192.42.116.41# Cryptolocker ExitPolicy reject 192.42.119.41# Cryptolocker ExitPolicy reject 198.98.103.253 # Cryptolocker ExitPolicy reject 208.64.121.161 # Cryptolocker ExitPolicy reject 142.0.36.234 # Cryptolocker ExitPolicy reject 173.193.197.194 # Cryptolocker [1]: http://www.us-cert.gov/ncas/alerts/TA13-309A [2]: https://www.us-cert.gov/ncas/alerts/TA14-150A -- Adam Brenner ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
