[tor-relays] How to handle an abuse report
Hi all, Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node, I decided to go for the restricted mode to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p). Everything went well so far, until today. Someone, let's call this person/group A, reported an abuse to Hetzner. A TOR User, B, is spamming chat/forums with vociferous insults and disrespectful messages, I got a copy of few of them and the insults from B are as bad as the ideas defended by A, but I'm not here to judge anyone... From A's timezone, it happened from the 9th of May, 8:20PM to the 10th of May, 2:30 AM. Given the nature of the TOR network, I assumed that it is very unlikely that stupid-B will use my server's IP to insult stupid-A any time soon... or is it? Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in restricted mode, but how can I defend myself, I am not sure that my restricted node and given the nature of the TOR network arguments will convinced them the Hetzner dudes. Could anyone gives advice, feedback or stories on how to deal with this situation? Best regards, Chris [1] https://atlas.torproject.org/#details/18B6EBAF10814335242ECA5705A04AAD29774078 -- QtCreator/qmakeparser.cpp:42 // Parser /// #define fL1S(s) QString::fromLatin1(s) namespace { // MSVC2010 doesn't seem to know the semantics of static ... ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Remove From LIST
Actually, there is a great description on How to unsubscribe from a mailman mailinglist available. Maybe link this in the footer section. http://article.gmane.org/gmane.network.opennms.general/7202 Regards, Sven. -- PGP Key: https://0x80.io/pub/files/key.asc PGP Key Fingerprint: 2DF2 79CD 48DD 4D38 F0B6 7557 2E68 D557 49AA 1D99 Note: I'll be transitioning away from this key in the near future. On 05/14/2014 04:17 AM, krishna e bera wrote: On 14-05-13 07:34 PM, Eric Giannini wrote: Hi Tor, Please remove my email from the lists.torproject.org Eric ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays Please consider adding a phrase such as To remove yourself from the list or see archives, visit the below link: just above the url. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] How to handle an abuse report
Jeroen Massar: Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in restricted mode, but how can I defend myself, I am not sure that my restricted node and given the nature of the TOR network arguments will convinced them the Hetzner dudes. You cannot defend yourself. There is no way for anybody to be able to claim that it was you, not you, or somebody else. That is the bad thing about an exit. You are responsible what happens from that IP. Sorry but the last statement is wrong in many jurisdictions: https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines#Legal For Germany, see TMG §8 and §15. -- Lunar lu...@torproject.org signature.asc Description: Digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] How to handle an abuse report
On Wed, May 14, 2014 at 10:08:47PM +1200, Ch'Gans wrote: Hi all, Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node, I decided to go for the restricted mode Hetzner doesn't like exits. Run a middleman. to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p). ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Malicious or crappily configured exit node
On 14/05/14 23:16, u wrote: Hello! referring to https://trac.torproject.org/projects/tor/wiki/doc/badRelays, i sent this also to tor-assistances@tpo. Never got an answer though :( One of the reason I've heard on other mailing lists, is that people sometimes get flagged as spam, and indeed your email is flagged as spam by gmail in my case. So if I didn't check my spam box, i would never have heard about your email despite being on this mailing list Chris Now and then, I use Icedove with TorBirdy under Debian. While connecting to port 465 on my usual mailserver, using SSL, I sometimes get an SSL certificate alert. The certificate presented is not my usual certificate at all (which works without adding an exception), but one for cab.cabinethardwareparts.com, pretending to be my mailserver. [1] I've searched a bit for information on that exit node and found: http://torstatus.rueckgr.at/router_detail.php?FP=0cc9b8aa649881c39e948e70b662772d8695c2e9 This node has flags: fast, stable, guard... I tried it several times and the behaviour was repeatedly the same. Last time it happened was 10 days ago. Then again today. I'm not quite sure where to report this (that is how this e-mail ends up on tor-relays :) ), nor how to avoid this exit node. Is there a way to do that? Thanks, u. [1] http://pix.toile-libre.org/upload/original/1399232278.png screenshot of the certificate ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- QtCreator/qmakeparser.cpp:42 // Parser /// #define fL1S(s) QString::fromLatin1(s) namespace { // MSVC2010 doesn't seem to know the semantics of static ... ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] How to handle an abuse report
On 15/05/14 01:02, Ed Carter wrote: The abuse reply templates located at https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates contain some good ideas about how to reply to various complaints. Hi Ed, Thanks for the link, I still haven't decided yet how to handle this, but for the sake of record, this link might be useful too: https://www.torservers.net/wiki/abuse/templates Chris Hi all, Since 3 weeks, I'm running a TOR exit node [1] on a server I rent from Hetzner (A German hosting company), after reading about using Hetzner to run a TOR node, I decided to go for the restricted mode to avoid any stupid copywrong issue (That is, I allowed only a limited set of ports, which sadly excludes p2p). Everything went well so far, until today. Someone, let's call this person/group A, reported an abuse to Hetzner. A TOR User, B, is spamming chat/forums with vociferous insults and disrespectful messages, I got a copy of few of them and the insults from B are as bad as the ideas defended by A, but I'm not here to judge anyone... From A's timezone, it happened from the 9th of May, 8:20PM to the 10th of May, 2:30 AM. Given the nature of the TOR network, I assumed that it is very unlikely that stupid-B will use my server's IP to insult stupid-A any time soon... or is it? Now, I have to report to Hetzner, I will tell them that I'm running a TOR exit node in restricted mode, but how can I defend myself, I am not sure that my restricted node and given the nature of the TOR network arguments will convinced them the Hetzner dudes. Could anyone gives advice, feedback or stories on how to deal with this situation? Best regards, Chris [1] https://atlas.torproject.org/#details/18B6EBAF10814335242ECA5705A04AAD29774078 -- QtCreator/qmakeparser.cpp:42 // Parser /// #define fL1S(s) QString::fromLatin1(s) namespace { // MSVC2010 doesn't seem to know the semantics of static ... ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- QtCreator/qmakeparser.cpp:42 // Parser /// #define fL1S(s) QString::fromLatin1(s) namespace { // MSVC2010 doesn't seem to know the semantics of static ... ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] How to handle an abuse report
On 05/14/2014 01:29 PM, Lunar wrote: about an exit. You are responsible what happens from that IP. Sorry but the last statement is wrong in many jurisdictions: https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines#Legal For Germany, see TMG §8 and §15. True, but the location of the server defines the legal territory for the data center, not your own. Even if you rent a server in a foreign country, you must still conform and know about your local laws. Then, in addition, you can take the foreign country's laws into account as well. -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] How to handle an abuse report
Hi, On 05/14/2014 01:09 PM, Ch'Gans wrote: Yes, I did. And it's neither all-white nor all-black, so I decided i would give it a go, in restricted mode w/ finger crossed. Update: OK, maybe... After reading again and again, it's more a deep-dark-grey than a white, Regardless, you should _always_ ask the ISP _beforehand_ if they're ok with a Tor exit. For more information, see https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] my orphan relay
I'm running an ordinary bridge on what I think is a respectable duty cycle, but over the past three or so months it's not carried any traffic at all. With the advent of obfsproxy bridges, does the algorithm(?) that serves out bridge addresses no longer recognize ordinary bridges? Are ordinary bridges no longer useful? Details: Running VBB 0.2.4.20-0.2.21. Network Map and my own port scanners show that the bridge has regularly and reliably hooked onto circuits. A sample of 20 days uptime since March 20th shows the average sent/recv bandwith to be 5%/day, with a range of 2% to 7%. The bridge shows as running in OOo and Globe. There is no problem with the Who has used my bridge module(?): When I open a Tor client at a remote ISP, Who has used my bridge immediately lights up showing traffic from that client's country. Thanks for any advice - eliaz gpg 0x04DEF82B ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Malicious or crappily configured exit node
Thomas Themel: Excerpts from u's message of Wed May 14 13:16:21 +0200 2014: I'm not quite sure where to report this (that is how this e-mail ends up on tor-relays :) ), nor how to avoid this exit node. Is there a way to do that? ExcludeNodes in torrc allows you to avoid this node, enjoy the docs at https://www.torproject.org/docs/tor-manual.html.en for details. This is not really the question here. Such relay should get a BadExit flag from the directory authorities so that every Tor clients avoid it without having any extra configuration. -- Lunar lu...@torproject.org signature.asc Description: Digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Malicious or crappily configured exit node
Lunar: Thomas Themel: Excerpts from u's message of Wed May 14 13:16:21 +0200 2014: I'm not quite sure where to report this (that is how this e-mail ends up on tor-relays :) ), nor how to avoid this exit node. Is there a way to do that? ExcludeNodes in torrc allows you to avoid this node, enjoy the docs at https://www.torproject.org/docs/tor-manual.html.en for details. Thanks Thomas, that is what i did in the meantime. This is not really the question here. Such relay should get a BadExit flag from the directory authorities so that every Tor clients avoid it without having any extra configuration. +1. That was indeed the idea of starting this thread :) Lunar, is there a better place to report this than here? u. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Ops request: Deploy OpenVPN terminators
On Tue, May 13, 2014 at 8:27 PM, Tom Ritter t...@ritter.vg wrote: This seems very similar to the idea of having private exit nodes: https://www.torproject.org/docs/faq#HideExits Tor daemon must of course know its exit OR ip's+ports via some mechanism (currently, distributed consensus), or Tor would not work. There is no such thing as private exits in that context. Every anon protocol learns its own peers somehow. Running OpenVPN terminators on your exit box on a different ip than your tor exit is unrelated to Tor itself. It is an extra/enhanced service relay operators would choose to provide on their own. It's also easy to enumerate Exit IPs not by scanning up/down, by just building a circuit through every exit node to a server you control, and looking at the originating IP. Given that very few exit relays exit via an IP not in the consensus, enemies of tor do not have to scan or build, they can just look at the consensus. This is not relevant to the context of this proposal. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Thinking about deploying a new node
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 So, every now and then, somebody asks what the best use of a node would be--bridge, relay, or exit. And yes, this is one of those requests. This would be a VPS from VPS Nodes. I checked the list of good and bad ISPs, and they don't seem to be listed. So I asked them directly how they felt about Tor, and this was the response: While we don't specifically disallow Tor by name, it does come under the ToS as it is commonly used to launch large scale DDOS and SPAM campaigns and is therefore not allowed on our network for that reason. rDNS is provided as standard, you need to have a valid FQDN A record associated with the IP address that is assigned to your container. As far as SWIP, I would have to pass the request on to management as they are the only ones with that access. Seems pretty clear to me that they're not in favor of having an exit on their network. (I brought up the reduced exit policy and asked specifically about SWIP so that I could handle most of whatever abuse complaints come in, but they wouldn't provide anything further than this response.) That leaves bridge or standard relay. My question is, given 3TB of monthly bandwidth and a 100Mbps (shared) uplink, would it be better to run as an entry/middle node, or as an obfs3/scramblesuit bridge? (If there are other suggestions for trying to talk VPS Nodes into allowing an exit node, I'm all ears--though it may be better left with somebody with more experience talking to ISPs.) Thanks in advance, -Lance -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBCgAGBQJTdCUCAAoJEECmBqfoBgXnV2EQAKcP+K+b698oExGXuI3C5FLh YOGU6z1XQy6C/ERkcNxqTfSbqF/5Izm1ey+1qzr41keVUQ1CKkPgGWbgz/plnCbu ZJf3riJrYucg27RHCSioz3ZBt8NV7d8msRrJAVsUoZy90MyghxYTXH6faGBrLNdw tUnhT9IhSp2C46/JBlPa02FM3Aa4JXggnuhxmUNzpCsNun12D+U3AXefStOjo2GC a9CnXFxxmvHURm7CRlXm7VDMyXZYtWWvBny3ndXhAwdp1EXJ67cjcxdml7PNRYqD 6OOWbfc70i6f8f5YhFFvcsLBlxBaTFTLBWz3J7SQPbVk6W8x8Av3rSvfky7wGyW7 qdbB1UI2FvsIVVCzr8e5bZxjxxUIABMm3Dpg5P+d0y7m7Gts9QhfLtgDMDZHwTYO bbsaDjJO7hUlFFd029PPW6PkH1dSD6pIjkE78ZAX57+5ZBk6JeMhOl8uWeqvbkbz KlOJJ34w0dVLCYiSF+q/BT2tlRMYVjUnQpbWHoxIZNcqBF4bzHdh0O5p/Fg0LSwD GFMOeRpMIDe6oJhU9xo/rdEVjIUGA9rRCBalT2N9fD3XhMQRGm4z/4e41A+YOE61 00BqybYG3Cof87QGqvZEv7zg8w0iU1n2LT52MvpfnQC15QoDvq8GA8C4wAoNpdQv Te15KnmiIweVAXjZBzZ1 =PeIP -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Fwd: [tor-talk] Fwd: Ops request: Deploy OpenVPN terminators
to list, not me. -- Forwarded message -- From: Mirimir miri...@riseup.net Date: Wed, May 14, 2014 at 11:58 PM Subject: Re: [tor-talk] Fwd: [tor-relays] Ops request: Deploy OpenVPN terminators On 05/14/2014 09:07 PM, grarpamp wrote: On Tue, May 13, 2014 at 5:48 PM, Jeroen Massar jer...@massar.ch wrote: SNIP user - ovpn - torcli -- exit torrelay or_ip - localhost - ovpn_ip -- world That ovpn part on the left is easily detected by any party in the middle doing No. Understand the diagram. It is not detectable by anyone between torcli and torrelay, because that is just normal tor. Note that you are running IP over TCP over Tor (which is over TCP). Of course. Unless of course, as suggested before, some operators choose the method of binding/routing their exit over an ip different from their OR_IP, then it would just be native tor and native TCP. The performance of that will be very bad. Tor network is already overloaded enough as it is. No it won't, I've tested it, it works just fine. The only issue is the exit ip may change. So the exit operator is expected to block access to ovpn_ip from anything other than their associated or_ip, and the user is expected to config their client to use only the associated exit per whatever 'world' usage session they have in mind. It's not supposed to be point-click easy, only possible. That's a very cool idea :) Using $5/mo VPS, there could be a large pool of exit IPs for each Tor exit. SNIP -- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays