[tor-relays] potentially compromised Linux servers running a tor exit relay without consent of the owner?

nusenu nusenu at openmailbox.org
Tue Mar 8 01:25:00 UTC 2016


Dear abuse handlers at universities,

the following two servers run a tor exit relay
(exit policy: accept *:*).

Due to ~80 other servers [1] around the world joining the tor network
with the same bitcoin donation address in the contact field my wild
guess is that it was not the owner making this server a tor exit relay.

If you can confirm that these servers were indeed compromised - this
would be valuable information for us.


AS name: University of California at Berkeley
IP address: 169.229.227.122
started to run as a tor relay at: 2016-03-07 17:37:24


AS name: University of Vienna, Austria
IP: 77.80.14.190
started to run as a tor relay at: 2016-03-07 17:32:29


(I'm not associated with the torproject)


[1]
https://gist.githubusercontent.com/nusenu/fb19034a7860dba6c203/raw/5531768e75928970ad37517dfd3bbfed4698eaca/2016-03-07_79relays.txt

https://lists.torproject.org/pipermail/tor-relays/2016-March/008857.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160308/2e17fdfd/attachment.sig>


More information about the tor-relays mailing list