Re: Tor server for port 443
Scott Bennett wrote: While port 587 is the official standard port for email submission, it doesn't *require* the usage of SSL. GMail does however have this requirement. Also, I'd still personally prefer to use port 465 over port 587 for mail submission when both are available, purely because when using port 465 you negotitate SSL immediately, whilst with port 587 there is some plain text negotiation first which *could* accidently leak identifying information such as your hostname in the EHLO, to the Exit node. Now, if we keep 25 blocked, are we risking undoing the benefit from that blockage by unblocking 587? It turns out that I was rejecting exits for port 465 and 587, so now I'm wondering whether it might be a Bad Thing to accept exits to 587. Also, the new allocation of 465 is for urd (URL Rendezvous Directory for SSM). Offhand, I don't know what SSM may be nor whether accepting exits for this service would be okay. Port 25 is used for both mail relay and mail submission, whilst ports 587 and 465 are only used for mail submission. Mail submission over Tor isn't a problem, mail relay over Tor would allow it to be abused for spamming. There is nothing bad about opening up ports 465 and 587. I am also unfamiliar with SSM but I'd bet my left testicle that it's usage on the Internet is insignificant in comparison to smtps over port 465. Mike
Re: GPG Public Keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thursday 22 May 2008 04:35:55 am Sebastian Hahn wrote: I'm still looking for a solution, and might switch to mutt when I have the time to set up my mail system properly. One solution I might recommend is figuring out what you're doing different than every one else on the list who sign their email. I've seen a hand full of people so far who sign their email to this list and kmail has no problem validating their signed messages. It just seems to be yours. I'm not trying to point fingers. I'm just saying. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINT/fvsn/sQCIOqQRAlexAJ9uuUXw9bLiGtGMxZc3QxhrlR9h+wCeMXkg f0cs3ReFe3dSnJb7CA9uVn0= =GxZU -END PGP SIGNATURE-
unsubscribe
unsubscribe
Re: controller GETINFO ns/id/fingerprint s record
On Wed, May 21, 2008 at 09:21:20PM -0400, BarkerJr wrote: What is the criteria for getting listed as an Exit node in the s record for the controller interface's GETINFO /ns/id/fingerprint? You need to have two of these three ports wide open: 80, 443, 6667. No, I don't think it's fair that you have to open unencrypted ports to be given the Exit badge. But, yes, it's just a badge, and people will still use your exit even if you don't have the badge. In particular, it's used to try to predict which nodes will have most of their bandwidth used in being an exit, in order to avoid using up their bandwidth with relay traffic. See path-spec.txt. yrs, -- Nick
Re: a serious TOR adversary?
On Wed, May 21, 2008 at 05:47:41PM -0500, Eugene Y. Vasserman wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Thus spake Bernardo Bacic, on 5/21/08 6:45 AM: | This link http://web.crypto.cs.sunysb.edu/spday/ contains a summary | description of a possible TOR threat. | | Does anyone have more details? opinions? | | | (apologies if this has been discussed before, i read the list only as | much as time permits) Although timing-based attacks have been demonstrated against non-timing-preserving anonymity networks, they have depended either on a global passive adversary or on the compromise of a substantial number of Tor nodes. Incorrect: Steven J. Murdoch. Hot or Not: Revealing Hidden Services by their Clock Skew; Nicholas Hopper, Eugene Y. Vasserman, and Eric Chan-Tin. How much anonymity does network latency leak?. (Full disclosure: I'm one of the authors of the second paper). See also Locating Hidden Servers by Lasse O/velier and Paul Syverson, which motivated Tor's guard node design. yrs -- Nick
RE: controller GETINFO ns/id/fingerprint s record
On Wed, May 21, 2008 at 09:21:20PM -0400, BarkerJr wrote: What is the criteria for getting listed as an Exit node in the s record for the controller interface's GETINFO /ns/id/fingerprint? You need to have two of these three ports wide open: 80, 443, 6667. No, I don't think it's fair that you have to open unencrypted ports to be given the Exit badge. But, yes, it's just a badge, and people will still use your exit even if you don't have the badge. In particular, it's used to try to predict which nodes will have most of their bandwidth used in being an exit, in order to avoid using up their bandwidth with relay traffic. See path-spec.txt. yrs, -- Nick Thanks. Anybody know the answer to my other question I posted yesterday? where does the data originate from when the controller GETINFO command is used? Does it just grab data out of the cached* files on disk? Or poll one of the directory authorities? Or something else? Wesley
Re: unsubscribe
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thursday 22 May 2008 05:16:15 am [EMAIL PROTECTED] wrote: unsubscribe Email [EMAIL PROTECTED] with the body [unsubscribe or-talk] -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINhKrvsn/sQCIOqQRAkNMAJ9lb+W2tMsnEhRSSmM6Rk7Bx0gZsACeOarA LAmn431UVyDO3mt6t/Tutm4= =WPSd -END PGP SIGNATURE-
Default Exit Policy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was looking at my server's stats at https://torstatus.kgprog.com and noticed that it has an exit policy that I didn't put in my config file. For example... reject 0.0.0.0/8:* reject 169.254.0.0/16:* reject 127.0.0.0/8:* reject 192.168.0.0/16:* reject 10.0.0.0/8:* reject 172.16.0.0/12:* reject 75.63.1.109:* reject *:25 reject *:119 reject *:135-139 reject *:445 reject *:465 reject *:563 reject *:587 reject *:1214 reject *:4661-4666 reject *:6346-6429 reject *:6699 reject *:6881-6999 accept *:* The only part of that I have in my config file is [accept *:*]. Is the rest some kind of defaults? I noticed one of the defaults is [reject *:587] which I'm wondering why that would be in the defaults. That ports is used for sending secure email. Port 25 I can understand but 587?! I use that port for gmail. I have two gmail accounts. One is this one which is tied to my real name. The other isn't and I use with Thunderbird and the torbutton addon. I've noticed that sometimes I can't send email and sometimes I can. It all depends on the current circuit. After seeing the defaults exit policy I can see why I've been having the issues with my email. The point of this email?! I wish to understand the rational of having the defaults block ports used for secure encrypted protocoles. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINk83vsn/sQCIOqQRAn8nAKCHtbwbJgzK5LWyKdVOY7YaxgV1uwCeN78A WSa9RDSj0/XcXGlqy2KhUnA= =PtV5 -END PGP SIGNATURE-
Router Flags
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can someone explain what these router flags mean? Some of them I have a good guess what they mean but I decided to list them all. Authority Bad Directory Bad Exit Exit Fast Guard Hibernating Named Stable Running Valid V2Dir -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINlChvsn/sQCIOqQRAm8uAJwMaMpUU/NopSqCFNPae8JKGr3OUwCZAQn/ aJwpk/meBTGzNeBoglnq/pM= =ehyp -END PGP SIGNATURE-
Re: Router Flags
On Fri, 23 May 2008 00:05:37 -0500 Nathaniel Dube [EMAIL PROTECTED] wrote: Can someone explain what these router flags mean? Some of them I have a good guess what they mean but I decided to list them all. Authority Bad Directory Bad Exit Exit Fast Guard Hibernating Named Stable Running Valid V2Dir These have been explained in the documentation available at the www.torproject.org web site. Have you read it? If you have read it and still do not understand the explanations, please let us know. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army. * *-- Gov. John Hancock, New York Journal, 28 January 1790 * **
Re: set up relay
hi madjon and all (1) i did a google search for how to check firewall ports address hosts file and up came a list of online port scanners i chose pc flank and the reslut below scared me, so i deleted the 4 ports i had manually opened below. (2) i do not think i have a router ... QUESTION what do you think is the next step for me now? :9090 - Private OR Port :443 - Public OR Port :9091 - Private DIR Port :80 - Public DIR Port PC Flank Results of Advanced Port Scanner TCP CONNECT scanning (scanned in 3 seconds) We have scanned your computer' ports used by the most widespread trojan horses. Here is the description of possible ports' statuses: Stealthed (by a firewall) -Means that your computer is invisible to others on the Internet and protected by a firewall or other similiar software; Closed (non-stealthed) - means that this port is closed, but your computer is visible to others on the Internet that can be potentially dangerous; Open - Means that this port is ready to establish (or has already established) a connection with remote address. It also means that your computer is vulnerable to attacks and could have been already hacked or infected by a trojan/backdoor; Port: Status Service Description 137 stealthed NETBIOS Name ServiceNetBios is used to share files through your Network Neighborhood 138 stealthed NETBIOS DatagramService NetBios is used to share files through your Network Neighborhood 21 closed FTP File Transfer Protocol is used to transfer files between computers 23 closed TELNET Telnet is used to remotely create a shell (dos prompt) 135 closed RPC Remote Procedure Call (RPC) is used in client/server applications based on MS Windows operating systems 139 closed NETBIOS Session Service NetBios is used to share files through your Network Neighborhood 1080closed SOCKS PROXY Socks Proxy is an internet proxy service 1243closed SubSevenSubSeven is one of the most widespread trojans 3128closed Masters Paradise and RingZero Trojan horses 12345 closed NetBus NetBus is one of the most widespread trojans 12348 closed BioNet BioNet is one of the most widespread trojan 27374 closed SubSevenSubSeven is one of the most widespread trojans 31337 closed Back OrificeBack Orifice is one of the most widespread trojans 80 openHTTPHTTP web services publish web pages (2) i do not have a router as far as i know ... Quoting Jonathan Addington [EMAIL PROTECTED]: (1) Make sure your firewall isn't blocking said ports. (2) If you have a router make sure that said ports are being forward to the computer running Tor. This is usually easier if you use a static IP for that computer. -madjon -- Get a free email account with anti spam protection. http://www.bluebottle.com/tag/2
