Re: MIT Circumvention Landscape Report
Hello Dear Andrew and TOR dev teams,, I can only admire your work, it is a bit over my head to try to help you and is just comprehendable for me to understand much of your efforts. Thanks, Algenon --- On Thu, 3/5/09, pho...@rootme.org pho...@rootme.org wrote: From: pho...@rootme.org pho...@rootme.org Subject: Re: MIT Circumvention Landscape Report To: or-talk@freehaven.net Date: Thursday, March 5, 2009, 11:37 AM -Inline Attachment Follows- On Thu, Mar 05, 2009 at 11:56:17AM -0500, bas...@opensource.dyc.edu wrote 1..1K bytes in 45 lines about: : http://tech.slashdot.org/article.pl?sid=09/03/05/1334220from=rss : : http://cyber.law.harvard.edu/publications/2009/2007_Circumvention_Landscape_Report It's actually Harvard/Berkman, not MIT. And Tor has a response, https://blog.torproject.org/blog/berkman-2007-circumvention-landscape-and-progress Thanks! -- Andrew
Re: Tor server behind NAT on Vista,, Update,,
I have Tor 12.1.9 running on windows Vista as a server for a few hours only relaying Tor server (I hope) information. System unexpectedly crashed once, I don't know why. System stats indicate pretty normal usage,, Log below. *** Mar 18 01:14:28.812 [Notice] Tor v0.1.2.19. This is experimental software. Do not rely on it for strong anonymity. Mar 18 01:14:28.812 [Notice] Initialized libevent version 1.3e using method win32. Good. Mar 18 01:14:28.812 [Notice] Opening OR listener on 0.0.0.0:443 Mar 18 01:14:28.812 [Notice] Opening Directory listener on 0.0.0.0:9030 Mar 18 01:14:28.812 [Notice] Opening Socks listener on 127.0.0.1:9050 Mar 18 01:14:28.812 [Notice] Opening Control listener on 127.0.0.1:9051 Mar 18 01:14:29.250 [Notice] Your Tor server's identity key fingerprint is 'Expermental1 275E A41D 518D FEAF 4C3A 7102 0640 2FA1 F5F9 54A7' Mar 18 01:14:34.625 [Notice] Tor has successfully opened a circuit. Looks like client functionality is working. Mar 18 01:15:03.109 [Notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Mar 18 01:15:08.314 [Notice] Performing bandwidth self-test...done. *** One thing I noticed, right now Tor Bandwidth Usage GUI tells me recv:24.56 MB and Sent: 69.23 MB I am allowing my server to act as Directory Mirror, but, troubling discrepancy between Recv and Sent. Anyone have a clue about that? If it was just passing info between servers it should be near same, right? Also, on my machine behind NAT and SPI hardware firewall I am also running Zone Alarm. ZA's logs show a high rate of blocked intrusion attempts, I am currently tracking down some using Whois,, I guess that is just part of the game running a server,,,Comments welcome,, :) Algenon algenon flower [EMAIL PROTECTED] wrote: Hello Tor developers and experienced users As an experiment, I a attempting to run a Tor server on windows Vista home premium (I have to wait for another machine to run RedHat Linux Fedora) behind a NAT firewall. Although I am new to the D-Link hardware firewall I believe I did open ports 443, 9030, 9001 to both incoming and outgoing traffic and so enable my machine running Vista to work as a Tor server. At this point I am restricting all traffic to other Tor servers until I solve some troublesome issues. Tor log says Dir port reachable, but can't reach OrPort,, Bandwidth graph shows a few bursts of activity, then none. (?) Humm, will go back to the firewall permissions and look for error, if anyone sees obvious err, please say :),, Will post results of Tor server on Vista OS,, Algenon - Looking for last minute shopping deals? Find them fast with Yahoo! Search. - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
Tor server behind NAT on Vista,, few configuration questions..
Hello Tor developers and experienced users As an experiment, I a attempting to run a Tor server on windows Vista home premium (I have to wait for another machine to run RedHat Linux Fedora) behind a NAT firewall. Although I am new to the D-Link hardware firewall I believe I did open ports 443, 9030, 9001 to both incoming and outgoing traffic and so enable my machine running Vista to work as a Tor server. At this point I am restricting all traffic to other Tor servers until I solve some troublesome issues. Tor log says Dir port reachable, but can't reach OrPort,, Bandwidth graph shows a few bursts of activity, then none. (?) Humm, will go back to the firewall permissions and look for error, if anyone sees obvious err, please say :),, Will post results of Tor server on Vista OS,, Algenon - Looking for last minute shopping deals? Find them fast with Yahoo! Search.
About WLAN and monitoring..
I run a Tor client on a laptop at easy to access pub wifi access points. What I need to know is, assuming I have disallowed file sharing, ect what info could a wifi host be able to access on my computer? I have heard they could only log my MAC address, the unique code identifying my wifi card. Is more available to an attacker? Algenon - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
Re: Tor-Ramdisk
Hello Dante Are you Mideval Italian?? (No, Just kidding :), However, no kidding about your efforts to build a RAM only distro that can run as a Tor server. I just tried to access your ftp, but failed. Will try again, it sounds like something I am very interested in. Algenon dante [EMAIL PROTECTED] wrote: Hi everyone, A month ago I developed a small, ramdisk only (ie diskless), linux system whose only purpose was to run a tor server. The aim of the project was to meet the following goals: 1) small footprint - i686 (single or SMP) with 256MB+ RAM 2) to run only in ram so nothing survives a reboot 3) to do no logging whatsoever at any level 4) to be secure - GRSEC hardened kernel 5) to run a tor server, allowing for any configuration, middle/exit/directory, etc I suspect such a project might be of interest to other Tor operators. I ran a middle-man node for about 20 days with success (node-name=RamOnly), but because I compiled statically against GLIBC, I broke DNS resolution, and so it would not work as an exit node. I've rebuild the image from scratch compiling against UCLIBC and I'm now in the testing phase again. I'm running another middle-man/directory server (node-name=RamOnlyUCLIBC). Here's the url for the howto and the image: ftp://ddl.dyc.edu/pub/tor-uclibc-ramdisk The kernel is compiled with support for most 100MB and 1GB NIC cards. Any comments or testers would be much appreciated. More details: busybox-1.8.2 - minimally configured, compiled with UCLIBC linux-2.6.23.12 patched with Gentoo's hardening patches (GRSEC) tor-1.2.19 --- Anthony G. Basile, Ph.D. Director of Information Technology, D'Youville College, 320 Porter Ave. Buffalo NY, 14201 - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
Tor server using Vista?
Hello Does anyone have good info about the feasability of running a Tor server on Vista OS? Is this advisable? Algenon - Never miss a thing. Make Yahoo your homepage.
Re: How are German Tor server people doing?
Thank you for the update Eugen. I will be tracking what becomes of us here in the USA. Right now street level biometric scanning, and multiple database interconnection, are becoming more widespread. I am already wondering what will become of us all when, (IF..) legitimate street CCTV databases, consumer gov black project databases become cross linked with national, international biometric scan databases. I love computers in my own small way, but they are giving potential unprecedented power to the few to monitor in real time, and potentially control, the many. Algenon Eugen Leitl [EMAIL PROTECTED] wrote: On Mon, Dec 31, 2007 at 11:56:45PM -0800, algenon flower wrote: I am just curious to hear how the people are doing out Germany way who are being impacted as per the oft After the federal president signed the law, 30 kPeople submitted their suit against it in the court at Karlsruhe on 31. Dec (the largest constitutional suit ever by a large margin). AFAIK the plan is to achieve a preliminary injunction first. In any case the relevant date is 20090101, not 20080101. Only telecommunication providers (cellular, telephony, possibly VoIP) are/would be affected at this time -- but, let's see what Karlsruhe will say to that. If the law is not repealed as unconstitutional, it would be another major building stone for the new machtergreifung laws. http://de.wikipedia.org/wiki/Machtergreifung discussed new repression law. I am hoping they having a good nice time, it must be 6am '08 there right now... Happy new year to you and don't cave in to the creeping repressionism. We are all we have to fight It is quite interesting how global this is. I think it looks like a silent collusion. If it is indeed that, it's time to get seriously scared. We need to maintain untrackable uncensorable communication to any political or activist group, whatever it takes. to be free. -- Eugen* Leitl leitl http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
How are German Tor server people doing?
Hello I am just curious to hear how the people are doing out Germany way who are being impacted as per the oft discussed new repression law. I am hoping they having a good nice time, it must be 6am '08 there right now... Happy new year to you and don't cave in to the creeping repressionism. We are all we have to fight to be free. Algenon Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
Re: 20090101 (log data)
Hello I just hardly can't believe it what I am hearing about this. From what I get, it sounds like a full on assault on privacy and free speech, the things that make the internet good, has begun. I am very sorry to hear the news and am very upset for everybody, especially those in Europe where this seems to be starting. Am I to believe from the foregoing that potentially having to surrender a Tor servers logs (that do not compromise much) will actually make Tor server operators criminals because they don't reveal enough? Algenon Hans S. [EMAIL PROTECTED] wrote: Original Message From: Marco Gruss Apparently from: [EMAIL PROTECTED] To: or-talk@freehaven.net Subject: Re: 20090101 (log data) Date: Sun, 11 Nov 2007 16:27:39 +0100 Hi, TOR Admin (gpfTOR1) wrote: I will try it for email (fon, mobile and sms may be nearly like this): For mobile calls and SMS messages, the cell location of the caller/ sender at the beginning of the call must be recorded. Pretty ugly, IMHO. Marco Hi, the big, but yet not loud enough protests in Germany about these new laws do imho relate to the fact that there are much older laws. These protected exactly against the use of grids of databases concerning citizens, the obligation to deliver data to authorities and to to create grids with for good reasons separate data for authorities. So the big They create new laws explicitely enforcing what was prohibited yesterday. How successfull or actually working that was in daily life is another question. Deep trust in promotional and mass manipulating abilities make me believe that in a not too far future all these doings may be socially anticipated by the majority and accepted as necessary. Reasons? The usual. Paedorists. To my knowledge not all (or only few) of states have or ever had this 'limited ability' in treating their citizens data. Of course there also are a few with a higher valency of human rights. There is a background to what has happened in DE right now, also concerning our friends from Suomi (hope that's right) as well as people (friends, too, of course;) from Italy and presently 48 other States. The bigger picture appears to be the so called Convention on Cybercrime, which our beloved goverment (DE) wishes to ratify. Please take a look at: (0) The Treaty (choose #185), english, french (1) The list of states involved, english (2) Is where I found (1), german. (3) Foebud's website, german As obvious and natural members of a Council of Europe, the US, Japan, Azerbaijan, Turkey, South-Africa and others are also supposed to, are about to, or already have ratified the mentioned paper. Moving servers to Russia ? See list. (although the Russians didn't even care to sign it, yet ...) The treaty (0) is concerned about what they call mutual assisstance in fighting computer related crime and the usual paedorist stuff. The treaty itself is absolutely horrifying and has effects much further than Germany and Europe, reaching out to the US and elsewhere. Article 20 and 21 are interesting, they might be the reason for our law. The german gov. and others simply shift the costs of getting and storing data essential for the intended surveillance. According to the treaty the goverments are obliged to somehow get hold of tha data. So they make a law forcing isp's and other service providers to do so. Awfully simple. Read Article 23 and further about international co-operation agreements. According to this, telco data can and shall be made available to authorities of the enlisted states on request and spontanously for the purpose of criminal investigation. Hurray. So far, so bad, but even worse, data then will leave the originating legislation. Of course will, lets say the Ukrainian police obey e.g german law how long to store and how to use or where to pass data to. (I do not have any problems with or about Ukrania or Ukranians, just an example.) So, what happens, if data becomes to be very easily available to states who never really cared about such odd things like civil rights? Welcome to an international legal marketplace for telco data. With a little phantasy we might imagine yottabytes (really much) of logs being analyzed by whoever wants to, profiling of individuals and tracking just about anything in communication, and this on a pretty much international scale. Every day. Is that new? No, but new in that extent. Some people might end up in Guantanamo or some other weirdo's prison without ever knowing what actually hit them. Nowadays mere suspicion is enough, we have learned. Quite a nightmare. As soon as this law in Germany comes into force on 01.01.2009 Tor-ops _may_ have to hand over logs on request. It does not criminalize operators of a node. Tor's purpose is to provide anonymous access to the net. Period. So how much this analyzing of nodes will break anonymity
Fine tuning Tor Server , Vidalia message namservers failed
Hello Tor People! I did finally get my Tor server up behind a Linksys NAT firewall on RedHat Enterprise Linux, very happy 'bout that.. Right now server is down until I can get the new intro rates back for my broadband cable(plz don't mooan:), probably about a week. In meantime, I am trying to get as much info as I can to fine tune the future operation of my server. While up, my server often put into log file, (paraphrase) all nameservers failed and then back up and displays the IP of the hardwired DNS of my ISP. certain facts: 1 I had to assign a static IP to my Linux box, 2 Linksys instructions say to create a static IP, add DNS info from Linksys router to fields for such in Linux Networking, which I did. Am I doing this correctly? Is there a better way? Should Tor somehow have its own DNS servers to quier? If that is possible, should I add them to router and Linux networking? all suggestions very welcome, peace to all, Algenon __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
UpDate:,,, Success getting Server Up behind NAT,,
Hello Ringo, Csaba and everybody,, I did solve the Linksys NAT/RHEL/Tor server puzzle, I think. Server is up and normally I see about 100mbs/sec through it on Vidalia bandwidth graph. Yea! I had to learn a little about routers and network, Tor and RHEL, finally, to whomever is interested, I configured RHEL eth0 to a static IP of my choosing, corresponding to possible assignable IP's from Firewall/Router. Linksys support was good, they advised me of that range. I also had to interpolate other settings from Linksys windows config instructions. Finally, got it right! :),, So, server is up and working, thanks to all who tried to help! I still have two nagging concerns though. One is that Tor gives me nameserver failure notices intermittently, then system seems to go to back up DNS at comcast, as per settings for RHEL static IP. I am not sure what that is about, but it does seem to get resolved and seems to work fine most of the time. Also, I will have to check all info I can to harden my server computer. I have seen how many scans go over comcast owned net blocks, running a Tor server without doing *everything* monitoring system for intrusion attempts just would be asking for failure. Anyhow, I hope for the best, anyone with comments very welcome! Algenon Ringo Kamens [EMAIL PROTECTED] wrote: Can you try pining the DNS backup to see if you can reach it? Comrade Ringo Kamens On 10/29/07, algenon flower wrote: Hello TOR people, Yay! I did finally get server up, but all is not completely good: Anyone interested please note log entries.Thanks for advice and support. I hope to have it working perfectly soon. Am not sure exactly what to think of entries below: * Oct 29 03:31:32.969 [Notice] Tor v0.2.0.7-alpha (r11572). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686) Oct 29 03:31:32.975 [Notice] Initialized libevent version 1.1a using method epoll. Good. Oct 29 03:31:32.979 [Notice] Opening OR listener on 0.0.0.0:9001 Oct 29 03:31:33.131 [Notice] Opening Directory listener on 0.0.0.0:9030 Oct 29 03:31:33.138 [Notice] Opening Socks listener on 127.0.0.1:9050 Oct 29 03:31:33.142 [Notice] Opening Control listener on 127.0.0.1:9051 Oct 29 03:31:46.978 [Notice] Tor has successfully opened a circuit. Looks like client functionality is working. Oct 29 03:32:19.088 [Notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Oct 29 03:32:45.443 [Notice] Performing bandwidth self-test...done. Oct 29 03:33:41.789 [Warning] eventdns: All nameservers have failed Oct 29 03:33:41.872 [Notice] eventdns: Nameserver 68.87.69.146 is back up Oct 29 03:33:46.790 [Warning] eventdns: All nameservers have failed Oct 29 03:33:46.856 [Notice] eventdns: Nameserver 68.87.69.146 is back up I can see from the Bandwith Graph that some traffic does flow through, though not a lot. Is this normal? Is it OK that I get a nameserver error and how can that problem be solved?? The listed back up is my normal DNS at comcast. Algenon algenon flower wrote: Hello Pei Hanru, experienced TOR users I have checked Linksys doc's and I think they were helpful. At present, I think I need to assign a static IP to my RHEL system behind NAT firewall. That seems to include two extra assigned IP numbers, like 196.168.1.20, Then I can use port forwarding set-up on NAT router. I bet this is elementary school for many of you, it took a little while for me :),, All I need now is the procedure to assign a static IP on RHEL. I am checking that now,, And, Hope it all Works! In any case, thanks to people interested, and additional comments welcome. peace, Algenon Pei Hanru wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2007-10-27 06:23 CST, algenon flower wrote: Hello Michael Holstein and other interested people I thought I had accomplished port forwarding (see attached file) but did not succeed. After checking with Linksys support site I am going to try a new apporach. Will study the doc's from Linksys, if anyone has experience with this please let me know. Algenon Unfortunately, you are doing worse... What you should do is first figuring out the *actual* private IP address of your Linux box, then forwarding port 9001 and port 9030 (or port range 9001-9030 if you like) to *that* address, rather than forwarding the same port range to three distinct addresses. It's a good idea to reread port forwarding part of Linksys manual carefully. Hanru -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Cygwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHJDrrtHG285r2MGoRAvAJAKDLRHZYc/5ZRXeNgaIXnZHUr/2zXgCeOqji h67261xOLOYdjvEyADPndks= =EmPN -END PGP SIGNATURE- __ Do You
UpDate:,,, Some Success, Server appears up, with one problem..
Hello TOR people, Yay! I did finally get server up, but all is not completely good: Anyone interested please note log entries.Thanks for advice and support. I hope to have it working perfectly soon. Am not sure exactly what to think of entries below: * Oct 29 03:31:32.969 [Notice] Tor v0.2.0.7-alpha (r11572). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686) Oct 29 03:31:32.975 [Notice] Initialized libevent version 1.1a using method epoll. Good. Oct 29 03:31:32.979 [Notice] Opening OR listener on 0.0.0.0:9001 Oct 29 03:31:33.131 [Notice] Opening Directory listener on 0.0.0.0:9030 Oct 29 03:31:33.138 [Notice] Opening Socks listener on 127.0.0.1:9050 Oct 29 03:31:33.142 [Notice] Opening Control listener on 127.0.0.1:9051 Oct 29 03:31:46.978 [Notice] Tor has successfully opened a circuit. Looks like client functionality is working. Oct 29 03:32:19.088 [Notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Oct 29 03:32:45.443 [Notice] Performing bandwidth self-test...done. Oct 29 03:33:41.789 [Warning] eventdns: All nameservers have failed Oct 29 03:33:41.872 [Notice] eventdns: Nameserver 68.87.69.146 is back up Oct 29 03:33:46.790 [Warning] eventdns: All nameservers have failed Oct 29 03:33:46.856 [Notice] eventdns: Nameserver 68.87.69.146 is back up I can see from the Bandwith Graph that some traffic does flow through, though not a lot. Is this normal? Is it OK that I get a nameserver error and how can that problem be solved?? The listed back up is my normal DNS at comcast. Algenon algenon flower [EMAIL PROTECTED] wrote: Hello Pei Hanru, experienced TOR users I have checked Linksys doc's and I think they were helpful. At present, I think I need to assign a static IP to my RHEL system behind NAT firewall. That seems to include two extra assigned IP numbers, like 196.168.1.20, Then I can use port forwarding set-up on NAT router. I bet this is elementary school for many of you, it took a little while for me :),, All I need now is the procedure to assign a static IP on RHEL. I am checking that now,, And, Hope it all Works! In any case, thanks to people interested, and additional comments welcome. peace, Algenon Pei Hanru [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2007-10-27 06:23 CST, algenon flower wrote: Hello Michael Holstein and other interested people I thought I had accomplished port forwarding (see attached file) but did not succeed. After checking with Linksys support site I am going to try a new apporach. Will study the doc's from Linksys, if anyone has experience with this please let me know. Algenon Unfortunately, you are doing worse... What you should do is first figuring out the *actual* private IP address of your Linux box, then forwarding port 9001 and port 9030 (or port range 9001-9030 if you like) to *that* address, rather than forwarding the same port range to three distinct addresses. It's a good idea to reread port forwarding part of Linksys manual carefully. Hanru -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Cygwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHJDrrtHG285r2MGoRAvAJAKDLRHZYc/5ZRXeNgaIXnZHUr/2zXgCeOqji h67261xOLOYdjvEyADPndks= =EmPN -END PGP SIGNATURE- __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
UpDate:,,, Having trouble setting up TOR server behind firewall...
Hello Pei Hanru, experienced TOR users I have checked Linksys doc's and I think they were helpful. At present, I think I need to assign a static IP to my RHEL system behind NAT firewall. That seems to include two extra assigned IP numbers, like 196.168.1.20, Then I can use port forwarding set-up on NAT router. I bet this is elementary school for many of you, it took a little while for me :),, All I need now is the procedure to assign a static IP on RHEL. I am checking that now,, And, Hope it all Works! In any case, thanks to people interested, and additional comments welcome. peace, Algenon Pei Hanru [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 2007-10-27 06:23 CST, algenon flower wrote: Hello Michael Holstein and other interested people I thought I had accomplished port forwarding (see attached file) but did not succeed. After checking with Linksys support site I am going to try a new apporach. Will study the doc's from Linksys, if anyone has experience with this please let me know. Algenon Unfortunately, you are doing worse... What you should do is first figuring out the *actual* private IP address of your Linux box, then forwarding port 9001 and port 9030 (or port range 9001-9030 if you like) to *that* address, rather than forwarding the same port range to three distinct addresses. It's a good idea to reread port forwarding part of Linksys manual carefully. Hanru -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Cygwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHJDrrtHG285r2MGoRAvAJAKDLRHZYc/5ZRXeNgaIXnZHUr/2zXgCeOqji h67261xOLOYdjvEyADPndks= =EmPN -END PGP SIGNATURE- __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Re: Hello Michael, Ringo all,, Having trouble setting up TOR server behind firewall...
Hello Michael Holstien Thank you very much for that info, I am going to try that and post results soon. I can see these things do end up a bit of a community project, not possible for 1 person to accomplish alone... I have to admit I am new to Linux, liked RedHat Enterprise Linux because it is supported by staff, but staff there just abandoned me saying they don't support help with Tor. I almost have this one last problem soved, hope to add to the project soon. Algenon Michael Holstein [EMAIL PROTECTED] wrote: http://your.router.ip username: blank password: admin Go to the advanced tab - forwarding set up two applications, ORport, DIRport .. select TCP, select 9001 and 9030, and point them to whatever IP you have on your linux box. Make sure you tell TOR to advertise your external IP address via torc. ~Mike. Hello Ringo Kamens Nice to hear from you, and thank you for your response. I am running RHEL v5, and a Linksys hardware firewall. I do not know yet how to configure port forwarding, am going to check with firewall settings to see if port forwarding is available there and confirm that I have entered the right IP of my RHEL system behind the firewall. I will reply with updated news, thanks for reply, hope ppl stay interested.,,:),, Algenon */Ringo Kamens [EMAIL PROTECTED]/* wrote: It sounds like you haven't enabled port forwarding on your firewall. Even if the ports are unblocked, the traffic might not go to the server. You need to forward all traffic coming to the firewall on ports 9001 and 9030 to your tor server. Comrade Ringo Kamens On 10/23/07, algenon flower wrote: Hello experienced TOR ppl, I am trying to set up a TOR server on Linux Redhat Enterprise v5,, I am using a Linksys hardware firewall that does have NAT and have modified the system to open ports 9001-9031. I have just installed TOR and Vidalia for Redhat on my system,and, using Vidalia configured TOR ot act as a server. My problem is: (TOR log below) Oct 22 20:45:19.089 [Notice] Tor v0.2.0.7-alpha (r11572). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686) Oct 22 20:45:29.624 [Notice] Tor has successfully opened a circuit. Looks like client functionality is working. Oct 22 20:45:29.769 [Notice] Now checking whether ORPort 24.22.67.176:9001 and DirPort 24.22.67.176:9030 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) Oct 22 20:46:37.127 [Warning] eventdns: All nameservers have failed Oct 22 20:46:37.299 [Notice] eventdns: Nameserver 68.87.69.146 is back up Oct 22 20:47:29.326 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 20:54:35.222 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 21:00:39.050 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 21:05:25.858 [Warning] Your server (24.22.67.176:9001) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. Oct 22 21:05:25.876 [Warning] Your server (24.22.67.176:9030) has not managed to confirm that its DirPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. *** To simplify things, I have disabled Redhat's software firewall, to make sure it is not causing the problem. I am a little unsure I have configured my firewall to accept traffic on ports 9001 and 9030,, I can supply info from the firewall to whomever is interested in helping. Does anyone have any good ideas about how I can get my TOR server up what the problem is?? Love to hear,,, Algenon __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has
Hello Ringo Kamens,,, Having trouble setting up TOR server behind firewall...
Hello Ringo Kamens Nice to hear from you, and thank you for your response. I am running RHEL v5, and a Linksys hardware firewall. I do not know yet how to configure port forwarding, am going to check with firewall settings to see if port forwarding is available there and confirm that I have entered the right IP of my RHEL system behind the firewall. I will reply with updated news, thanks for reply, hope ppl stay interested.,,:),, Algenon Ringo Kamens [EMAIL PROTECTED] wrote: It sounds like you haven't enabled port forwarding on your firewall. Even if the ports are unblocked, the traffic might not go to the server. You need to forward all traffic coming to the firewall on ports 9001 and 9030 to your tor server. Comrade Ringo Kamens On 10/23/07, algenon flower wrote: Hello experienced TOR ppl, I am trying to set up a TOR server on Linux Redhat Enterprise v5,, I am using a Linksys hardware firewall that does have NAT and have modified the system to open ports 9001-9031. I have just installed TOR and Vidalia for Redhat on my system,and, using Vidalia configured TOR ot act as a server. My problem is: (TOR log below) Oct 22 20:45:19.089 [Notice] Tor v0.2.0.7-alpha (r11572). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686) Oct 22 20:45:29.624 [Notice] Tor has successfully opened a circuit. Looks like client functionality is working. Oct 22 20:45:29.769 [Notice] Now checking whether ORPort 24.22.67.176:9001 and DirPort 24.22.67.176:9030 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) Oct 22 20:46:37.127 [Warning] eventdns: All nameservers have failed Oct 22 20:46:37.299 [Notice] eventdns: Nameserver 68.87.69.146 is back up Oct 22 20:47:29.326 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 20:54:35.222 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 21:00:39.050 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 21:05:25.858 [Warning] Your server (24.22.67.176:9001) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. Oct 22 21:05:25.876 [Warning] Your server (24.22.67.176:9030) has not managed to confirm that its DirPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. *** To simplify things, I have disabled Redhat's software firewall, to make sure it is not causing the problem. I am a little unsure I have configured my firewall to accept traffic on ports 9001 and 9030,, I can supply info from the firewall to whomever is interested in helping. Does anyone have any good ideas about how I can get my TOR server up what the problem is?? Love to hear,,, Algenon __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Having trouble setting up TOR server Additional info,,
Hello experienced TOR people,,, I realize I may have become a little obsessed with getting my TOR server up, but for me it represents an important step in my education, and I intend it to be an aid, at least in some small way, to the TOR project. I think I am almost there, just that I have to configure my firewall and perhaps other in order for it to work. I have decided to provide the Linksys config current in html as an aid for anyone who might have hints on what direction I should go to fix the problem. Normally I would not post this much info, but am not sure of more options. Thanks in advance, Algenon algenon flower [EMAIL PROTECTED] wrote: Hello experienced TOR ppl, I am trying to set up a TOR server on Linux Redhat Enterprise v5,, I am using a Linksys hardware firewall that does have NAT and have modified the system to open ports 9001-9031. I have just installed TOR and Vidalia for Redhat on my system,and, using Vidalia configured TOR ot act as a server. My problem is: (TOR log below) Oct 22 20:45:19.089 [Notice] Tor v0.2.0.7-alpha (r11572). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686) Oct 22 20:45:29.624 [Notice] Tor has successfully opened a circuit. Looks like client functionality is working. Oct 22 20:45:29.769 [Notice] Now checking whether ORPort 24.22.67.176:9001 and DirPort 24.22.67.176:9030 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) Oct 22 20:46:37.127 [Warning] eventdns: All nameservers have failed Oct 22 20:46:37.299 [Notice] eventdns: Nameserver 68.87.69.146 is back up Oct 22 20:47:29.326 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 20:54:35.222 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 21:00:39.050 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 21:05:25.858 [Warning] Your server (24.22.67.176:9001) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. Oct 22 21:05:25.876 [Warning] Your server (24.22.67.176:9030) has not managed to confirm that its DirPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. *** To simplify things, I have disabled Redhat's software firewall, to make sure it is not causing the problem. I am a little unsure I have configured my firewall to accept traffic on ports 9001 and 9030,, I can supply info from the firewall to whomever is interested in helping. Does anyone have any good ideas about how I can get my TOR server up what the problem is?? Love to hear,,, Algenon __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com Linksys_Errors.tar.gz Description: 2980260711-Linksys_Errors.tar.gz
Re: Having trouble setting up TOR server Additional info,,
Hello Pei Hanru! Nice to hear from you. I am trying to re-check my RHEL with TOR to make sure I have the correct IP behind the firewall. That easily could be the problem,, Will get back to you as soon as I have news about it or report. Thanks for your interest, will talk later, Algenon Pei Hanru [EMAIL PROTECTED] wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Algenon On 2007-10-23 18:32 CST, algenon flower wrote: Hello experienced TOR people,,, I realize I may have become a little obsessed with getting my TOR server up, but for me it represents an important step in my education, and I intend it to be an aid, at least in some small way, to the TOR project. I think I am almost there, just that I have to configure my firewall and perhaps other in order for it to work. I have decided to provide the Linksys config current in html as an aid for anyone who might have hints on what direction I should go to fix the problem. Normally I would not post this much info, but am not sure of more options. Thanks in advance, Algenon At Linksys_Port_Forwarding.htm (Port range forwarding) page, I noticed you have two similar port forwarding rules, but they have different IP addresses, one is 192.168.1.2, the other is 192.168.1.3, maybe that's where you problem lies. Delete the wrong one, and try again. Thanks for your contribution to the Tor community! Hanru -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (Cygwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHHdYstHG285r2MGoRAitYAJ91Sl8e/fXyiHb1WtwVcvXT+TckzwCeJII5 6ui+vxfngan+UKC94Dcyygk= =m+9q -END PGP SIGNATURE- __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Having trouble setting up TOR server behind firewall...
Hello experienced TOR ppl, I am trying to set up a TOR server on Linux Redhat Enterprise v5,, I am using a Linksys hardware firewall that does have NAT and have modified the system to open ports 9001-9031. I have just installed TOR and Vidalia for Redhat on my system,and, using Vidalia configured TOR ot act as a server. My problem is: (TOR log below) Oct 22 20:45:19.089 [Notice] Tor v0.2.0.7-alpha (r11572). This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686) Oct 22 20:45:29.624 [Notice] Tor has successfully opened a circuit. Looks like client functionality is working. Oct 22 20:45:29.769 [Notice] Now checking whether ORPort 24.22.67.176:9001 and DirPort 24.22.67.176:9030 are reachable... (this may take up to 20 minutes -- look for log messages indicating success) Oct 22 20:46:37.127 [Warning] eventdns: All nameservers have failed Oct 22 20:46:37.299 [Notice] eventdns: Nameserver 68.87.69.146 is back up Oct 22 20:47:29.326 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 20:54:35.222 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 21:00:39.050 [Notice] Freeing linked Socks connection [waiting for circuit] with 65 bytes on inbuf, 0 on outbuf. Oct 22 21:05:25.858 [Warning] Your server (24.22.67.176:9001) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. Oct 22 21:05:25.876 [Warning] Your server (24.22.67.176:9030) has not managed to confirm that its DirPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. *** To simplify things, I have disabled Redhat's software firewall, to make sure it is not causing the problem. I am a little unsure I have configured my firewall to accept traffic on ports 9001 and 9030,, I can supply info from the firewall to whomever is interested in helping. Does anyone have any good ideas about how I can get my TOR server up what the problem is?? Love to hear,,, Algenon __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
