[tor-relays] Relays for 5G smartphones
Dear Sirs, I've been experiencing a lot of "weird" traffic to/from the Danish State's welfare and app for corona-virus testing answers! I am using 4G Orbot, RiseUp VPN and Tor Browser, Tor Browser (Alpha), but also with Proton VPN and ordinary browsers like Firefox & Chromium browsers are very unstable. I have gathered a lot of screendumps and logs, and I am sure somebody hat taken over their site, and Duckduckgo redirects all the traffic to these sites where NemID, has to confirm wh you are, when trying to get answers for the corona-test! These sites are: sundhed dot dk coronaprover dot dk There are no problems accessing these sites, with the correct setup of security settings for me! FYI the sundhed dot dk is owned by the Danish Welfare & Heakth system with an app called MinSundhed, which also have weird traffic redirections! Regards David Sent with ProtonMail Secure Email. publickey - atuaruk@protonmail.com - 0x4CA600D0.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] recently saw 4 tor relays in row on tails. bug in tor?
ORBot for Android has a related bug? David Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Thursday, October 22, 2020 8:42 PM, Roger Dingledine wrote: > On Thu, Oct 22, 2020 at 04:19:35AM +, BRBfGWMz wrote: > > > I recently saw a series of 4 relays connected to each other: > > itomori, MediumSlesmn, hotbrownie, pellidos > > itomori, docto, Geheimschreiber, 420isGay > > Dont most relays in the network of length 3? Bug in tor? > > Your Tor picks three hops that it controls, and if it needs to build a > circuit that involves a relay that it didn't pick, it uses that other > relay as a fourth hop. > > So you didn't tell us what you were doing, but this is normal behavior > for example when you're loading an onion service, because the rendezvous > process involves building circuits to relays that the onion service > picked. Your first three relays are for protecting you, and the later > relays in the path are there for other goals. > > --Roger > > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays publickey - atuaruk@protonmail.com - 0x4CA600D0.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] relay got suspended
Dear Adam & Paul, There have been a quite unusual traffic here in Denmark too, I am situated on the island of Als running on STOFA A/S and TDC Yousee A/S networks, which are being redirecting as if the relays were under DDoS attack, by taking over the link and be a man in the middle? Relays, bridges and exits have been not trustable and many certificates are wrong, so do a double, trible check even if you are connected to tor networks! Regards David Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Sunday, October 25, 2020 8:15 PM, Paul Geurts wrote: > hi y'all, > > one of my relays got suspended today, because of heavy ddos traffic. > > Hello, > > Today your VPS IP address was heavily attacked by a large DDoS, so we were > forced to suspend the VPS and null the IP for the time being, since it had > overloaded our upstream provider. We are keeping an eye on the situation, > however in the meantime you will want to get your site behind a DDoS filter > such as CloudFlare. > > Let us know if you have any further questions. > > Thank you! > > Adam > > has any of you see this behauvior? I think there is no use in putting a relay > behind a ddos filter, or is there? In that case I'll just spin up another one. > > relay in question is this one, almost 7 months with no interuption what so > ever, no indication in the (munin) monitoring for high or higher traffic... > because the vps is suspended I don't have the latest syslog so I don't know > for sure whether anything has shown up there, but I am quite sure that > yesterday there were no abnormal logging entries on this server. > > https://metrics.torproject.org/rs.html#details/CDE4149F0DC65A7BE1AE440340BE1C7A18135E29 > > rgds,. Paul publickey - atuaruk@protonmail.com - 0x4CA600D0.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] recently saw 4 tor relays in row on tails. bug in tor?
I've seen alot of unusual activity too!?! Relays with bad certificates are also common nowadays! It looks like that many relays are under attack? Here in Skandinavia there are a lot of problems connecting, even ORBOT or Android devices are compromized? David Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Thursday, October 22, 2020 6:19 AM, BRBfGWMz wrote: > I recently saw a series of 4 relays connected to each other: > > itomori, MediumSlesmn, hotbrownie, pellidos > itomori, docto, Geheimschreiber, 420isGay > > Dont most relays in the network of length 3? Bug in tor? > > -- > Sent using MsgSafe.io's Free Plan > Private, encrypted, online communication > For everyone. www.msgsafe.io publickey - atuaruk@protonmail.com - 0x4CA600D0.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Trying to write a script to auto update tor expert bundle on Windows 10
An bundle you want to autoupdate in Windows 10, is really a bad idea! Or are you such an expert, which can handle the traffic you have allowed to/from Windows Servers? Regards David Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐ Original Message ‐‐‐ On Friday, January 24, 2020 11:13 PM, Keifer Bly wrote: > Hello list, > > I am attempting to write a VBscript similar to this one at > https://superuser.com/questions/59465/is-it-possible-to-download-using-the-windows-command-line > > I am wondering, is there a url to download the tor expert bundle as well as > OBFS4 that does not change for newer versions? The bridge I am trying to do > this for is here: > > Thank you. > > [https://metrics.torprojectorg/rs.html#details/386E99371B8CD938248940B754F16AAC54B5712B](https://metrics.torproject.org/rs.html#details/386E99371B8CD938248940B754F16AAC54B5712B) > > --Keifer___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] New relay on dynamic IP address
hi m, did you use the docs about Part 3: https://community.torproject.org/relay/setup/guard/debianubuntu/updates/ 3. Automatically reboot If you want to automatically reboot add the following at the the end of the file /etc/apt/apt.conf.d/50unattended-upgrades: Unattended-Upgrade::Automatic-Reboot "true"; - or do i misunderstand something? Regards David Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Thursday, January 23, 2020 2:19 PM, Mario Costa wrote: > Hello, > > I started a new relay at home. I was really surprised to see it gain a Guard > flag in about a week since it first came online. My first relay (on a VPS) > became a Guard well over a month after I set it up. How can I assess what was > different this time? > > Also, I’m wondering what will happen when the dynamic IP changes. Sooner or > later I’ll have a power outage or restart the modem. Last time my IP changed > it happened overnight for no evident reason. Will this relay lose its flags? > Is a really with a dynamic IP address useful at all? > > Cheers, > > -m > > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Relay with odd behavior
How can we help testing? Regards David Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Saturday, January 11, 2020 9:51 AM, Clément Février wrote: > Hi, > > I am running a tor relay on Ubuntu 18.04 in a LXD container. After > upgrading form tor version 0.4.2.5-1~bionic+1 over 0.4.1.6-1~bionic+1, > my relay is having an odd behavior. > > My relay is running for 9 days and the number of connections dropped > from from ~5000 with 0.4.1.6-1 to 9 or less with 0.4.2.5-1. > > In addition, my relay does not appear anymore on > https://metrics.torproject.org > > The fingerprint is 33D88F331408141F2A2CC563239E54E48F7A211B > > IPs are 151.127.52.79 and 2001:41d0:fecf:8900:216:3eff:fe8a:e4a6 > > Regards, > Clément > > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Can anyone help with this issue?
I have also seen that error in debian distros! Download their certificate? Installation instructions: https://tails.boum.org/install/expert/usb/index.en.html Regards David Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Monday, January 6, 2020 10:41 AM, John Csuti wrote: > $ sudo apt update > Hit:1 http://us.archive.ubuntu.com/ubuntu xenial InRelease > Hit:2 http://us.archive.ubuntu.com/ubuntu xenial-updates InRelease > Hit:3 http://us.archive.ubuntu.com/ubuntu xenial-backports InRelease > Hit:4 http://security.ubuntu.com/ubuntu xenial-security InRelease > Ign:5 http://download.webmin.com/download/repository sarge InRelease > Ign:6 https://deb.torproject.org/torproject.org xenial InRelease > Hit:7 http://download.webmin.com/download/repository sarge Release > Err:8 https://deb.torproject.org/torproject.org xenial Release > server certificate verification failed. CAfile: > /etc/ssl/certs/ca-certificates.crt CRLfile: none > Reading package lists... Done > E: The repository 'https://deb.torproject.org/torproject.org xenial > Release' does not have a Release file. > N: Updating from such a repository can't be done securely, and is > therefore disabled by default. > N: See apt-secure(8) manpage for repository creation and user > configuration details. > $ date > Mon Jan 6 04:32:36 EST 2020 > > I have fixed this before but I am not sure how I did it :( > > --John > > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Unutilized bandwidth
Maybe it was meant to be like that may be your server needed to be rebooted Sent from ProtonMail mobile Original Message On 1 Aug 2019, 01.42, teor wrote: > Hi Matt, > >> On 30 Jul 2019, at 21:18, Matt Westfall wrote: >> >> You're right, it went offline for around 2 days due to a power outage and a >> Bios error that needed continue pressed. >> >> That's what the stable flag is for, lol. >> >> I lost guard probability for 2 more weeks. >> >> If a relay has been up connected and stable for more than 2 weeks, it gets >> the -stable- flag so it's leaned on more. >> >> That doesn't really affect the underlying issue of tor nodes with TONS of >> bandwidth not being utilized a little more. >> >> But I'm happy to donate whatever the tor protocol decides it wants to use :( > > Comcast typically has poor peering to Europe and some other top-tier networks. > We've investigated these issues in the past: search the list archives. > > So your relay's bandwidth to the rest of the tor network may be accurately > represented by its consensus weight. > > T > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] DoS attack on Tor exit relay
Reboot your connected device through hw Sent from ProtonMail mobile Original Message On 31 Jul 2019, 18.27, Larry Brandt wrote: > Yes, I have fail2ban installed but the attack is focused on my ORPort 9001. > Similarly, I have an external firewall but it permits 9001 port passage. > > Thanks for the thoughts, though, --potlatch > > On 7/31/2019 2:40 AM, TorGate wrote: > >> You can install failtoban, have you a extern firewall ? >> >> Am 31.07.2019 um 05:14 schrieb potlatch : >> >>> Hello Tor users, >>> Help me with a problem please. I have a small exit/backup & directory VPS >>> in Finland [1]. This last week the server (and Tor) have been overwhelmed >>> with non-Tor IP addresses. This may be a small version of a DoS attack. I >>> took the server down for a few days but when I restarted it the attack was >>> there before Tor users. Eventually, the load caused kernal crash. >>> I noticed this last week, that my Consensus Weight had dropped from 5500 to >>> 68. >>> Does anyone have an efficient way to defeat this ongoing attack? >>> --potlatch >>> >>> [1] 9B31F1F1C1554F9FFB3455911F82E818EF7C7883 TorExitFinland >>> >>> Sent with [ProtonMail](https://protonmail.com) Secure Email. >> >>> ___ >>> tor-relays mailing list >>> tor-relays@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > -- > 1. When a distinguished but elderly scientist states that something is > possible, he is almost certainly right. When he states that something is > impossible, he is very probably wrong. 2. The only way of discovering the > limits of the possible is to venture a little way past them into the > impossible. 3. Any sufficiently advanced technology is indistinguishable from > magic. - Arthur C. Clarke___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Cherryservers (formerly balticservers) account terminated for exit relay
The 2019 wiki has outdated keys! Sent from ProtonMail mobile Original Message On 31 Jul 2019, 12.30, gus wrote: > Hello Chris, > > Thanks for updating the relay community. Could you give trac > another chance and update the wiki page? > > thanks, > Gus > > On Tue, Jul 30, 2019 at 08:23:49PM -0500, con...@rockenhaus.com wrote: >> Actually, Server Room/Primcast will allow you to operate with an >> unrestricted exit policy if you use their Data Center in Romania of if you >> want to use a server in the NYC datacenter, you could use one of my IP >> ranges I have out there. >> >> --Conrad >> >> -Original Message- >> From: tor-relays On Behalf Of Neel >> Chauhan >> Sent: Tuesday, July 30, 2019 12:18 PM >> To: tor-relays@lists.torproject.org >> Subject: Re: [tor-relays] Cherryservers (formerly balticservers) account >> terminated for exit relay >> >> If you want an alternative exit relay host (other than the common ones like >> OVH, Scaleway, or Hetzner), one option is Server Room/Primcast (same >> company). I use Primcast for a 300 Mbps FreeBSD exit and have been happy >> with them. >> >> Server Room/Primcast is not the "best" provider, but they are good enough >> for the purpose of an exit and being less popular (as of now) helps with >> relay diversity. >> >> However, you will need a reduced exit policy with SR/Primcast. I have a >> **very** restrictive exit policy only allowing Ports 53, 80, 443, and >> 8080 (so I get less complaints). If you want a custom OS, you will need iLO >> (HP/HPE's remote management, Primcast uses HP/HPE servers). An older server >> (pre-2011) may mean you'll need Windows and Internet Explorer (NOT MS Edge) >> to use the console, while a newer server will work with >> HTML5 on Windows/Mac/Linux/BSD/etc. >> >> -Neel >> >> === >> >> https://www.neelc.org/ >> >> On 2019-07-30 02:15, Chris Kerr wrote: >> > I just heard from the hosting provider cherryservers.com that they are >> > terminating my account (after 2.5 years) where I run the exit relay >> > "ostwaldripening" (46.166.162.53), because they no longer wish to host >> > tor >> > exit nodes. >> > >> > I tried to create an account on trac.torproject.org to edit the >> > "GoodBadISPs" >> > wiki page, but the spam blocking stopped me from doing so. >> > ___ >> > tor-relays mailing list >> > tor-relays@lists.torproject.org >> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Question about Bridges Bandwidth Authority
We should start making the OS available for small units like Raspberry PI, and do not concentrate on large installations. Newer smartphones should also be able to be used as relays, with unlimited data and with 4G (soon 5G) up to 20 Mb download and 5 Mb downloads at the moment, where we can put the TAILS OS or Tor Browsers Bundles with orbot features, which manually should be connected to public Tor Relays. Many small units are many untraceable units, large installations are easily compromised and indeed very traceable, where their locations also are known! Regards David Sent with ProtonMail Secure Email. ‐‐‐ Original Message ‐‐‐ On Saturday, July 27, 2019 12:12 PM, s7r wrote: > Hello again, > > Getting back to this post with an update, see inline: > > s7r wrote: > > > Hello, > > I'd like to know more details about how exactly the bridge bandwidth > > authority works, and if we use the "weight" of each bridge for anything. > > For example, I have setup 5 obfs4 bridges, with the exact very same > > hardware resources and all on the same network speed of course. > > One of them gets used by clients (say 20-50 unique clients every 6 hours > > or so) while the rest of 4 are not used at all. This usage is not a > > concern for me, as its known bridges take time until they get used, > > depending on which bucket they have been assigned and etc. So I assume > > it's OK at this particular point in their lifetime to be unused by any > > client. > > But what I am curious about is, when I search them on RelaySearch, the > > used one has a measured bandwidth of over 2 MiB/s (and has the fast > > flag) while other 3 unused ones have bandwidths of between 50 and 60 > > KiB/s (these also have the fast flag) and there is one last one which is > > also not used and has a bandwidth of less than 10 KiB/s that does not > > have the fast flag. (Fast flag missing is also not my problem, I am just > > mentioning it as a side detail). > > Now I know for sure those values are not at all in according to the real > > environment. Each bridge should be at least capable of 3 MiB/s even if > > all 5 are used at the same time at their full speeds. Actually I have > > simulated this, it's not just theoretical. > > Is there anything related to usage, so that the bridge bandwidth > > authority only measures the used bridges? What could have cause such big > > discrepancy in my particular case, any ideas? > > It could be something about this. > Another bridge just started to get fair usage (say 60 - 80 unique > clients every 6 hour or so) and it got measured from slightly over 50 > KiB/s to ~4 MiB/s which is actually closer to the reality. > > The rest of unused bridges by clients still are reported as ~50 KiB/s > which is very low. > > > Also, do we use the weight of each bridge in order to determine how much > > % probability it has to be served to a request in the bucket that is > > part of, or we don't use bridge weights for anything at all? > > Thanks! > > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
