[tor-relays] Port scanning via exit node

Green Dream greendream848 at gmail.com
Sat May 21 20:46:15 UTC 2016


There's really nothing to do. Based on the limited logs, it looks like
someone was just looking for open TCP port 22 (ssh). You can't really block
the scans by source since you don't know the source address (because Tor).
You could prevent connections to port 22, but that would prevent everyone
else from using ssh through your exit, and also, it wouldn't stop port
scanning of any other ports allowed through the exit.

I'd just explain you're running a Tor exit, and thus you cannot identify
the source of the scan.

As common as port scanning is (and has been for as long as the Internet has
been around), I'm surprised providers still worry about it this much.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160521/c97efbc9/attachment.html>


More information about the tor-relays mailing list