-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Kyle Williams @ 01/28/2011 02:29 PM: > I'm not sure if anyone has said this yet, but THANK YOU. > > You are one of the few who is fighting a big ISP for the sake of > everyone else. In doing so you spend your time, energy, and reputation > to help get through to your ISP that anonymity systems like Tor are > needed and should be accepted openly. Hell yes go to the BBB, play the > 'patriotic' card, explain what Tor is and how you're helping poor people > in censored countries experience a freedom in the 21st, etc, etc. > > Thank you and keep up the good fight,
thanks i appreciate it. some more updates. i did file my complaint with the BBB. Qwest seems to have flip-flopped on their position and is now saying they will not allow the running of Tor. So that is all on file with the BBB now. Even though Qwest has changed their position, i continue to run the exit node. My service will get disconnected every few weeks, I will contact Qwest to re-explain the situation and get my service re-activated. They will send me their logs of what is triggering the disconnection. Each time i augment my exit policy to try and block the malicious traffic. I've also been able to squeeze another 6 months of 40M/20M service for $30/month so i am a bit reluctant to actually jump ship. I think as long as they quickly re-activate my service and I continue to be transparent and active in augmenting my exit policy, I'll be able to continue this endeavor. below are the most recent entries that Qwest has forwarded to me. i'd like to figure out how to block this. i will not block port 80, that will be the last thing i block. i guess i can try blocking 87.106.24.200 and 74.208.164.166 which are shadowserver sinkholes.... Date/Time Seen (GMT) IP Address Infection Data (*) - -------------------- --------------- ------------------------------ date: 2011-03-29 list: bots IPs: 70.57.229.88 2011-03-28 02:16:35 70.57.229.88 infection => 'bots', subtype => 'sinkhole', port => '41390', cc => 87.106.24.200 , cc_port => '80', type => 'tcp', count => '1', p0f_detail => '2.6 (newer, 3)', sourceSummary => 'Drone Report', p0f_genre => 'Linux' 2011-03-28 02:16:35 70.57.229.88 infection => 'bots', subtype => 'sinkhole', port => '41390', cc => 87.106.24.200 , cc_port => '80', type => 'tcp', count => '1', p0f_detail => '2.6 (newer, 3)', sourceSummary => 'Drone Report', p0f_genre => 'Linux' date: 2011-03-15 list: bots IPs: 184.99.178.114 2011-03-13 05:29:16 184.99.178.114 infection => 'bots', subtype => 'sinkhole', port => '53843', cc => 74.208.164.166 , cc_port => '80', type => 'tcp', count => '1', p0f_detail => '2.6 (newer, 3)', sourceSummary => 'Drone Report', p0f_genre => 'Linux' 2011-03-13 05:29:16 184.99.178.114 infection => 'bots', subtype => 'sinkhole', port => '53843', cc => 74.208.164.166 , cc_port => '80', type => 'tcp', count => '1', p0f_detail => '2.6 (newer, 3)', sourceSummary => 'Drone Report', p0f_genre => 'Linux' date: 2011-03-13 list: bots IPs: 184.99.175.112 2011-03-11 17:39:46 184.99.175.112 infection => 'bots', subtype => 'sinkhole', port => '43572', cc => 87.106.24.200 , cc_port => '80', type => 'tcp', count => '1', p0f_detail => '2.6 (newer, 3)', sourceSummary => 'Drone Report', p0f_genre => 'Linux' 2011-03-11 17:39:46 184.99.175.112 infection => 'bots', subtype => 'sinkhole', port => '43572', cc => 87.106.24.200 , cc_port => '80', type => 'tcp', count => '1', p0f_detail => '2.6 (newer, 3)', sourceSummary => 'Drone Report', p0f_genre => 'Linux' -----BEGIN PGP SIGNATURE----- iEYEAREIAAYFAk2TXrkACgkQXhfCJNu98qACegCfc5yaMQmJCOg8c6U6o2WeQInp rJsAniWErfUTffSE6HuBupH6IzNccMpD =mikt -----END PGP SIGNATURE----- _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
