Abuse Desks

Matt Corallo nanog at as397444.net
Wed Apr 29 23:19:08 UTC 2020


Ah, I'd pasted the following in a response to the mail you responded to:

~$ whois 208.68.4.129
Comment:        ---------------
Comment:        208.68.4.128/28 and 208.68.7.128/28 provide privacy services
Comment:        (incl running tor exit node(s)!)
Comment:        Abuse reports will be handled but there is likely not much that can be done.
Comment:        Send abuse to abuse at privacysvcs net.
Comment:        ---------------
...
RAbuseEmail:  see-comments-no-bots at example.com

Now you can decide to pass judgement on the idea that someone may want to run a Tor exit node (my data says a good chunk
of users are regular internet users in Iran, and I'm not routing hidden service traffic, where a most of the
morally-repugnant crap happens), but that's beside the point - outbound ports are super limited, and outbound SSH is
rate-limited appropriately.

Matt

On 4/29/20 7:00 PM, William Herrin wrote:
> On Wed, Apr 29, 2020 at 3:36 PM Matt Corallo <nanog at as397444.net> wrote:
>> I do, in this case, have such a right, because I know exactly what is going on in my network,
> 
> Hi Matt,
> 
> If someone in your address space is knock-knocking on a stranger's ssh
> ports (your example, not mine), you have some work to do convincing me
> of your supreme security.
> 
> Don't get me wrong: I've felt the pain of the auto-generated spam
> complaint that scrubbed exactly the headers I need to figure out what
> happened. But if you're round-filing complaints solely because they
> were generated by a program, you're doing it really wrong.
> 
> Regards,
> Bill Herrin
> 



More information about the NANOG mailing list