-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hah - I am not laughing at whats happened to you, but I am laughing at the MO of the notice. See the "Dealing with VPS suspension" thread posted a few minutes ago.
I received the exact same notice, but at least your hoster didn't close yours without asking first. On 7 Aug 2013, at 21:00, Kris wrote: > I've been an end user of tor for a few years and finally as of last week > purchased a virtualhost to run an exit relay. > > After a few days running smoothly, I received a forwarded abuse complaint > from the hosting company from someone saying their are being DDOS'd by my IP. > > I'm prepared per the tor website regarding DMCA notifications, but haven't > found much on how to deal with this situation. I have: > > * made it quite obvious that this is an exit node > * reverse dns is tor-exit-node.nenticom.net > * web server running on 8080/80 with the tor notification page > * provide full real name and [email protected] contact > * notified the hosting company > * applied the recommended exit policy per the "minimum harassment" post > > You can see most of this off Atlas (node: nenticom). > https://atlas.torproject.org/#details/50D04704A5017C02CC63AFE4A66F05DF79ED81F3 > > Can anyone provide a recommendation of how to respond to this notice > (provided below)? Given the headers the original complainer filed it looks > like someone is running benchmark software over tor. > Maybe after explaining that I'm a tor exit node to the provider I can offer > to block exiting to the IP block belonging to the original complainer? > > > > Notice from Hosting Provider > ---------------------------- > > Please review the following abuse complaint and provide us with a resolution: > > ****************************** > Hello, > > Over the last three days we have experienced a massive amounts of incoming > HTTP connections from an IP address under your control as part of a DDOS > attack. > > Can you please investigate the server/computer associated with this IP > address as it is more than likely compromised and is now part of a BotNet. > > For your reference, all requests to our server from the IP in question are > listed in the Apache logs as: > "GET / HTTP/1.0" 500 11680 "-" "ApacheBench/2.3" > > The attackers IP address that appears to belong to you or your network is > '192.241.230.170'. Please resolve this as soon as possible. > > -- > Kind regards, > Benjamin Hodgetts > Dedicated Hosting Server Administrator > Namesco Ltd. > > Phone: +44 (0)1905 342347 > Email: [email protected] > DDI: +44 (0)1905 342384 > > Main Line: +44 (0)1905 342342 / 0845 363 3630 > Main Fax: +44 (0)1905 342343 / 0845 363 3631 > Support Email: [email protected] > Website: http://www.names.co.uk > > Namesco Limited (Registration No: 3913408) is incorporated in England and > Wales with its registered office at Acton House, Perdiswell Park, Worcester, > WR3 7GD. > > Information contained in this e-mail is intended for the use of the addressee > only, and is confidential. If you have received this email in error please > notify the sender immediately. Any dissemination, distribution, copying or > use of this communication without prior permission of the addressee is > strictly prohibited. The contents of an attachment to this e-mail may contain > software viruses, which could damage your own computer system. While Namesco > has taken every reasonable precaution to minimise this risk, we cannot accept > liability for any damage, which you sustain as a result of software viruses. > You should carry out your own virus checks before opening the attachment. > Please note that any views or opinions presented in this email are solely > those of the author and do not necessarily represent those of the company. > > ©2013 Namesco Limited. All rights reserved. > ****************************** > > > _______________________________________________ > tor-relays mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays - -------------------------------------- Bernard / bluboxthief / ei8fdb IO91XM / www.ei8fdb.org -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.17 (Darwin) Comment: GPGTools - http://gpgtools.org iQEcBAEBAgAGBQJSAqnkAAoJENsz1IO7MIrrPZUIAKDWZcCWe+92q4sgWLNCHwS5 YhIjFBFd/RJzLoAKfnJEHYJTrpfSNlBDdgARd3VQYLXINbT7pEegpOZ1D+R8DLYY 9+RXvE1D5YqyzlFiK2nMZ5FUxMcZEKUrTPFn89Ubf3gMv8JcCBpg0TM2OPsBBJjC 35LZp2xNxXnWXJRn1gnHF5RHu3V5Uqj3xwaSXVy4X2jQfM6D5IK26jHDHTYaxZH2 e8szOg2oQDqfAHbv6doc+X32Zab7XTBUvFR+a6/igqfxOoJbtifF8prpd/6sLqH/ +GWmOTI0Vjjs1c7DUrkCRPhLobM8W94hI4nIlcA8jLVDrSOdjhQb1FB5yhw6NPs= =qtN4 -----END PGP SIGNATURE----- _______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
