Re: Default Exit Policy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 What about creating a white list/black list for domains in Tor. That way Tor could allow certain domains (such as google.com) to bypass the default blocks. This way you would be maintaining security while adding functionality. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFIO14fvsn/sQCIOqQRArssAJ0f/oNleTMQUSeEYe3hXvjX9YOayACfc9M4 Ab7ViVtcFKeyLejz+35wu1g= =Qph5 -END PGP SIGNATURE-
Re: GPG Public Keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thursday 22 May 2008 04:35:55 am Sebastian Hahn wrote: I'm still looking for a solution, and might switch to mutt when I have the time to set up my mail system properly. One solution I might recommend is figuring out what you're doing different than every one else on the list who sign their email. I've seen a hand full of people so far who sign their email to this list and kmail has no problem validating their signed messages. It just seems to be yours. I'm not trying to point fingers. I'm just saying. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINT/fvsn/sQCIOqQRAlexAJ9uuUXw9bLiGtGMxZc3QxhrlR9h+wCeMXkg f0cs3ReFe3dSnJb7CA9uVn0= =GxZU -END PGP SIGNATURE-
Re: unsubscribe
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thursday 22 May 2008 05:16:15 am [EMAIL PROTECTED] wrote: unsubscribe Email [EMAIL PROTECTED] with the body [unsubscribe or-talk] -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINhKrvsn/sQCIOqQRAkNMAJ9lb+W2tMsnEhRSSmM6Rk7Bx0gZsACeOarA LAmn431UVyDO3mt6t/Tutm4= =WPSd -END PGP SIGNATURE-
Default Exit Policy
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I was looking at my server's stats at https://torstatus.kgprog.com and noticed that it has an exit policy that I didn't put in my config file. For example... reject 0.0.0.0/8:* reject 169.254.0.0/16:* reject 127.0.0.0/8:* reject 192.168.0.0/16:* reject 10.0.0.0/8:* reject 172.16.0.0/12:* reject 75.63.1.109:* reject *:25 reject *:119 reject *:135-139 reject *:445 reject *:465 reject *:563 reject *:587 reject *:1214 reject *:4661-4666 reject *:6346-6429 reject *:6699 reject *:6881-6999 accept *:* The only part of that I have in my config file is [accept *:*]. Is the rest some kind of defaults? I noticed one of the defaults is [reject *:587] which I'm wondering why that would be in the defaults. That ports is used for sending secure email. Port 25 I can understand but 587?! I use that port for gmail. I have two gmail accounts. One is this one which is tied to my real name. The other isn't and I use with Thunderbird and the torbutton addon. I've noticed that sometimes I can't send email and sometimes I can. It all depends on the current circuit. After seeing the defaults exit policy I can see why I've been having the issues with my email. The point of this email?! I wish to understand the rational of having the defaults block ports used for secure encrypted protocoles. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINk83vsn/sQCIOqQRAn8nAKCHtbwbJgzK5LWyKdVOY7YaxgV1uwCeN78A WSa9RDSj0/XcXGlqy2KhUnA= =PtV5 -END PGP SIGNATURE-
Router Flags
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Can someone explain what these router flags mean? Some of them I have a good guess what they mean but I decided to list them all. Authority Bad Directory Bad Exit Exit Fast Guard Hibernating Named Stable Running Valid V2Dir -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINlChvsn/sQCIOqQRAm8uAJwMaMpUU/NopSqCFNPae8JKGr3OUwCZAQn/ aJwpk/meBTGzNeBoglnq/pM= =ehyp -END PGP SIGNATURE-
GPG Public Keys
I noticed some of you have GPG keys. I tried searching key servers so I can add your public keys to my list. It would seem either I'm not searching the right servers or none of you have uploaded them. So I'm asking that all of you respond with your public keys and I'll do the same. 0xC109AB9DD3436B3A12F148AABEC9FFB100883AA4.asc Description: application/pgp-keys signature.asc Description: This is a digitally signed message part.
Re: GPG Public Keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday 21 May 2008 06:57:41 pm Sebastian Hahn wrote: are you sure this is not just because subkeys.pgp.net ist not functional currently and it's the only keyserver you use? This has caused some problems for some people... I've also uploaded my key, and I was just able to download it. I ended up deleting everything in ~/.gnupg with the exception of the .gpg files and deleted my kgpg config file. I restarted kgpg and some of the issues seemed to have gone away. Though I'm still getting time out errors with a few key servers. I managed to get your key. For some reason kmail is giving me a [Invalid signature.] warning about your email. :-/ -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) iD8DBQFINMvgvsn/sQCIOqQRAmGEAJ9uw4PXxT0YaDfghYSCSRhk9joVxgCfSraq PEMCC7L04ppY9d029G5XqAc= =lNpU -END PGP SIGNATURE-
Re: Ports 443 80
I just tried something else and I managed to get it working. :-) The problem was I was over thinking the solution. I set the ports in torrc back to their defaults ORPort 9001 DirPort 9030. Instead, what I did was have the port forwaring on the router level... 443 -- 9001 80 -- 9030. Then I had the router forward ports 9001 9030 to my private IP on the network. So now I only need open ports 9001 9030 on my local software firewall. This solution is the easiest and most efficient way I can see doing it. I hope this helps out every one else. Here's my entire torrc so every one knows what settings I used to get it working. SocksPort 9050 SocksListenAddress 127.0.0.1 DataDirectory /home/tor/.tor ControlPort 9051 Nickname [Left Out] ContactInfo [Left Out] ORPort 9001 DirPort 9030 It's with this torrc and hardware router settings I managed to get every thing working. Thanks every one for all the help.
Re: Ports 443 80
On Sunday 18 May 2008 12:50:27 pm morphium wrote: why don't you set ORListenAddress to 0.0.0.0:443 and don't do anything with your firewall? I'm running Linux. You can only open certain lower ports (such as 80 443) in root. And it's bad to run tor as root.
