Re: Latest Tor bundle
On 6 jun 2010, at 17:47, zzzjethro...@email2me.net zzzjethro...@email2me.net wrote: Hello. Just extracted the bundle for a USB drive, 1.36. In my message log I found this. Can anyone tell me what it means, please? warning 2 unknown, 7 missing key, 0 good, 0 bad, 0 no signature, 4 required Also, when I first ran it Google gave me a captcha and I think I've read about that happening before but I'm not sure. Is this just a simple, innocuous glitch from time to time? I use it at internet cafes as my internet here sucks so bad it's not even worth the cheap price it goes for. Well, that being said, cheap is cheap. Thanks You can ignore the first warning. Tor downloads the missing keys. Google presents a CAPTCHA to users that are doing a very large number of requests or have malware installed on their computer. If a user on the Tor exit you use has malware installed on his computer you also get the CAPTCHA presented, because Google can't see the difference between the users of that Tor node ;) Tom*** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Using tor as proxy for the command line
You can use the command torify, it works for a lot of programs. Put torify in front of the command you want to give and most of the times it proxies the connections perfectly through Tor. Tom On 5 mei 2010, at 20:22, Borja Luaces wrote: I would like to know if it is possible to use tor as proxy for the command line under linux (Ubuntu). If it is possible, how can I do it? PS: I would like to proxymise all the comunications from the command line (wget, nmap,...) Thanks -- Borja Luaces Altares Administrador/Analista de Sistemas Junior (MCSE Security,C|EH CSSA) *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Searching for good ISPs
On 4 feb 2010, at 19:55, Attac Heidenheim wrote: Hallo, does anybody own Tor-relays or exit-nodes running on Leaseweb or Rapidswitch ? Any suggestions or warnings concerning Leaseweb or Rapidswitch ? I have the same experience with Leaseweb as John Brooks. They seem to understand what Tor is and don't disconnect you at the first complaint that they get about your Tor node. When you explain them what you are doing on the box they do nothing. Tom*** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Good and bad ISP in Germany and around ?
On 4 dec 2009, at 08:43, Robert Marquardt wrote: I could recommend Keyweb and Strato. Robert Strato V-PowerServers tend to run out of RAM very quickly when Tor is running. I stopped running Tor on my V-PowerServer because of this.. Tom*** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Kaspersky wants to make Tor illegal
On 22 okt 2009, at 16:15, Ted Smith wrote: Are you saying that the anti-virus program warns that tor is a dangerous program? I just installed Kaspersky Anti-Virus 2010 to check it on my Vista virtual machine and it doesn't recognize Tor as a dangerous program over here.. *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
SSL MITM attack by a Tor exit
Hello everyone, The Tor exit JustaNode (fingerprint: dcc1c3f96b8459dc7a88e711f9cb2416126eb9d6, http://torstatus.blutmagie.de/router_detail.php?FP=dcc1c3f96b8459dc7a88e711f9cb2416126eb9d6 ) does a MITM attack on every SSL connection. The SSL certificate is self signed for every SSL'ed website you want to request. I think this exit must be marked a BadExit. - Tom
Re: Bad exit node: freeMe69
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Aug 20, 2009, at 23:02 PM, KT wrote: Exit node freeMe69 [1] is injecting the following snippet to response body: script type=text/javascript src=http://s.tobban.com/solver/cpt.php;/script [1] http://tinyurl.com/mz9d7e It's actually injected by it's ISP, Comcast. The IP which s.tobban.com resolves to is assigned to Comcast. I don't think the exit node admin can't do anything about it. -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.11 (Darwin) iEYEARECAAYFAkqNwDYACgkQUTmwq+6DeYDCtACeM0Zk9Vf4kU8Sp1d1fP8EmlK1 wPcAnj2b8bgB8DciQp/tEL6DZ0Z7bGMy =rxjh -END PGP SIGNATURE-
Re: Tor-Server and dynamic ip.
On Aug 7, 2009, at 21:29:22 , Bernd Schmelter wrote: Hallo, my provider cut's the connection hard every 24h. Whats going on with all the clients, they are using my server? Will they run in timeouts, or solves the entire tornetwork this problem? Its an good idia to stop my runnig server before provider cuts my internetsession with cronjob ( /etc/init.d/tor stop ) an start it new after reconnect and ip-change? Benn Hello Bernd, Tor detects a changed IP address and will republish it's descriptor with your new IP. The Tor clients that are connected to your server will detect that it isn't reachable on the old IP and they will seek a new Tor router to make a new circuit. Tom
Tor check and DNS exitlist down?
Hello, Are the Tor check page https://check.torproject.org and the DNS exitlist.torproject.org down? I can't reach them over Tor and not over the normal internet. Is there something wrong with the servers behind them? Tom
Re: Conspiracy: Piratebay owned by CIA (TOR involved, also)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jun 23, 2009, at 15:01 PM, Harry Hoffman wrote: At $0.20USD/MB I was able to supplement my regular income. Soon I'll be able to quit my regular job. It's like all of those emails say, let your computer work for you! You get payed $0.20USD/MB? I only got an offer of 0,05 euro/MB from the AIVD (the Dutch intelligence service). Maybe I should think about moving to the VS.. - -Tom -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.11 (Darwin) iEYEARECAAYFAkpA2W4ACgkQUTmwq+6DeYBcBACgkJ2KqLbCxIV/QPN7bMSeSelm HDEAn3Zi2xxRxL2qyVcpNfgvPDlL8k24 =Rb15 -END PGP SIGNATURE-
Re: Conspiracy: Piratebay owned by CIA (TOR involved, also)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Jun 23, 2009, at 16:17 PM, krishna e bera wrote: Could someone post the contact addresses for cashing in? And perhaps some proof that they do (or do not) pay? We were just joking about secret services paying people to run Tor. - - Tom -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.11 (Darwin) iEYEARECAAYFAkpA7f0ACgkQUTmwq+6DeYBkcQCfVtRcEbk/NU2dUjGUYI9LbL3N ZfUAnRU3mi2UnzBf/qDqnRVwuzBF7fiX =EMrb -END PGP SIGNATURE-
Re: Binding Tor to Pseudo-Interface
On Feb 23, 2008, at 20:33 PM, Jonathan Addington wrote: I've been running a Tor exit node on and off for awhile now and my biggest problem has always been bandwidth limiting. I finally installed a firmware on my router with relatively advanced QoS on. It works pretty well most of the time, but to optimize it, I need to be able to isolate *all* Tor traffic. Because I use the same computer for other purposes, I can't just deprioritize its traffic, so I created a pseudo-interface for the QoS to filter on. My remaining problem is that while Tor listens and responds to other Tor clients via this pseudo-interface (and hence different IP) it still fetches information as an exit node from the non-pseudo-interface, making it much more difficult to filter (I don't want to deprioritize *my* web-browsing as well!). Is there a way to bind Tor so that it *only* uses the pseudo- interface? -madjon Put this in your tor config file: OutboundBindAddress *IP* Substitute *IP* with the IP of the interface you want Tor to use for the outbound connections. All the traffic will now flow over that interface ;) -Tom
Re: looking for an FTP - SOCKS proxy
Keep in mind that plan FTP without any encryption isn't that smart over Tor. You are sending your userdetails without any encryption over someone else's link.. Tom
Re: They know I'm using a proxy(Tor)...but how?
There are several DNSBL's that list Tor nodes. If they check against a DNSBL who lists Tor exit nodes they can detect that you're behind Tor.. Tom On Nov 30, 2008, at 11:05 PM, gregery wrote: Hey all, I am trying to register at a website forum and I get an error message when I try to register. The message basically says that it seems I am using an anonymous internet connection or a proxy. The site is not blocking Tor by exit-node because I get the same error message when I try to register at the site while using a public high-anonymous elite proxy (L1). I think the forum administrator is using headers to decide if a new member is using a anonymous connection or not. I use the current TorBrowser Bundle with current TorButton and RefControl to spoof the referrer headers. I also use vanilla Tor, Vidalia and Privoxy with the same result. I tired spoofing my user-agent away from the default TorButton U-A settings, I spoofed as a Mac, Firefox, IE, Opera, etc, all for not. Does anyone know how I can circumvent this block? I at least would like to know what in my headers is setting off red flags as that means all other Tor users in my anonymity set are potentially setting off red flags too. Thank you -- gregery [EMAIL PROTECTED] -- http://www.fastmail.fm - Access all of your messages and folders wherever you are
Re: They know I'm using a proxy(Tor)...but how?
Tor exitnodes are found on several blacklists where these public proxy's are also found on. It seems very likely to me that they just check the IP your connection is originating from on several blacklists.. Tom
Re: Tor pronunciation
Daniel Juyung Seo wrote: Hello guys. I just had one question about the name 'Tor'. According to the Tor FAQ, Tor is an acronym of 'The Onion Routing network'. Even though it comes from an acronym, Tor is not spelled 'TOR'. Now, I wonder how I read Tor...? Surely, it's not pronounced like 'tee oh ar'. Is it pronounced like ''? Does anybody have any idea? Thanks. It's pronounced as Tor, just like the first part of the word torrent ;)
Re: Geode: some more headaches for TorButton? :-P
It's really scary when a random website can request your physical location imo.. I really hope you can disable that shit in the new version of Firefox when they include it.. Tom Marco Bonetti wrote: Link bounced from /.: http://labs.mozilla.com/2008/10/introducing-geode/ Looks like the upcoming versions of firefox will ship the support for W3C geolocation specification: what's better for a tor attacker to ask directly to the browser where its user lives? ;-) I'm quite confident there'll be a way to (easily?) disable this feature but it's scaring stuff nevertheless. ciao
Problems with XS4ALL in The Netherlands
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello fellow Tor relay operators, Six days ago XS4ALL shut down the DSL connection of a friend of mine who was running a Tor exit relay on this DSL connection (relay nickname ILiekMudkipz). They did this because they thought there was a trojan running on this system. This isn't the first time XS4ALL did this, but this time they threatened him with terminating his DSL account if you would run a Tor relay again. After making the promise that he wouldn't run a Tor exit again on this DSL connection, they reconnected him. He forwarded the e-mail where they threathened him with terminating his account but it's in Dutch. If anyone wants to read it, please send me a mail. This is a warning for all Dutch Tor relay operators who run a Tor exit relay on their XS4ALL DSL. XS4ALL doesn't like Tor. I'm kinda shocked of coming to conclusion that one of the most liberal ISP's in the Netherlands, who fights for human rights on the Internet like privacy and unfiltered access, doesn't like Tor and even punishes exit relay operators for running a relay. Tom Hek -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkggm2IACgkQStmJ9+mkUHMuVwCfU12cSgZUC1u8i3kMCbPltPOI t2sAnRwVyvkO2PqDp0AMFmEvFjUNXsKB =KvHq -END PGP SIGNATURE-
Re: What does bandwidth mean in cached-routers?
Yep, the speed of your circuit is limited by the slowest router in your circuit. Jackie wrote: Another question about the bandwidth of circuits: I see routers in a circuit having different bandwidth, from xxKB/s to KB/s. Is the bandwidth of the circuit as a whole determined by the router with the lowest bandwidth? For example: a circuit containing 3 nodes whose bandwidth are 4328, 4317, 327KB/s respectively. Can we say that the bandwidth of this circuit is 327KB/s?
Re: Tor relay shutted down by ISP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This also happened to me and at least one other person. In my case it was because of trojan activity on IRC. I was using the default Tor exit policy at that time, which, as it turns out, isn't restrictive enough. XS4ALL told me that it's OK to run a non-exit node, which I'm running now. There's a number of other non-exit nodes in XS4LL IP space, including the node of one of the XS4ALL founders, so running a non-exit node seems to be fine. Yep, I'm going to run a non-exit node too.. But I really want to run an exit node and I really don't like it that XS4ALL is filtering me because of that.. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkfAuZQACgkQStmJ9+mkUHOLxgCeN+qGK8bQcks2D6UeSc7/JlD+ iocAmgPEErvneSB7FW2GQtbCFZWkDr5X =iIpf -END PGP SIGNATURE-
Re: Tor relay shutted down by ISP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This morning is a friend of mine also was disconnected from the internet because XS4ALL thinks there is a Trojan running on his system. He also runs Tor on his system.. I'll keep you guys posted. Tom Hek -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAke+3MgACgkQStmJ9+mkUHNf3gCfa41UW6btIZ0ON9yogJV3bE3f myIAnj3fFa8XQgvnJ5YaMn4ry5GqfmUJ =t9bu -END PGP SIGNATURE-
Re: Tor relay shutted down by ISP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 F. Fox wrote: At the risk of sounding rash and impulsive, I'll venture to say that a little bit of education here, could go a long way - I think the ISP folks need it. You are totally right. The strangest thing is that XS4ALL is a ISP that stands for freedom of speech, anti-censorship, protection of the privacy of their customers, etc. And they don't know Tor. I thought XS4ALL was one of the best ISP's in The Netherlands to run a Tor node, but that assumption was totally wrong.. Because this is the second line closed down @ XS4ALL all my Tor nodes are offline now.. Don't want to take the risk to get disconnected again.. Tom Hek -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAke/LigACgkQStmJ9+mkUHNseACfc57XcSu6lAKNCu9/S6iqBa3O KWEAn3OiQPcaMHnAsOdlNixn8e9LceJn =dtzR -END PGP SIGNATURE-
Tor relay shutted down by ISP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello fellow Tor relay admins, I run several Tor relays on residential DSL connections. This morning my dad called me, telling me that my ISP had disconnected us from the Internet because of a Trojan running on my systems (I wasn't at home at that moment ;)). They had received a abuse complainant that one of my boxes on this DSL connection was on a botnet. I checked the timestamp of the log they sended to me with the uptime of the computers. Only the computer that was running a Tor node was online. It was pretty obvious that the botnet connections were coming from this box. The box was clean, had no rootkits installed or other malicious software, so it was Tor, relaying a connection for a bot. My ISP didn't knew what Tor was and asked if that Tor logged the connections that were running through it. I told them Tor was an anonymity system so it doesn't keep any logs of the traffic that's going through it. They were confused, they told me that every decent Tor relay keeps a log of the connections running through it. I'm living in The Netherlands, running this Tor node on the ISP XS4ALL. XS4ALL is one of the ISP's with the most knowledge of the internet and the things happening on the internet. I'm pretty shocked that they didn't knew about Tor. I want to alert all the Tor relay admins that are running Tor nodes on a connection from XS4ALL to be prepared to get disconnected, because they think there is a trojan or rootkit running on your system.. XS4ALL restored the DSL line but I had to promise that it wouldn't happen again.. Tom Hek -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAke8U7wACgkQStmJ9+mkUHNdigCdGxiIcOqMjD2jThp03KmlVP8x s0YAnRRECJrxX/XiGIrg/fJpiadsYYKQ =n7vE -END PGP SIGNATURE-
Re: Tor relay shutted down by ISP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ringo Kamens wrote: Thanks for keeping us updated. If you ever need money for legal fees, a support campaign, or anything like that: let me know. I can round up a lot of assistance through BinaryFreedom and the Anarchist Black Cross. Comrade Ringo Kamens Armed Division, 35th Parallel Thanks :) My ISP reconnected me again but I had to promise to never run Tor again. Tomorrow I'm going to call them and try to change their minds. XS4ALL is a ISP who stands for freedom of speech, they are against censorship, etc etc. If they knew what Tor was they wouldn't disconnect me for running Tor.. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAke8WHwACgkQStmJ9+mkUHPBNACfcDdlu7raLUdmLwS+inFAwl16 lhMAn012nOcQrszGCihI6eVR7vkyX28I =y520 -END PGP SIGNATURE-
Re: Tor relay shutted down by ISP
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Jon McLachlan wrote: If you just run a middle node, nothing that bad should come spewing out of your box. I would be curious if you were running an exit node originally, or if it was just a middle node. In the tor-config file, there's some exit policies - if you reject *:*, then you're essentially a middle-node, in which everything is both 1) encrypted and 2) between tor-to-tor traffic (which will almost certainly generate no future complaints) I chose to be an exit node because I wanted to donate my bandwidth to other Tor users. I've been running a middle-node for several years but I think that good end nodes are needed too, so I decided to start running an end node. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAke8X+UACgkQStmJ9+mkUHNJNACdHAvOmlExAcW0cmgdYrmorqaA LcgAn0UhhdlQd/gUcaEzwX0P8p2QO8if =358F -END PGP SIGNATURE-
Question about serving directory information
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hello fellow Tor-users :), I'm trying to run a Tor node that will only serve Directory information. My hoster doesn't allow me to run a Tor relay, but I want to let him donate his bandwidth to the Tor project by serving Directory information. But when I turn off the ORPort, Tor doesn't publish his DirPort. Is there a way to let Tor listen on his DirPort and let Tor serve Directory data on this port but not do any relaying of other traffic through it? Thanks in advance, Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAke0TrYACgkQStmJ9+mkUHP8LQCeIhynHAYELGbhs7pe5YFmc5xC WG8An2z/vWk+7LuxE7V5KQPvYzRl2E1p =zc7z -END PGP SIGNATURE-
Re: iptables and tor
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 By default are all the private ranges already blocked in the exitpolicy. Dominik Schaefer wrote: dante schrieb: Hi everyone, Has anyone given any thought as to what firewall rules to use on a linux system running a tor server? If you operate a tor node within your private network und your network offers services which are not public or should not be public, then you should remember that you create a tunnel in your local network by running tor. In this case you have to ensure that the exit policies of the tor node are set in a way that nobody can exit from your tor node into you local net. Additionally you can filter the relevant traffic originating from your tor node. Dominik Tom -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkevdlUACgkQStmJ9+mkUHNdxwCeOjcYGMgP8vrmaKGTZIRx/7nh EqQAn1pfvH7X8+1f1QhcOPE0CfGKCKAG =7f0e -END PGP SIGNATURE-
Missing key from authority?
Hello, This message started flooding my logs: Jan 09 22:19:27.260 [notice] We're missing a certificate from authority tor26 with signing key : launching request. A friend of my has exact the same message flooding over his log. We are both running 0.2.0.15-alpha. OS on my box is FreeBSD and on his box Debian, so I think this message is not OS related but it's related to the authority. Is someone else having the same message lately? Tom
Re: What to do at IP number change?
i'm changing my public IP number ten times per day and to avoid confusion, i'm stopping my TOR server before and starting after the number change. But after the start TOR is very slow. Is there a better way to tell the TOR server that the public IP has changed? Tor will detect it and republish his server descriptor with the new IP in it.
Re: List Suggestion
On Jan 6, 2008, at 12:18 AM, Ringo Kamens wrote: Perhaps I'm the only one with this problem but I'm pretty sure it happens to lots others. A fairly significant amount of the messages posted to or-talk are automatically sent to my spam folder by gmail. I think this is probably because many tor servers (which these emails are sent from) are in SORBS and other anti-spam databases. Since the messages from being sent to the or-talk email address, perhaps it would be better to have the list strip the IPs from people's messages? Or even better, put the IP of the mailing list server so that it isn't put into spam for not having an IP. It would also help insure the poster's privacy. Let me know what you all think, Comrade Ringo Kamens Same problem here. I need to login sometimes to check my spambox to see if there isn't any mail for this list stuck in it..
New Tor exitnode (nickname ididitfortehlulz)
Hello, I just put a Tor exitnode online with the nickname ididitfortehlulz. I decided to be an exit node. Have fun with it ;) Tom
Re: storage privacy (was: Nice quiet, private, anonymous life??)
On Dec 2, 2007 2:25 PM, F. Fox [EMAIL PROTECTED] wrote: [ strange, dangerous, and likely to fail methods for destroying drives ] use full disk encryption, even the latest ubuntu supports this. Last time I tried this with the Ubuntu 7.10 Alternate CD it didn't work. The installer crashes over and over.. With the latest debian testing netinstall cd no problems..
