Re: [tor-relays] Traceroute measurement from Tor relays
On Wed, Oct 23, 2013, at 04:09 PM, Karsten Loesing wrote: The measurements will work best if you have the scamper tool from the Cooperative Association for Internet Data Analysis (CAIDA) installed (see the README for installation instructions). Your README should probably explicitly say that you need to run sudo chmod 04555 /path/to/scamper after installing scamper or it won't work. GD -- http://www.fastmail.fm - Or how I learned to stop worrying and love email again ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Cheap non exit relay recommendation
On Thu, 24 Oct 2013 19:08:22 +0200 Christian Dietrich christian.d.dietr...@gmail.com wrote: Anyway, i can recommend my current hoster for non exit tor nodes, you will get: HP ML310e G8 Server (/w iLO4) Intel XEON E3-1230v2 (4x 3,3 GHz /w HT) 16 GB DDR3 ECC 2x 1 TB SATA RAID1 Disks 1000mbit unmetered traffic (pushed ~100 TB so far, no problems) 1 IPv4 Adress (5,-€ per additional) / /64 IPv6 for 69,99€ (currently ~96 USD) hXXp://goo.gl/pXkb78 Germany based. I think this is currently the best deal for non exit relays. Thanks, definitely very interesting/useful. -- With respect, Roman signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] running Tor relay live with AddressSanitizer
Has anyone tried running a live relay with an image built using GCC 4.8 and -fsanitize=address? AddressSanitizer documentation says it should be no worse than about x4 on CPU and typically about x2, so it looks reasonable to try. I'm seeing peak CPU of about 7-8% of a 2.2GHz AMD core. I'd probably create a static build, with 'libevent' and 'tor' compiled using -fsanitize=address -O1 -fno-omit-frame-pointer -g per the Google documentation and 'libz' compiled normally since 'zlib' is stable and mature. Any thoughts or experience? Thanks ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Traceroute measurement from Tor relays
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 That's where you come in. To figure out where traffic travels from your relay, we'd like you to run a bunch of traceroutes - network measurements that show the paths traffic takes. This is a one-time experiment for now, but, depending on what we find out, regularly making such measurements may become a part of Tor itself. We have already gotten some results thanks to Linus Nordberg of DFRI and Moritz Bartl of torservers.net, and now it's time to ask all relay operators to help. We would like to start this right away. How much bandwidth will this be taking up, and roughly how much will be uploaded/downloaded? I've cloned the repo, but I'm nervous about running this if it's going to be a significant bandwidth hog for a whole week. As Aaron said in Issue 39, it looks like it's going to be a lot of IPs and a large amount of packets. Also, ISPs may not take kindly to all these scans. What's the word on that? Has anyone run this tool, and what's their opinion? I'd be happy to help, but I'd like to know the full details of the various resources this tool will be consuming. Jesse V. -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.11 (GNU/Linux) iQF8BAEBCgBmBQJSacyDXxSAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMjgyMjhENjEyODQ1OTU1NzBCMjgwRkFB RDk3MzY0RkMyMEJFQzgwAAoJEK2XNk/CC+yAhy4IAJ0OSiPjqFTq8bqyU+nXZX7R 6TgA1nmU3Q2tEc6CVBf+/eBpddyAmAG5SZ8/vXKGrUB2VtujaW/VMZ/9zaEMql2B KKGcPcYAy0wQUcJPFZEw0TMuRS5dVV+bEmUXEYh3DhfECVfsGMy8b1mP0UuxW9MN 8UQFiDbzT04lGo2vNOpFGk2DuH+WVHzDj1/Nqv249iobPQWqvebJtFbTnoWrt7m/ cAO3kJtSq43RJSQcImXqwOKDdnTLI5/7FSlP/0Mw5N7ROBMUVfA9/80mRY3VcxtX u6EHP8ZE0JPBOf6WAnwjJU1DBay9EUtHuPpYu1jO9pfuWDrPINyR7NgSg+wEWIQ= =yDvu -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Advice on dealing with ISP's response to DMCA takedown notice.
On Thu, Oct 24, 2013 at 09:10:15PM -0400, Christopher Jones wrote: Suggestions are welcome. I?m running with the default exit node policy, which should block most of the abuse-laden ports. BitTorrent?s a little harder to deal with. I?ve no qualms working with the ISP to mitigate their concerns, but I?m not sensing their returning the same spirit of cooperation. You might like the 'reduced exit policy': https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines But it sounds like it won't entirely solve your problem at this point, and it's time for either diplomacy and education, or some other ideas. I'll let others chime in with suggestions. Thanks! --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] TCP: drop open request
Hi! Since yesterday, the kern.log of the relay I'm running is flooded with TCP: drop open request from. I first thought it was a kind of DDOS on our servers but it seems to be related to Tor (When I stop Tor, kernel doesn't complain anymore). Does somebody have an idea of why this is happening and what to do to mitigate it? Thanks a lot. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Advice on dealing with ISP's response to DMCA takedown notice.
On Thu, Oct 24, 2013 at 11:45 PM, Roger Dingledine a...@mit.edu wrote: You might like the 'reduced exit policy': https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines But it sounds like it won't entirely solve your problem at this point, and it's time for either diplomacy and education, or some other ideas. I'll let others chime in with suggestions. As others have said: - Work together with your hoster to adjust the policy - Offer to handle their ticket issues for them by asking for the full email of the complaint with addresses you can reply to (as a service operator in the US that's pretty much your responsibility to field those directly, then that of your upstream if you don't). Then contact the complainer, send them the Tor docs, tell them your server has no data on it and get them to remove you from their lists and close their case. Keep your hoster informed and especially copy them on any case closed or delisting success. - Some relay operators opt to SWIP the address space to them and effectively become the ISP of record. - If those don't work, close your account yourself and tell them that based on your poor experience with them that you will let others know not to buy from them when the topic of hosting comes up. - Add an entry to the goodbadproviders wiki page and point them to it. Details for all of this are in the archives of this list. Thanks for relaying traffic :) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] TCP: drop open request
On Fri, Oct 25, 2013 at 12:10 AM, Roger Dingledine a...@mit.edu wrote: On Fri, Oct 25, 2013 at 12:43:42PM +0900, mett wrote: Since yesterday, the kern.log of the relay I'm running is flooded with TCP: drop open request from. I first thought it was a kind of DDOS on our servers but it seems to be related to Tor (When I stop Tor, kernel doesn't complain anymore). if you're in BSD-land. It's a Linux message. Feed it to a search engine and you'll find several things to try depending on what the cause is. It shuts off either because Tor is attracting the syn's or the overall count is lower with Tor off, you'll have to tcpdump to see. Look into syn cookies, packet filter rules, and stack tuning. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
