Hello AMuse,
we faced the same about 1-2 month ago. Actuall people use fail2ban which creates abuse mails to you provider. Thats not new. But recently the abuse mails have risen to numbers which lead us to believe there are acutally more people abusing ssh via tor than people really using it.
In the end we disabled port 22. After all - any sysadmin who wants to have peace and ever looked a ssh config will have its listen port somewhere else than 22.
best regards
Dirk
On 05.10.2017 19:08, AMuse wrote:
Hi all! I'm getting a number of ISP Abuse complaints around outbound ssh brute-forcing from our exit relay.
I'm personally of the opinion that people should run fail2ban (or equiv) and get on with life and I generally ignore the complaints - but wondered, what are other operators doing?
Is anyone exit-policy blocking outbound 22 to make the internet a kinder place? Is anyone refusing to on principle?
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays