6/8/2014
doc/TorAbuseTemplates – Tor Bug Tracker & Wiki
Tor Abuse Templates: Before You Start The best way to handle abuse complaints is to set up your exit node so that they are less likely to be sent in the first place. Please see Tips for Running an Exit Node with Minimal Harassment and Tor Exit Guidelines for more info, before reading this document. Below are a collection of letters you can use to respond to your ISP about their complaint in regards to your Tor exit server.
Format and Philosophy of Templates
Tor Abuse Templates: Before You Start Format and Philosophy of Templates C ommon Boilerplate (Tor Intro) Abuse Scenarios C omment/Forum Spam PHP Relay or Exploited Webmail Account Spam Google Groups Spam DoS Attacks and Scraping Robots Brute Force Web Attacks SSH Bruteforce Attempts Hacked Gmail, Web Forum, or Misc Account Access Hacking (PHP Webshells, XSS, SQL Injection) E-C ommerce Fraud Threats of Violence (Advice for Real-Time Discussion) Other Template Sets
The general format of these templates is to inform the complaintant about Tor, to help them to find a solution to their particular issue that works in general for the Internet at large (open wifi, open proxies, botnets, etc), and barring all else, how to block Tor. The philosophy of the Tor Project is that abuse should be handled proactively by the site administrators, rather than wasting effort and resources on seeking vengeance and chasing ghosts.
The difference between the proactive approach and the reactive approach to abuse is the difference between decentralized fault-tolerant Internet freedom, and fragile, corruptible totalitarian control. To further preach to the choir, the identity-based Internet "driver's licenses" of South Korea and China have done nothing to curtail cybercrime and Internet abuse. In fact, all objective evidence seems to indicate that it has only created new markets for organized crime to preside over. This is the core idea that these abuse complaint templates attempt to instil in the recipient. Feel free to improve them if you feel they fall short of this goal. All templates should include the Common Boilerplate below, and append some additional paragraphs depending on the specific Scenario.
Common Boilerplate (Tor Intro) The IP address in question is a Tor exit node. https://www.torproject.org/overview.html There is little we can do to trace this matter further. As can be seen from the overview page, the Tor network is designed to make tracing of users impossible. The Tor network is run by some 5000 volunteers who use the free software provided by the Tor Project to run Tor routers. Client connections are routed through multiple relays, and are multiplexed together on the connections between relays. The system does not record logs of client connections or previous hops. https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates
1/8