Re: Exit node connection statistics
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jul 18, 2008, at 7:39 PM, [EMAIL PROTECTED] wrote: Of course you can. And if you are able to bring yourself under the top 100 of 500 exit nodes in one day, you can solve it even in two days. Just use a different destination IP for each exit node, then you don't need the bisection method. ;-) But you are right. Maybe top 100 is too much and I should switch to a top 20 or so? No, you should turn it off. Having those statistics doesn't add any value to the Tor network, you cannot even make broad statements like "30% of all traffic in Tor goes to xy.com", because you see only a tiny fraction and the real usage is likely to be entirely different - think about how different exit policies etc come into play. Generally, it's always recommended to not log unless you have a reason (for example a bug you're trying to find). The less verbose your logs are, the less likely it is someone will find them interesting and makes you give them out. This applies to the whole community of relay operators - if it is a well-known fact that most of them log, adversaries might become more persuasive when they ask for logs. Generally, Tor exit nodes must always be assumed to be malicious, but this of course doesn't mean that once it's a proven fact that an exit is malicious, it will be excluded. So, a personal question: What is your motive? Do you feel you have a right to know what people are doing? Because this is where the ice gets really thin... Sebastian -BEGIN PGP SIGNATURE- iEYEARECAAYFAkiA1/kACgkQCADWu989zuZ+aQCfT0Ltx1Bd1NMhpgGd/HKBds4e JecAoJcjDWLX7o2oG4KbDzalyQlCfwJi =KWpa -END PGP SIGNATURE-
Re: Exit node connection statistics
Am 18.07.2008 um 16:05 schrieb Dawney Smith dawneysmith-at- googlemail.com |tor|: Figuring out which exit node you are should be fairly trivial. There are about 1000 exit nodes that exit on port 80, and you are one of them. Of course you can. And if you are able to bring yourself under the top 100 of 500 exit nodes in one day, you can solve it even in two days. Just use a different destination IP for each exit node, then you don't need the bisection method. ;-) But you are right. Maybe top 100 is too much and I should switch to a top 20 or so?
Re: Exit node connection statistics
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Figuring out which exit node you are should be fairly trivial. There are about 1000 exit nodes that exit on port 80, and you are one of them. If I just send loads of http requests through half of those exit nodes to my own server one day and then check if my IP appears on your webpage, I've halved the number of possible exit nodes you are. If I then halve it again and repeat this every day, it should only take about a week and a half. I'll start with a possibility of 1024 exit nodes just for ease of maths: Day 1 : Test 512 of the 1024 remaining exit nodes Day 2 : Test 256 of the 512 remaining exit nodes Day 3 : Test 128 of the 256 remaining exit nodes Day 4 : Test 64 of the 128 remaining exit nodes Day 5 : Test 32 of the 64 remaining exit nodes Day 6 : Test 16 of the 32 remaining exit nodes Day 7 : Test 8 of the 16 remaining exit nodes Day 8 : Test 4 of the8 remaining exit nodes Day 9 : Test 2 of the4 remaining exit nodes Day 10: Test 1 of the2 remaining exit nodes - Success This process becomes quicker if you have more than 1 ip to test with. I'm making the assumption that it can't be that difficult to send enough http requests to get to the 100th or above place on your list. You don't publish total number of connections, only percentage of total, but it seems likely to me that the number of connections made to the site that is number 100 on your list should be easy to exceed. I'm not going to bother of course, because I don't care that much. But just so you know, don't use that same onion address for anything that *needs* to be anonymous, because it wont be. - -- Dawn [EMAIL PROTECTED] wrote: > Hi, > > I don't know if somebody did this before, but I think it is quite > interesting, to which hosts most of the exit connections go to. So I set up a > statistics script creating a list of the top 100 hosts each day to which Tor > users connect to over my node (only for ports 80 and 443). > > Besides just being interesting, this can also show potential security > problems on the top hosts which are being exploited over Tor. For example, > during the last weeks rapleaf.com was always at the top, and they keep a huge > email-address database. This is probably no incident. > > The log data necessary for this is being deleted after one day not to > compromise the anonymity of the users. > > I decided to make this accessible through a hidden service only, since I > don't want to influence the exit node usage behaviour. This is the address: > > http://ob44yuhbyysk5xft.onion > > If you think this is a stupid idea or you have ideas for other interesting > stats and for any other comment you can reach me by > mplsfox02_AT_sneakemail_DOT_com. I don't know how long I will stay subscribed > with or-talk, since I just wanted to seed the information. Spread it as you > like. > > Regards, > > a Tor exit node operator. > -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIgKNBcoR2aV1igfIRAs+KAJ94H26Eyc4Dm+nvRdtswIXX3rHTNACeODu8 +SgBlPvn0mX13cyGO62lrQY= =KdYI -END PGP SIGNATURE-
Re: Practical advice regarding Beijing Olympics and Tor ?
torist-at-nym.hush.com: Does anyone have any practical advice for visitors to the Beijing Olympics next month, regarding the use of Tor ? There are reports of all kinds of security clampdowns, specifically on the Chinese internet infrastructure e.g. China: Locking down IDC server rooms for the Olympics http://advocacy.globalvoicesonline.org/2008/07/15/china-locking- down-idc-server-rooms-for-the-olympics/ They are locking down _physical_ access to the servers, they don't switch them off. But this might be a preparation for a "harmonization" during the games. Also Chinese people are surprised by this, as you can read at the end of the article. 2) Is it possible to download the Tor/Vidalia bundle safely within China ? Are the usual main distribution websites blocked ? Do you have to try to smuggle it in across the border ? 3) Is it unsafe to let your Tor client connect to any Tor directory, entry or exit nodes within China itself, once you are physically in the country ? 5) What is the best practical way, right now, to avoid making connections to Tor directory , entry or exit nodes physically within China ? A Chinese friend of mine told me, Tor is quite common in China in order to circumvent the Great Firewall. (Interestingly he didn't care about anonymity at all, just access.) So it worked at least until recently. There has been a report that Tor has been blocked, but it seems not to be true: http://www.chinaherald.net/2008/06/internet-censor-starts-blocking-proxies.html If you want to be on the safe side, bring Tor on your USB stick and find out a non-listed bridge IP. OpenVPN works as well.
