Yeah, he knows, he'd just kind of like it to go away.

A bit of googling yielded something called tortunnel which links direct to the exit node and allows a scan. It'd be nice to make a bit of an effort though, so, anyone know how to interfere with that? It's Moxie, mind you, so it's probably bulletproof.

K.

On 21/05/16 21:46, Green Dream wrote:

There's really nothing to do. Based on the limited logs, it looks like someone was just looking for open TCP port 22 (ssh). You can't really block the scans by source since you don't know the source address (because Tor). You could prevent connections to port 22, but that would prevent everyone else from using ssh through your exit, and also, it wouldn't stop port scanning of any other ports allowed through the exit.

I'd just explain you're running a Tor exit, and thus you cannot identify the source of the scan.

As common as port scanning is (and has been for as long as the Internet has been around), I'm surprised providers still worry about it this much.
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays