[tor-relays] setting up a Tor exit node
I want to use Tor browser bundle to set up a Tor exit node in vidalia, I click set up relay - sharing then there are some options, I checked Relay traffic for the Tor network(exit relay) and then click ok however, it doesn't work, and the exit relay option is automatically unchecked, while the option relay traffic inside the tor network (non-exit relay) is checked how can I set up a Tor exit node? thanks! ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On 29.11.2012 11:24, esolve esolve wrote: I checked Relay traffic for the Tor network(exit relay) and then click ok however, it doesn't work, and the exit relay option is automatically unchecked, while the option relay traffic inside the tor network (non-exit relay) is checked Exit relaying already includes relaying traffic inside the Tor network. -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
but why the option Relay traffic for the Tor network(exit relay) is unchecked? and how to make the node just act as an exit node(make it not relay traffic to other tor nodes)? 2012/11/29 Moritz Bartl mor...@torservers.net On 29.11.2012 11:24, esolve esolve wrote: I checked Relay traffic for the Tor network(exit relay) and then click ok however, it doesn't work, and the exit relay option is automatically unchecked, while the option relay traffic inside the tor network (non-exit relay) is checked Exit relaying already includes relaying traffic inside the Tor network. -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On 29.11.2012 11:39, esolve esolve wrote: but why the option Relay traffic for the Tor network(exit relay) is unchecked? Have you checked some boxes under Exit Policies too? and how to make the node just act as an exit node(make it not relay traffic to other tor nodes)? You can't. -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On Thu, 29 Nov 2012 11:50:13 +, esolve esolve wrote: ... You mean I can't make it only function as an exit node using TBB? or it is no way to make it function only as an exit node except that I modify the source codes? Path selection is done on the originating tor node; if you announce yourself as an exit node you implicitly also announce yourself as a potential entry/middle node. You'd have to change everybody else's source to be exit-only. Andreas -- Totally trivial. Famous last words. From: Linus Torvalds torvalds@*.org Date: Fri, 22 Jan 2010 07:29:21 -0800 ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On 29.11.2012 11:50, esolve esolve wrote: and how to make the node just act as an exit node(make it not relay traffic to other tor nodes)? You can't. You mean I can't make it only function as an exit node using TBB? or it is no way to make it function only as an exit node except that I modify the source codes? This has nothing to do with TBB, but Tor itself. Any relay relays traffic within the Tor network, you cannot exclude that. -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On Thu, 29 Nov 2012 11:50:13 +0100 esolve esolve esolvepol...@gmail.com wrote: You mean I can't make it only function as an exit node using TBB? or it is no way to make it function only as an exit node except that I modify the source codes? Why would you want to? If you're trying to maximise the traffic that you can sslstrip, note that messing with exit traffic is frowned upon and will get you flagged as a BadExit when you're spotted. If you operate as a relay, not all of the traffic that comes in will be exit traffic. Therefore, an attacker will (a) have to sift through your outbound traffic and discard Tor connections, (b) have no direct correlation between your exit traffic and the relay it came from. Why is (b) important? Because potentially (depending on factors outside your control) you've just shortened somebody's route from 3 hops to 2. And this is a serious compromise to their anonymity. So please, reconsider before blindly hacking at the source. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On Thu, 29 Nov 2012 11:57:09 +0100 Andreas Krey a.k...@gmx.de wrote: Path selection is done on the originating tor node; if you announce yourself as an exit node you implicitly also announce yourself as a potential entry/middle node. You'd have to change everybody else's source to be exit-only. Well, no. You could add some code to drop any connections you don't like (i.e. those you can't snoop). Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On Thu, 29 Nov 2012 11:16:35 +, Julian Yon wrote: ... Well, no. You could add some code to drop any connections you don't like (i.e. those you can't snoop). Yes, but that would make you stand out detectably, wouldn't it? Andreas -- Totally trivial. Famous last words. From: Linus Torvalds torvalds@*.org Date: Fri, 22 Jan 2010 07:29:21 -0800 ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On Thu, 29 Nov 2012 12:51:38 +0100 Andreas Krey a.k...@gmx.de wrote: On Thu, 29 Nov 2012 11:16:35 +, Julian Yon wrote: ... Well, no. You could add some code to drop any connections you don't like (i.e. those you can't snoop). Yes, but that would make you stand out detectably, wouldn't it? One would expect so, yes. I'm quite baffled by the original question to be honest. Seems quite nonsensical, which is why I'm trying to work out what the intended outcome is. I don't like illogical things. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
I believe the original question was as simple as how do I act as a relay while acting as an exit node the user was confused because when he had selected exit, it unchecked the relay checkbox. On 11/29/2012 11:59 AM, Julian Yon wrote: On Thu, 29 Nov 2012 12:51:38 +0100 Andreas Krey a.k...@gmx.de wrote: On Thu, 29 Nov 2012 11:16:35 +, Julian Yon wrote: ... Well, no. You could add some code to drop any connections you don't like (i.e. those you can't snoop). Yes, but that would make you stand out detectably, wouldn't it? One would expect so, yes. I'm quite baffled by the original question to be honest. Seems quite nonsensical, which is why I'm trying to work out what the intended outcome is. I don't like illogical things. Julian ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] setting up a Tor exit node
On Thu, 29 Nov 2012 13:29:11 + k...@damnfbi.tk wrote: I believe the original question was as simple as how do I act as a relay while acting as an exit node the user was confused because when he had selected exit, it unchecked the relay checkbox. If you believe that, then you didn't read it properly. To start with, he was confused because he couldn't select exit, having not specified an exit policy. However, I was referring to the original question leading to this subthread: “You mean I can't make it only function as an exit node using TBB? or it is no way to make it function only as an exit node except that I modify the source codes?” (Feel free to verify that quote if you're in a pedantic mood.) It makes no sense to me why somebody would want to fire up a, presumably temporary, exit-only relay. Incidentally, mailing list threads are much easier to follow if you don't top-post. I'm sure others will thank you. Regards, Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
Also related, has anyone tried operating an exit behind a VPN/NAT/proxy service? As opposed to having secondary interfaces/routes on the local machine. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] How to get client locale statistics without arm?
On Wednesday, 28. November 2012, 14:47:05 Damian Johnson wrote: Have you tried tweaking the query rate options in your armrc? https://gitweb.torproject.org/arm.git/blob/HEAD:/armrc.sample No I have not yet tried this. Switching to the connection panel lets arm often freeze. Is there another way to get country statistics from a node? Maybe something build in Tor? You can query the locale for an address from tor via... https://gitweb.torproject.org/torspec.git/blob/HEAD:/control-spec.txt#l671 To simulate what arm does you could write a script that makes netstat/lsof/procstat queries, parse the results, then feed those addresses to the 'GETINFO ip-to-country/*' command. Actually, I could probably write a script for you that does this via stem (https://stem.readthedocs.org/en/latest/index.html)... Doing netstat queries means that I get 8+ ip addresses on my server. Each of these addresses I would have to check against the list of relays to sort out connections to other relays and only do GETINFO ip-to-country to the remaining IPs. This sounds complicated and error-prone. Can't the ORCONN event be used to get a notification if a client connects? Thanks for your help Torland ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] How to get client locale statistics without arm?
Doing netstat queries means that I get 8+ ip addresses on my server. Each of these addresses I would have to check against the list of relays to sort out connections to other relays and only do GETINFO ip-to-country to the remaining IPs. This sounds complicated and error-prone. Not really. Does this do the trick? from stem.control import Controller from stem.util import system TOR_PID = 3470 # fill this in! def get_tor_connections(): Provides the (ip address, port) tuples for tor's connections. results = [] netstat_output = system.call(netstat -np) established_entry = ESTABLISHED %s/tor % TOR_PID for line in netstat_output: if established_entry in line: ip, port = line.split()[4].split(':') results.append((ip, port)) return results with Controller.from_port(control_port = 9051) as controller: controller.authenticate() relay_ips = set([desc.address for desc in controller.get_network_statuses()]) for ip, port in get_tor_connections(): if ip not in relay_ips: locale = controller.get_info('ip-to-country/%s' % ip) print 'exit connection to %s' % locale ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Prepared for [Raided for running a Tor exit node]?
Running an exit node from home DSL or Cable is bad idea. One must look for a Tor friendly ISP and have balls made of steel! ... ISP[/hoster] and[/or] have ... However, I do not believe it is that way in the United States What 'way'? Running an exit node at home, or elsewhere, would seem to come down to... a) Are you physically ready for a query / subpoena / search warrant / exigent raid? Are things segregated by room? Are your doors and machines labeled with the same sort of exit node notice you'd put on the TCP port and in DNS? Have you inventoried, photographed and documented your setup and property? Do you have offsite backups? Are private things encrypted? Are any co-habitants aware and similarly prepared? b) Are you mentally ready? Is your life and butt otherwise clean, legal, and organized? If you were to appear in court, how would you act and be perceived? How do you feel about being in the news and in public docs? Have you networked with other operators and entities? c) Are you legally, financially, and timewise ready? Have you consulted with and preselected a couple attorneys? Have you made arrangements for making bail? How will you make court required appearances? All these sorts of meta things, and surely more, come into play whether or not you're ever raided. I'd suggest making a wiki article for them. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays