[tor-relays] Attacker IP database

Richard Budd rotorbudd at gmail.com
Fri Aug 2 20:04:22 UTC 2013


If you are just talking about regular server hacking attempts,  and you are
using debian,  tben try demyhosts and have it query the demyhosts server
every hour or so.  It will download a list of known attacking ips
On Aug 2, 2013 3:41 PM, "Bryan Carey" <z0civic483 at gmail.com> wrote:

> Is there any kind of compiled list of IPs that relay operators can refer
> to that are known bad IPs (sources of brute force SSH attempts, etc.)? Is
> there a reason to NOT block (drop) traffic from these IPs?
>
> Here are some that I have seen recently trying to brute force common user
> accounts and root password attempts:
> 198.50.197.98
> 220.161.148.178
> 223.4.217.47
> 199.187.125.250
> 175.99.95.252
> 62.64.83.38
> 125.209.110.234
> 37.235.53.172
>
> Also, in general what are some good security practices to keep in mind
> while running a Tor relay?
>
> Thanks,
> Bryan
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20130802/cb302f36/attachment.html>


More information about the tor-relays mailing list