Connections to botnet masters

M maillist at piirakka.com
Mon Aug 27 10:04:12 UTC 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Can't remember if I posted this already so here we go...

I received a phone call from my ISP a couple of weeks ago. They told me
that cert.fi had contacted them with an abuse report. One of my
Tor-servers had been an exit node when someone had contacted couple of
botnet masters according to them.

I wrote them an email telling that I'm running a tor exit node on that
server and pointed them to http://tor.eff.org.

Is there any way to stop those connections or is this just a price to
pay from anonymity? I guess that's pretty impossible to prevent
connections to those machines unless one knows their ip addresses. As
far as I know one can control botnets over irc / http / ssh or pretty
much over any protocol so blocking some ports won't help anything.

I'm going to google and find out what's most usual way of getting
infected by malmware that makes your computer a zombie. Let's see if I
can educate some users on this matter so they won't get infected.

M

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFG0qGc6fSN8IKlpYoRAqSNAJ4hKsYarv+jMIkEOFJSmwncBgHSCgCeJqVr
/yE6XpAGpnAN8sOGFaiL2h8=
=c7Iv
-----END PGP SIGNATURE-----



More information about the tor-talk mailing list