[tor-relays] Sinkhole IPs to block for Cryptolocker and Gameover Zeus
Adam Brenner
adam at aeb.io
Wed Jun 11 08:17:37 UTC 2014
As you know, the Tor network can be used for mischievous and in some
countries illegal activity hurting the reputation of Tor. Two of these
activities include Cryptolocker[1] and Gameover Zeus[2].
Recently my exit node was inserted into a few block lists due to this
two issues mentioned above and I would guess this hinders 'good' traffic
within the Tor network using an exit node.
I have complied a list of Sinkholes from CBL for both Cryptolocker and
Gameover Zeus. Consider adding these IPs to your ExitPolicy reject list.
ExitPolicy reject 85.159.211.119 # Cryptolocker
ExitPolicy reject 212.71.250.4 # Cryptolocker
ExitPolicy reject 54.83.43.69 # Cryptolocker
ExitPolicy reject 192.42.116.41 # Cryptolocker
ExitPolicy reject 192.42.119.41 # Cryptolocker
ExitPolicy reject 198.98.103.253 # Cryptolocker
ExitPolicy reject 208.64.121.161 # Cryptolocker
ExitPolicy reject 142.0.36.234 # Cryptolocker
ExitPolicy reject 173.193.197.194 # Cryptolocker
[1]: http://www.us-cert.gov/ncas/alerts/TA13-309A
[2]: https://www.us-cert.gov/ncas/alerts/TA14-150A
--
Adam Brenner <adam at aeb.io>
More information about the tor-relays
mailing list