Re: Forwarding email ports
Alright, can someone test and see if I have this set up right? All four ports should now be accepted by "stbmac".
Re: Forwarding email ports
On Sun, 4 Feb 2007, Michael_google gmail_Gersten wrote: I read through the january archives on email ports, specifically 465, 587, and 995. First, are these the ports needed to support standard secure email (SMTP and PoP)? 465 is smtp-over-ssl (auth typically required -- ssl being part of the handshake) 587 is SMTP-submission (auth typically required), and TLS (ssl-on-request) generally supported post-connect. 995 is pop3-over-ssl (implicit, the SSL is part of the handshake). There's also an imap-over-ssl port (993). Second, why were there three of them for two protocols? Did I misunderstand something? See above, some ports are with and without SSL. Third, what are the implications -- both security, and legal -- if I open these on my machine. I'm thinking in particular, that: These are mainly used for people to send outbound mail via their own server, and pick up mail via their own server. Unless there's some sort of exploit being actively used, most of the people exiting your machine on these ports will be connecting to a machine for which they have login credentials. 1. If only one exit node is outputting these ports, it becomes an obvious snoop target -- how does that affect security? I don't believe this to be the case. The nature of tor means snooping this machine would be largely without point anyway, since even you, running TCPdump on the machine, even behind the various cryptography, cannot tell where the packets originate. 2. If I'm forwarding email, am I likely to find my site "blacklisted" somewhere? Forwarding mail in what sense? 3. Am I likely to get some sort of "Cease and desist" letter, or other legal hassle, for this? There are sites that deliver cease and desist letters just for running a tor node at all. This is a largely subjective question. 4. Since my machine has about 22K/s bandwidth, how likely is it that I will be badly backlogged / overtargetted? Also largely subjective, but try it, and if there's a problem, limit it. -Dan -- Dan Mahoney Techie, Sysadmin, WebGeek Gushi on efnet/undernet IRC ICQ: 13735144 AIM: LarpGM Site: http://www.gushi.org ---
RE: suggestion for 'is my installation of tor working?' page
I've got an initial version up now at http://www.showmyip.com/torstatus/ - feedback welcome! More content and links to come! . . . Wesley -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Robert Hogan Sent: February 1, 2007 1:48 PM To: or-talk@freehaven.net Subject: Re: suggestion for 'is my installation of tor working?' page On Thursday 21 December 2006 18:36, Robert Hogan wrote: > On Thursday 21 December 2006 05:19, you wrote: > > Good idea. We will work on getting a page available on showmyip.com > > to do this - maybe something like http://www.showmyip.com/torstatus/ > > with just the relevant data for new Tor users. > > > > . . . > > Wesley Kenzie > > WebMaster > > http://www.showmyip.com/ > > http://www.privacy-ecosystem.com/ > > Sounds great, looking forward to it! > > I'll direct TorK users to it once it's up and running. > Has anyone had any further thoughts on this? Wesley, have you thought of creating a chopped-down version of showmyip.com that concentrates on the browser/OS properties (such as javascript) as well as displaying geographical info? > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Robert Hogan > > Sent: December 19, 2006 1:07 PM > > To: or-talk@freehaven.net > > Subject: suggestion for 'is my installation of tor working?' page > > > > > > > > Hi all, > > > > http://lefkada.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1 > > https://tns.nighteffect.com/ > > https://torstat.xenobite.eu/ > > > > All of the above provide useful information for the first-time tor > > user. But > > > > the last two are only really meaningful to initates (and probably > > confusing to everyone else), while the first is reassuring but could > > really offer a little more. > > > > What is needed (IMVHO) is a page that confirms you are using tor > > successfully, but also introduces you to the other services that tor > > offers and also some advice for the tor debutante. A sort of > > official or unofficial 'welcome to the tor network' page. This could > > be linked to in the FAQ/INSTALL and used by > > controllers/front-ends. > > > > Would the maintainers of any of the above be interested in providing > > such a thing? Given that the heavy lifting has already been done on > > all of the above, it would be very trivial to create. Would there be > > an appetite for such a thing on the tor homepage itself? > > > > Suggestions for content: > > > > * A warm greeting! > > * Top Five things all tor users should know > > * Appeal for users to run servers and link to how-to > > * An introduction to some hidden services > > > > Anyway, just a thought... > > > > Robert -- KlamAV - An Anti-Virus Manager for KDE - http://www.klamav.net TorK - A Tor Controller For KDE - http://tork.sf.net
Re: Really strange interface behavior
On 2/4/07, coderman <[EMAIL PROTECTED]> wrote: ... you can maybe fix via iproute2 and policy based routing (may also need netfilter hooks). for the sake of completeness: gw1 = 216.9.65.1 gw2 = 216.9.100.1 ip route add default via 216.9.65.1 dev eth0 tab 1 ip route add default via 216.9.100.1 dev eth1 tab 2 ip rule add from 216.9.65.50/32 tab 1 priority 500 ip rule add from 216.9.100.100/32 tab 2 priority 501 ip route flush cache may do the trick. (if you've got the same default router IP for both, then use it instead of two distinct as shown above). good luck, #include
Re: Really strange interface behavior
Are you using ndiswrapper for your ethernet cards? I'm on the same kernel with no problems. Are your network interfaces just eth0, eth1, and lo? Ringo Kamens On 2/4/07, Matt Glaves <[EMAIL PROTECTED]> wrote: Tonight I made a change to my TOR node and am perplexed as to why it is acting in this manner. I'm not actually sure why it is even working :) Eth0: New TOR Interface (216.9.65.50). This was previously a subinterface aka eth1:1 Eth1: Webserver/Mailserver/etc Interface - This is a separate netblock/vlan. Call it 216.9.100.100 for this example. I have the following set in torrc Address 216.9.65.50 OutboundBindAddress 216.9.65.50 Although netstat only shows TOR connections on the 216.9.65.50 address and zero listening/open connections on 216.9.100.100 (other than the listening web/email processes) my traffic is being split between the interfaces. eth0 is only the inbound TOR traffic, and eth1 is only the outbound TOR traffic. My node is currently doing about 4.5Mbit and I have 4.5Mbit coming in eth0 and 4.5Mbit going out eth1. Anyone running a similar setup or had similar wierdness? I am running 0.1.1.26 under linux. thanks, matt
Re: Forwarding email ports
1. The same argument could be used "if I'm an exit server that redirects any traffic" so you shouldn't worry. 2. If you are an open relay, yes (if you run your own mail server). If you are not one, probably not. 3. Just as likely without email enabled 3. Just as likely without email enabled. Ringo Kamens On 2/4/07, Michael_google gmail_Gersten <[EMAIL PROTECTED]> wrote: I read through the january archives on email ports, specifically 465, 587, and 995. First, are these the ports needed to support standard secure email (SMTP and PoP)? Second, why were there three of them for two protocols? Did I misunderstand something? Third, what are the implications -- both security, and legal -- if I open these on my machine. I'm thinking in particular, that: 1. If only one exit node is outputting these ports, it becomes an obvious snoop target -- how does that affect security? 2. If I'm forwarding email, am I likely to find my site "blacklisted" somewhere? 3. Am I likely to get some sort of "Cease and desist" letter, or other legal hassle, for this? 4. Since my machine has about 22K/s bandwidth, how likely is it that I will be badly backlogged / overtargetted?
Re: Really strange interface behavior
On 2/4/07, Matt Glaves <[EMAIL PROTECTED]> wrote: ... Eth0: New TOR Interface (216.9.65.50). This was previously a subinterface aka eth1:1 Eth1: Webserver/Mailserver/etc Interface - This is a separate netblock/vlan. Call it 216.9.100.100 for this example. ... Although netstat only shows TOR connections on the 216.9.65.50 address and zero listening/open connections on 216.9.100.100 (other than the listening web/email processes) my traffic is being split between the interfaces. let me guess, eth1 is default route, and if you look at outgoing Tor packets the source address is correctly "216.9.65.50". you can maybe fix via iproute2 and policy based routing (may also need netfilter hooks). best regards,
Really strange interface behavior
Tonight I made a change to my TOR node and am perplexed as to why it is acting in this manner. I'm not actually sure why it is even working :) Eth0: New TOR Interface (216.9.65.50). This was previously a subinterface aka eth1:1 Eth1: Webserver/Mailserver/etc Interface - This is a separate netblock/vlan. Call it 216.9.100.100 for this example. I have the following set in torrc Address 216.9.65.50 OutboundBindAddress 216.9.65.50 Although netstat only shows TOR connections on the 216.9.65.50 address and zero listening/open connections on 216.9.100.100 (other than the listening web/email processes) my traffic is being split between the interfaces. eth0 is only the inbound TOR traffic, and eth1 is only the outbound TOR traffic. My node is currently doing about 4.5Mbit and I have 4.5Mbit coming in eth0 and 4.5Mbit going out eth1. Anyone running a similar setup or had similar wierdness? I am running 0.1.1.26 under linux. thanks, matt
Forwarding email ports
I read through the january archives on email ports, specifically 465, 587, and 995. First, are these the ports needed to support standard secure email (SMTP and PoP)? Second, why were there three of them for two protocols? Did I misunderstand something? Third, what are the implications -- both security, and legal -- if I open these on my machine. I'm thinking in particular, that: 1. If only one exit node is outputting these ports, it becomes an obvious snoop target -- how does that affect security? 2. If I'm forwarding email, am I likely to find my site "blacklisted" somewhere? 3. Am I likely to get some sort of "Cease and desist" letter, or other legal hassle, for this? 4. Since my machine has about 22K/s bandwidth, how likely is it that I will be badly backlogged / overtargetted?
Re: Problem downloading new Torpark
Downloading Torpark from China has redirected to Google since at least early December 2006: http://kevinsmith.wordpress.com/2006/12/08/torpark-more-gfw-tinkering/ Kevin S. On 2/5/07, Moses <[EMAIL PROTECTED]> wrote: yeah, same problem here... On 12/7/06, Total Privacy <[EMAIL PROTECTED]> wrote: > Hi, is there anyone having the same problem, or only for me? > My setup is now a Torpark with disabled images, cookies and > javascript. I somebody wanna test this, please do the same. > > To check the new Torpark (my is pretty old by now), I´m trying > download it, but faile to success. At one time I get redirect to > a chineese google page (probably because the exit node was from > china) but usually the things going as follow clicking sequence: >
Re: Problem downloading new Torpark
yeah, same problem here... On 12/7/06, Total Privacy <[EMAIL PROTECTED]> wrote: Hi, is there anyone having the same problem, or only for me? My setup is now a Torpark with disabled images, cookies and javascript. I somebody wanna test this, please do the same. To check the new Torpark (my is pretty old by now), I´m trying download it, but faile to success. At one time I get redirect to a chineese google page (probably because the exit node was from china) but usually the things going as follow clicking sequence: