[tor-relays] Looking for a 34C3 Voucher

[Paul]

Anybody holding a Voucher for 34C3 in Leipzig at the end of December?

https://tickets.events.ccc.de/34c3/docs/?

While still running several Exits I would be more than happy to meet others 
there

Thanks, Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Disable CellStatistics to reduce RAM usage

[Paul]

Thank you nusenu - I changed that on all my small FreeBSD-Exits - lets see how 
it improves...

Paul


Am 08.02.2018 um 00:45 schrieb nusenu:
> 
> 
> teor:
>> Hi,
>>
>> If your relay is using too much RAM, please disable CellStatistics.
>> (It's not on by default.)
> 
> In January 2018 203 relays had it enabled at one point, if you want to reach 
> out to them directly
> find their contactInfo bellow.
> 
> 
> 
> 
> | Felix  
>   
>   |
> | Rotate-13 gbeznf...@ubehf-vg.qr 
>   
>   |
> | Nicholas Merrill  14wntQ8cBdnhUVfYmDjXz6PbpSSX8nCtkr 
>   
>   |
> | tor-relay-admin robgjansen com | https://onioncount.github.io/  
>   
>   |
> | Nym  1JH2RueDoXvEaNEdQKByW3mj1C3HquWjcw   
>   
>   |
> | Justin Lower 
>   
>   |
> |  please donate BTC 
> 1K38x9xqK3YDzjehYFAEPzsESEC4ScH5wJ
> |
> | watchme 
>   
>   |
> | tor-relay.fastquake@com (swap characters)   
>   
>   |
> | Admin   
>   
>   |
> | Hans Wurscht [tor?x2a?ch]   
>   
>   |
> | tho...@nybergh.net  
>   
>   |
> | Sebastian  - 12NbRAjAG5U3LLWETSF7fSTcdaz32Mu5CN 
>   
>|
> | Host:tutanota.comUser:andrewrobbins 
>   
>   |
> | MyTorGuy at hotmail dot com 
>   
>   |
> | Tor Hostmaster   
>   
>   |
> | 0xFEF78709 Mark Lopez 
>   
>   |
> | 2048R/B8B5E809 Krishna E. Bera   
>   
>   |
> | Riseup Networks  - 
> 1nNzekuHGGzBYRzyjfjFEfeisNvxkn4RT 
>  |
> | Bauruine  - 1CVkdZfRGWXETqVu8ctEKKMPC8Xj2Xnqcp
>   
>   |
> | Itzhak Daniel 
>   
>   |
> | Tor Project   
>   
>|
> | pap1w+tor AT mailbox dot org
>   
>   |
> | Node Operator 
>   
>   |
> | https://onioncount.github.io/ | https://onionpop.github.io/ | gmail is 
> teor2345 | http://tor-relays.net | PGP C855 6CED 5D90 A0C5 29F6 4D43 450C 
> BA7F 968F 094B |
> | dhalgren@gmail.com  
>   
>   |
> | relay-opera...@riseup.net   
>   
>   |
> | Nicholas Merrill  BTC - 
> 1

[tor-relays] Exits lost their function

[Paul]

What could bring several exits at different providers and different operating 
systems (Linux and FreeBSD) down on the same day, Jan 21st?

Since, while they still run as relays, they don’t show as exits any more 
without any change from my side.

They do run on Tor 0.3.1.9 or 0.3.2.9 in the same Family.

Thanks 
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exits lost their function

[Paul]

Am 09.02.2018 um 19:28 schrieb niftybunny:
> reject 80
> 
> Thats why.


Was there a change of rules on that day?
Reject 80 was always the case in those settings.


> 
>> On 9. Feb 2018, at 19:25, nusenu  wrote:
>>
>>
>>
>> Paul:
>>> What could bring several exits at different providers and different 
>>> operating systems (Linux and FreeBSD) down on the same day, Jan 21st?
>>>
>>> Since, while they still run as relays, they don’t show as exits any more 
>>> without any change from my side.
>>>
>>> They do run on Tor 0.3.1.9 or 0.3.2.9 in the same Family.
>>
>> I'm not sure if you are referring to your relays or someone else's relays?
>>
>> I assume you talk about:
>> https://atlas.torproject.org/#search/contact:1K38x9xqK3YDzjehYFAEPzsESEC4ScH5wJ
>>  
>>
>> it is indeed interesting why some of them have no exit flag, example: 
>> https://atlas.torproject.org/#details/B27509F6D6233ACD2EAC8936D5FE7CBF009163BE
>>
>> @David: they don't have badexit flags
>>
>> 2018-01-21 appeas to have been an interesting day indeed
>> https://twitter.com/nusenu_/status/960176185954242560
>>
>> -- 
>> https://mastodon.social/@nusenu
>> twitter: @nusenu_
>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Exits lost their function

[Paul]

Am 09.02.2018 um 19:41 schrieb Roger Dingledine:
> On Fri, Feb 09, 2018 at 07:37:09PM +0100, niftybunny wrote:
>> Minimum is:
>>
>> accept *:53
>> accept *:80
>> accept *:443
> 
> (A) Correct, we recently changed it so both 80 and 443 are required:
> https://bugs.torproject.org/23637

> 
> --Roger

Thank you for that explanation - how long should it take to get the exit flag 
back when opening port 80 ?

Paul

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Relay stuck at Bootstrapped 0%

[Paul]

I am running two relays on debian (one on Raspian 9 and one on Debian 9)
and one of them for over three months now.

Some time ago the older one started to loop at startup.

I reinstalled tor and it worked for some time only to loop again.

The last notices entry looks like this "Feb 16 19:36:14.000 [notice]
Bootstrapped 0%: Starting" and the next is "Feb 16 19:42:08.000 [notice]
Tor 0.2.9.14 (git-a211f886ad759cab) opening log file." then it tells
about opening the listeners and parsing the GEOIP files, then my relay
identity and the bootstrapped 0% entry again (left some informational
entries out).

The debug log looks like it is getting descriptors and stuff correctly.

What could be the problem?

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relay stuck at Bootstrapped 0%

[Paul]

I am sorry for providing not enough info,

Both are no exits.

The error relay: A29D2A78A8A954819E220CEFBEBCE95D2FCFA54D
(https://metrics.torproject.org/rs.html#details/A29D2A78A8A954819E220CEFBEBCE95D2FCFA54D)

The other one: A0B4C435650B6D86D618EFD10EDED34FD2AFF562
(https://metrics.torproject.org/rs.html#details/A0B4C435650B6D86D618EFD10EDED34FD2AFF562)

here you can find my whole notices.log since the last reinstall:
https://pastebin.com/RLTp7ZqJ

The Problem usually occures when i restart the PI after beeing shut down
to long.

Tor is installed through the apt-get repository. I think it uses systemd

Am 17.02.2018 um 00:53 schrieb teor:
>
>> On 17 Feb 2018, at 10:44, Paul  wrote:
>>
>> I am running two relays on debian (one on Raspian 9 and one on Debian 9)
>> and one of them for over three months now.
> Are you running an exit?
>
> Please link to your relays on Relay Search.
>
>> Some time ago the older one started to loop at startup.
>>
>> I reinstalled tor and it worked for some time only to loop again.
>>
>> The last notices entry looks like this "Feb 16 19:36:14.000 [notice]
>> Bootstrapped 0%: Starting" and the next is "Feb 16 19:42:08.000 [notice]
>> Tor 0.2.9.14 (git-a211f886ad759cab) opening log file." then it tells
>> about opening the listeners and parsing the GEOIP files, then my relay
>> identity and the bootstrapped 0% entry again (left some informational
>> entries out).
> What is the log entry right before the relay restarts?
>
> Please don't leave out log entries.
> When you do, we have to guess what the missing log entries are.
>
> If you think the log is too long, put it in a pastebin that can be accessed
> using Tor Browser in high security mode.
>
>> The debug log looks like it is getting descriptors and stuff correctly.
>>
>> What could be the problem?
> Are you using systemd, or some other startup notification system?
> Your relay could be failing to notify systemd that it has started.
> And then systemd is restarting it.
>
> Are there limits on RAM, file descriptors, or disk usage on your system?
> Your relay could be exceeding some kind of OS limit, and being terminated.
> And then systemd is restarting it.
>
> I'd really need to see your logs to work out what's happening.
>
> T
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relay stuck at Bootstrapped 0%

[Paul]

A big Part from my systemd daemon.log which maybe already shows the issue.

https://pastebin.com/yS9ZAwH4

Thanks for your fast responses btw.
Am 17.02.2018 um 01:53 schrieb teor:
>
> On 17 Feb 2018, at 11:41, Paul  <mailto:p...@roteserver.de>> wrote:
>
>> …
>>
>> Both are no exits.
>>
>> The error relay: A29D2A78A8A954819E220CEFBEBCE95D2FCFA54D
>> (https://metrics.torproject.org/rs.html#details/A29D2A78A8A954819E220CEFBEBCE95D2FCFA54D)
>>
>> The other one: A0B4C435650B6D86D618EFD10EDED34FD2AFF562
>> (https://metrics.torproject.org/rs.html#details/A0B4C435650B6D86D618EFD10EDED34FD2AFF562)
>>
>> here you can find my whole notices.log since the last reinstall:
>> https://pastebin.com/RLTp7ZqJ
>>
>> The Problem usually occures when i restart the PI after beeing shut down
>> to long.
>
> It is harder for tor to bootstrap when it is reinstalled, or when it
> has been
> off for a while, because it needs to download more data.
>
>> Tor is installed through the apt-get repository. I think it uses systemd
>>>>
>>>> ...
>>>>
>>>> What could be the problem?
>>> Are you using systemd, or some other startup notification system?
>>> Your relay could be failing to notify systemd that it has started.
>>> And then systemd is restarting it.
>
> It looks like Tor never bootstraps, so systemd restarts it.
> You can confirm by checking your systemd logs.
>
> Is your network connection fast and reliable enough?
>
> Tor needs a lot of connections.
> Does your pi support 6000 simultaneous connections?
> Does your router support 12,000 simultaneous connections?
> Most home routers don't.
>
>>> I'd really need to see your logs to work out what's happening.
>
> I need to see what happens between log lines like this:
>
> Feb 16 23:37:49.000 [notice] Bootstrapped 0%: Starting
> Feb 16 23:43:45.000 [notice] Tor 0.2.9.14 (git-a211f886ad759cab)
> opening log file.
>
> T
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relay stuck at Bootstrapped 0%

[Paul]

I moved the older keys to my working delay and had to generate new one
in the faulty one.

Here you can find my info.log file i did not have one beforehand, so i
can not compare it. However it seems like the relay is working now.

https://pastebin.com/iC5Rutq8

Could it be working now because there is minimized load due to the new keys?

What should i do to reduce the load? Decrease max bandwith or can i
somehow decrease max connections?


Am 17.02.2018 um 03:03 schrieb teor:
> Hi,
>
> On 17 Feb 2018, at 12:26, Paul  <mailto:p...@roteserver.de>> wrote:
>
>> A big Part from my systemd daemon.log which maybe already shows the
>> issue.
>>
>> https://pastebin.com/yS9ZAwH4
>>
> This is what is happening:
>
>>> Tor never bootstraps, so systemd restarts it.
>>> You can confirm by checking your systemd logs.
>
> Please check your network connection:
>
>>> Is your network connection fast and reliable enough?
>>>
>>> Tor needs a lot of connections.
>>> Does your pi support 6000 simultaneous connections?
>>> Does your router support 12,000 simultaneous connections?
>>> Most home routers don't.
>
>>>>> I'd really need to see your logs to work out what's happening.
>>>
>>> I need to see what happens between log lines like this:
>>>
>>> Feb 16 23:37:49.000 [notice] Bootstrapped 0%: Starting
>>> Feb 16 23:43:45.000 [notice] Tor 0.2.9.14 (git-a211f886ad759cab)
>>> opening log file.
>
> I still need to see copies of the info-level logs between these lines.
>
> T
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] FreeBSD 11.1 ZFS Tor Image

[Paul]

> Yes, of course. However, you refer to the lack of diversity in operating
> systems, but monocultures in providers/ASNs is another danger we should
> be conscious of.
> 
>>
>>>
>>> https://torbsd.org/oostats/relays-bw-by-asn.txt

These calculation don’t show the situation as it currently really is - 
unfortunately:

About 32 out of these https://metrics.torproject.org/rs.html#search/nifty 
relays seem not to get counted in ASN nor in cw-fraction (probably because as 
in this example 
https://metrics.torproject.org/rs.html#details/609E598FB6A00BCF7872906B602B705B64541C50
  AS Name and AS Number are unknown).

But they are about 15% of total Exit 
https://github.com/nusenu/OrNetStats/blob/master/allexitfamilies.md - that 
seems kind of monocultures?

Paul


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ansible-relayor, how to ?

[Paul]

Am 25.02.2017 um 09:34 schrieb nusenu:
> 
> https://medium.com/@nusenu/deploying-tor-relays-with-ansible-6612593fa34d
> 

I like to use ansible as well - one question:

~/ansible/hosts:

[relays]
relay1.example.com
relay2.example.com

Do/can I place the IP address of my servers there or do only domain names work? 

Thanks 
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] lets stop using central big DNS resolvers (Google, Level3, OpenDNS, Quad9, Cloudflare)

[Paul]

Am 11.05.2018 um 00:16 schrieb nusenu:
> Dear Exit Relay Operators,
> 
> I'd like to invite you to check your exit's DNS resolver by 
> having a look at the following list of exits using resolvers
> outside their AS (especially if it is Google, OpenDNS, Quad9 or Cloudflare).
> 
> You can search the list for you contactinfo, relay nickname or relay 
> fingerprint (first 8 characters):
> 
> https://gist.github.com/nusenu/cb766ff7945fafd9f90ee7f211a2508f#file-tor-dns-april-2018-txt
> 
> 
> I extended the "DNS on Exit Relays" section in the Tor Relay Guide
> to include specific instructions what is recommended for Tor exit operators 
> with 
> regards to DNS on exit relays.
> 
> https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#DNSonExitRelays
> 
> If you found yourself on the list above and changed your DNS to a local (same 
> host or same AS)
> resolver or found a false-positive, please drop me an email (off-list is also 
> ok).
> 
> 
> The goal is to be bellow the following thresholds within one year:
> - not have any single remoteAS entity control more than 10% exit capacity
> - reduce the overall remoteAS share to bellow 20% exit capacity
> 
> the longer version of this can be found at:
> https://medium.com/@nusenu/who-controls-tors-dns-traffic-a74a7632e8ca
> 
> thanks for helping with DNS decentralization on the tor network,
> nusenu

Thank you for giving another helpful push on that nusenu !!

I changed my Linux exits. 
Unfortunately the /etc/resolv.conf gets overwritten on reboot. On Linux I 
solved that with editing /etc/resolvconf/resolv.conf.d/base. In that file, i 
put in the info as i would in resolv.conf.

nameserver 127.0.0.1

Then i told resolvconf to regenerate resolv.conf

sudo resolvconf -u



How do i protect against overwriting best in FreeBSD (maybe there could be a 
hint on 
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#DNSonExitRelays ) 
as well?

Where can I find an Update of 
https://gist.github.com/nusenu/cb766ff7945fafd9f90ee7f211a2508f#file-tor-dns-april-2018-txt
 ?

How can one find out which DNS resolver an exit uses?

Thanks
Paul 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] VPNGate Project Exit Node Volunteers / I2P

[Paul]

grarpamp:

> For those relay operators who may have extra
> non tor listed IP addresses and want to help
> a related projects / userbase.
> 
> https://geti2p.net/
> 
> I2P also has an exit proxy function.
> 

Why is it important to have a "non tor Listed IP" ?

Cant one just run I2P and a tor relay on the same IP?

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] DSL interruption

[Paul]

  ^r
  |rt rt
  |rt rt
  | rt rt rt
  |  rt rt rt rt
  |  rt rt rt rt
  |   rt rt rt rt rt
  |rt rt rt rt rt rt
  |rt rt rt rt rt rt rt 
  |rt rt rt rt rt rt rt 
 -+---> 
  |  12 13 14 15 16 17 18 19 20 21 22 23 00 01 02 03 04 05 06 07 08 09 10 11

 h  rx (MiB)   tx (MiB)  h  rx (MiB)   tx (MiB)  h  rx (MiB)   tx (MiB) 
12  11.14  14.7620 666.90 679.4804  11.68  15.05
13  98.65 102.7721  27.54  29.0105  22.50  22.41
14 961.83 954.3322  49.58  51.9706  14.50  17.09
151028.291021.8023  50.87  51.4707  11.75  15.13
161529.161520.7300  28.72  29.6808  10.71  13.05
171779.501768.4501  16.91  19.6209  32.82  14.84
182477.602456.0102  10.76  14.9310  13.86  15.48
192380.832358.0803  10.06  12.7011   1.57   2.32

From time to time I do get DSL interruptions which look like above on the 
traffic on one of my smaller relays.
This usually last until I restart the machine manually. Anybody having a good 
quick idea, script to solve this and restart automatically when DSL is up again?
Its on Raspian latest..

Thanks and regards

Paul 



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Relay operators meetup @ Onionspace, Berlin (in solidarity with Torservers)

[Paul]

I was testing FreeBSD 
https://download.freebsd.org/ftp/releases/ISO-IMAGES/11.2/FreeBSD-11.2-RELEASE-arm-armv6-RPI2.img.xz
 a couple of days ago on a Raspberry2.

It started a few times, but then out of the blue it came up with a freezing 
problem as described here:  
https://forums.freebsd.org/threads/freebsd-11-1-on-raspberry-pi-2b-hangs-after-random-unblocking-device.63521/

I couldn't solve that either an gave up for the time being with FreeBSD on 
Rasp2, but would give another try if somebody here has a solution.

Paul


Am 26.07.2018 um 10:06 schrieb nusenu:
> 
> 
> C. L. Martinez:
>> On Wed, Jul 25, 2018 at 05:37:00PM +, nusenu wrote:
>>>> The person also asked if it's possible to run FreeBSD/OpenBSD in
>>>> a embedded SoC (like Raspberry, or BeagleBone) - yes! it is
>>>> possible, and some people do it :)
>>>
>>> OpenBSD is probably not the best choice if you are trying to
>>> increase bandwidth usage
>>>
>>>
>> Sorry nusenu... But why OpenBSD is not the best choice? OpenBSD for
>> network oriented tasks is one of the best options IMO ... FreeBSD
>> also, but for firewalls, for example, is superior ...
> 
> OpenBSD is perfectly fine, just not if you are currently running Linux 
> + FreeBSD boxes and aiming to increase bandwidth usage. 
> OpenBSD is optimized for security - not performance.
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Nyx 2.0.4-4 on armhf - Python3 error

[Paul]

I try to run Nyx on  Linux 4.9.80-Re4son-v7+ #1 SMP Thu Apr 26 17:45:16 CDT 
2018 armv7l getting following after start:


Traceback (most recent call last):
  File "/usr/bin/nyx", line 11, in 
load_entry_point('nyx==2.0.4', 'console_scripts', 'nyx')()
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 476, in 
load_entry_point
return get_distribution(dist).load_entry_point(group, name)
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2700, 
in load_entry_point
return ep.load()
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2318, 
in load
return self.resolve()
  File "/usr/lib/python3/dist-packages/pkg_resources/__init__.py", line 2324, 
in resolve
module = __import__(self.module_name, fromlist=['__name__'], level=0)
  File "/usr/lib/python3/dist-packages/nyx/__init__.py", line 46, in 
import distutils.spawn
ModuleNotFoundError: No module named 'distutils.spawn'


Could somebody show me a way to solve this and get Nyx running?

Thanks  Paul




signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Congrats to Nullvoid

[Paul]

For me running several FreeBSD relays this is a great hint!

Maybe it will find its way to
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/FreeBSD


> Not a problem with FreeBSD.
> 
> Switch over to https and latest...
> 
> /etc/pkg/FreeBSD.conf:
> 
>   url: "pkg+https://pkg.FreeBSD.org/${ABI}/latest";,
> 
> and run 'pkg upgrade' .
> 

Could you please explain a bit more on this - what exactly to do ?

> If it's a shared box, you probably also want
> devcpu-data,  and optionally cpupdate.

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Suspension of service (ISP Scaleway / tor exit)

[Paul]

I made the same experience as you several times in the last few weeks with 
Scaleway.

Usually you have 48 hours to respond - that's at least what they tell you 
somewhere on their pages.

My impression is that you can place anything you want in your answer - 
important is your answer within time.

If it happens to often within a short period they seem to get nervous and want 
to get rid of you (to protect their reputation as they say)

Next time they shut my relay forever they promised :-)

I would doubt that they know anything about tor, or do not care?

Paul

p.s. bad that they offer uncomparable speed/price relation


Am 04.09.2018 um 22:27 schrieb Olaf Grimm:
> Dear readers,
> 
> some days ago I change my relay to an exit relay with a very strict
> policy. Today came the suspension message into my regular mail account.
> After login into the Scaleway account I saw that the time between the
> abuse log message and the deactivation of my exit relay were 6 hours
> only. At these time I was at work! I was not able to react of the
> message, neither I knew it.
> 
> The "abuse message" was a raw firewall log, without spaces hard to read.
> I'm not a professional, so I could read only "SYNFLOOD src IP  dest
> IP ". That's all.
> After I learnt what this is, I responded to the provider that good
> providers realize own DDOS protection in the network and protect
> customers too. Why log the provider bad outgoing traffic and ignore bad
> incoming traffic? They don't know the source of the bad traffic, but
> have the customer to beat someone!
> The answer field for the reply were some lines only. Without comment
> from the ISP the ticket was closed and the VPS locked yet.
> I try to delete the old instance and build a new one. If the same occur
> I leave Scaleway (and give info about that again).
> 
> Now I recommend to set the ISP Scaleway (in France) of the list of bad
> providers.
> 
> Scaleway message:
> 
> Hello,
> 
> We have tried to contact you about an abuse report concerning one of your 
> server. Unfortunately at this time you did not reply to this report. As 
> stated in our terms of service, we have suspended your account.
> 
> Sincerly,
> Scaleway
> 
> End message
> 
> 
> To avoid a big shitstorm: I know what I do and it is not my first and only 
> exit. Scaleway was the first trouble and in such a way, that I must leave a 
> comment.
> 
> To the tor website editors:
> It is possible to include a basic abuse protection chapter in the tor 
> documentation (config guide)? I've found some iptable rules, but I use the 
> user-friedly "ufw", the overlay to iptables.
> It would be fine if some good guys could help with an easy configuration 
> guide in the config chapter for tor relays.
> 
> Have a good time. I feel me better.
> 
> Olaf
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Torservers relay family decreased?

[Paul]

Hello Tobias,

i am glad that somebody else got notice and i agree, suspecting
something nasty (or highly unusual) is going on. There was a discussion
about that in Berlin in July already
https://trac.torproject.org/projects/tor/wiki/org/meetings/BerlinRelayOperatorsMeetupJul18
but no public follow-up since then.

There seems to be a private person who is holding this family
https://metrics.torproject.org/rs.html#search/family:1084200B44021D308EA4253F256794671B1D099A
and ran between 10-15% exit probability in the last six months - which i
personally judge as far too high for a single person, or even an entity.
More information you can find here:https://apility.io/search/185.220.101.20

The person got invited to the second meeting in Berlin, but didn't show
up to explain.

Die Zeit bringt Rat. Erwartet's in Geduld!
-- Schiller

Regards
Paul


Tobias Westerhever:
> Hello,
> 
> recently, I noticed some strange aspects related to networks
> of Torservers/Zwiebelfreunde. Since there was no way to get any
> further information on this topic so far, I am posting it here.
> Maybe someone can help.
> 
> (a) Torservers relay family decreased?
> The organisation used to maintain much more relays than their
> family [1] currently contains. At the moment, only four relays
> located in NL belong to them, while the Metrics page indicates
> some orphaned family members.
> 
> This coincidences with [2], but I am unaware of any announcements
> of Torservers/Zwiebelfreunde itself (i.e. tight financial
> situation). Does anybody have further details here?
> 
> (b) Who is the operator behind family 
> B771AA877687F88E6F1CA5354756DF6C8A7B6B24 ?
> There are some /24 IPv4 BGP allocations claiming to belong to the
> umbrella organisation "Zwiebelfreunde e.V.", which operate(d|s)
> the relay family mentioned above.
> 
> I will ask further questions about this in (c) .
> 
> However, there is a _huge_ relay family (27 members, with a
> total bandwith of ~ 1,245 MB) located in 185.220.101.0/24 ,
> which uses Zwiebelfreunde as a contact role and has not been
> changed since 2017-09-08.
> 
> The relays itself, however, all use 
> as contact address (which does not seem to be related to
> Zwiebelfreunde at all) and use a description beginning with
> "nifty".
> 
> Since most of them have both Guard and Exit flag assigned, I
> figure they are handling a huge consensus weight. Does anybody
> know the person/organisation behind them? Are they related to
> Zwiebelfreunde/Torservers? What is the physical location of the
> servers (BGP claims DE, but upstream AS200052 uses UK)?
> 
> (c) Strange BGP allocations using Zwiebelfreunde as contact role
> At the moment, 9 IPv4 BGP prefixes with a length of /24 are
> known to use a contact role pointing to Zwiebelfreunde [4] .
> 
> These are as follows:
> - 37.218.246.0/24 (Upstream AS47172 "Greenhost", claims EU, but is likely 
> NL, 0 Tor relays found)
> - 193.235.207.0/24(Upstream AS196689 "Digicube", claims EU, but is likely 
> FR, 0 Tor relays found)
> - 192.36.61.0/24  (Upstream AS60781 "Leaseweb", claims EU, but is likely 
> NL, 0 Tor relays found)
> - 192.36.41.0/24  (Upstream AS34305 "BaseIP", claims EU, but is likely 
> NL, 0 Tor relays found)
> - 192.36.27.0/24  (Upstream AS60729 "Zwiebelfreunde" !, claims EU, 
> physical location unknown, 0 Tor relays found)
> - 185.220.102.0/24(Upstream AS60729 "Zwiebelfreunde" !, claims EU, 
> physical location unknown, 0 Tor relays found)
> - 185.220.101.0/24(Upstream AS200052 "Joshua Peter McQuistan", claims DE, 
> physical location unknown, 27 Tor relays found)
> 
> What puzzles me here is:
> 1. None of these networks has any Tor relays known (or Metrics
> does not show them), which is strange as Torservers/Zwiebelfreunde
> is more or less dedicated to operate relays.
> 
> 2. The appearing relays solely belong to the strange and huge
> family mentioned in (b) , which cannot be exactly pinpointed to
> be run by Torservers/Zwiebelfreunde.
> 
> 3. I suspected the mentioned IP ranges to be fakely allocated,
> but most of them were not changed for more than half a year. Further,
> I never observed any traffic from or to these networks. If anybody
> does, please drop me a line.
> 
> 4. All for relays which do belong to Torservers are located in
> AS43350 ("NForce Entertainment") and do not have their own IPv4
> prefix.
> 
> ***
> 
> As of these coincidences, and the observations mentioned in (a)
> and (b), I suspect something nasty (or highly unusual) is going on,
> but I have no clue what this might be.
> 
> It would be great if someone who is in Tor

Re: [tor-relays] Torservers relay family decreased?

[Paul]

Hello Tobias,

please stay - this list needs people like you and your curious questions!
I was away for a couple of days and feel ashamed that nobody came along to 
support you or stops this bunny.

I assume those Nifty rodents produce a lot of "Stop making shit up,  fucking 
disclaimer, complete bullshit, flying shit, claims shit,..." but must we all 
read this here?

10-15 percent of Tor reminds me very much on "too big to fail" and the behavior 
and rudeness in the mentioned mail is very similar to those former bank lords.

I personally don't like people showing such kind of attitude in our rows and i 
really hope there are more, who share my opinion.

No matter how big someone here is, or even the bigger he is, the more mindful 
and sensitive should he act and give example - never losing the higher goals 
out of sight,why we do this.

The given facts probably leave more questions then answers, but I hope some 
other fellows in here do have interest in them as well and start asking.

Paul



Am 10.09.2018 um 19:05 schrieb Tobias Westerhever:
> Hello *,
> 
> thanks for your replies.
> 
> Since this topic seems to be overheated by now, I
> decided not to ask any further questions. In my point
> of view, some of the confusion was caused due to poor
> documentation (as Moritz pointed out), some because of
> tools returning outdated information (HE BGP, for example)
> - or my own incompetence to interpret them.
> 
> However, for being new on this list, I did not expect
> to get answers as rude as nifty one's
> (<8d6b7146-f094-428f-97ed-f16219b5f...@to-surf-and-protect.net>).
> 
> I will stop using this mailing list.
> 
> Best,
> T. Westerhever
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 


0xC2CCD607C8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] IPv6 on DSL

[Paul]

Can Tor cope with a daily changing IPv6 Address?

If so, are there any additional inputs in torrc to be made as "ip addr|grep 
inet6|grep global" is not giving a fix value (global noprefixroute dynamic )


Thanks 


Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] More IPv6 questions

[Paul]

https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#Parttwo:technicalsetup

uses "ORPort [IPv6-address]:9001"  - so can i use the same port number for IPv4 
and IPv6?

If I run more than one instance on the same machine, can i use the same IPv6 
address like in the first instance - as i can do in IPv4? 

"ip addr|grep inet6|grep global" doesn't give an answer on every server - what 
to do instead please to fill the square brackets?

Thanks Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] IPv6 on DSL

[Paul]

Thank you for your hint Ralph - the domain could be spoofing :-), but yes you 
are right, its non exit traffic.

@nusenu: what whould be this list without you - thanks!! 

> 
> Based on your email domain and your question about a dynamic DSL link,
> I'm guessing you are considering running a Tor relay at home? As stated
> in https://www.torproject.org/docs/faq-abuse.html.en : "In general, it's
> advisable not to use your home internet connection to provide a Tor
> relay."
> 
> -Ralph
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] 35C3 Leipzig Voucher

[Paul]

Any kind person out there, that is willing to share its Voucher for a ticket to 
35C3 in Leipzig with me?

Thanks and regards

Paul

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DSL Router

[Paul]

Thanks for the answears too.

I am also looking for a affordable dsl router for my server (and tor relay).

You guys are shure it can handle dsl? I am unable to find any
specifications regarding that online. (maybe just to stupid).

Greetings Paul


Am 12.10.2018 um 21:17 schrieb onion:
>
> Thank you all so far, looks like Mikrotik is the name of the game -
> never heard about them :-(
>
> I used to try this
> https://en.avm.de/products/fritzbox/fritzbox-7590/technical-data/ one
> with 512MB RAM and it couldn't stand the number of connection you can
> get on a 40Mbit/s line for more than a day. So i wonder if anything
> with less or same amount of RAM will be able to - or is this the wrong
> question?
>
> "..after it's configured properly..." is that a difficult task and are
> there good manuals or other help for those routers as I am not
> familiar with networking?
>
>> s7r mailto:s...@sky-ip.org>> hat am 12. Oktober 2018
>> um 18:23 geschrieben:
>>
>>
>> Isaac Grover, Aileron I.T. wrote:
>>> Good morning, 
>>>
>>> Both "cheap" and "useful" for running Tor nodes at home won't be found
>>> in big box retail ever, so I would take a look at the Mikrotik RB750Gr3
>>>
>>>   * it will do exactly what you want after it's configured properly. I
>>>
>>>
>>> used to have an RB1200 and recently upgraded to a CCR1009, both from
>>> Mikrotik, and have found them to be quite capable under heavy load. 
>>>
>>> Make your day great,
>>> Isaac Grover, Senior I.T. Consultant
>>> Aileron I.T. - "Practical & Proactive I.T. Solutions"
>>>
>>> Office: 715-377-0440, Fax:715-690-1029, Web: www.aileronit.com
>>
>> I also recommend going with MikroTik. They handle quite impressive under
>> heavy load and the price:performance ratio is very good, as opposite to
>> other brands. MikroTik also runs RouterOS (on linux kernel) that comes
>> with a management tool with graphical interface and it has been heavily
>> improved.
>>
>>
>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org>
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] 35C3 Leipzig Voucher

[Paul]

Sorry, me again - any nice guy out there willing to share its Voucher for a 
ticket to 35C3 in Leipzig with me?

Thanks and regards

Paul


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] when do dead "Alleged Family Members" disappear?

[Paul]

same problem at my relay too. Seems like a bug to me...


Am 04.11.2018 um 19:12 schrieb Quake:
> I have the same issue. Opened a ticket:
> https://trac.torproject.org/projects/tor/ticket/28314
>
>
> On Sun, Nov 4, 2018 at 7:13 PM Tim Kuijsten  > wrote:
>
> On Sun, Nov 04, 2018 at 05:55:02PM +0100, niftybunny wrote:
> >you have removed it from your torrc under MyFamily ?
>
> Yes I did in the currently active relay. I don't think I had
> deleted it
> from MyFamily of the other relay before I shut it down though.
>
> -Tim
>
> >
> >> On 4. Nov 2018, at 17:52, Tim Kuijsten  > wrote:
> >>
> >> In the past I've shortly ran a relay that I have shut down
> because of performance issues[1]. But even after a month now it
> still appears as an "alleged family member" on the Tor metrics
> website with the relay that I'm still operating[2]. Since the peer
> is gone for over a month now and won't be coming back, I wonder
> when it stops appearing as an alleged family member on the metrics
> page? (it is also no longer listed as MyFamily).
> >>
> >> -Tim
> >>
> >> [1] 2C76951164C5184A3B8B7CC1914B34E4622B225F
> >> [2]
> 
> https://metrics.torproject.org/rs.html#details/B183A69592D2E8C8C487C054D0849E3C9561DC11
> >> ___
> >> tor-relays mailing list
> >> tor-relays@lists.torproject.org
> 
> >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
> >___
> >tor-relays mailing list
> >tor-relays@lists.torproject.org
> 
> >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Compatibility issue with OpenSSL 1.1.1a

[Paul]

I have run into this issue just now and iam curious if i can "just"
downgrade back or if there is any other way to workaround?

How does this affect my relay? Will it still be useable?

Thx

Am 28.11.2018 um 13:47 schrieb Nick Mathewson:
> Hi, folks!
>
> You should know that there is a compatibility issue between Tor and
> OpenSSL 1.1.1a, when TLS 1.3 is in use.  Only OpenSSL 1.1.1a is
> affected; other OpenSSL versions are not.  The effect here is that Tor
> relays using this version of OpenSSL will not be able to negotiate TLS
> 1.3 connections with one another.
>
> This is caused by a regression in OpenSSL 1.1.1a's implementation of
> tls13_hkdf_expand() function.  For more information, see
> https://trac.torproject.org/projects/tor/ticket/28616
>
> We're looking into possible mitigations.
>
> best wishes,
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Compatibility issue with OpenSSL 1.1.1a

[Paul]

Thank you for the anwer, but i am unable to find precompiled packages
for 1.1.1 for debian.

I am currently using buster and i could downgrade to 1.1.0j from stretch
security.

Can someone help me?

Am 03.12.2018 um 02:09 schrieb Nick Mathewson:
> On Sat, Dec 1, 2018 at 8:40 PM Paul  wrote:
>> I have run into this issue just now and iam curious if i can "just"
>> downgrade back or if there is any other way to workaround?
>>
> I think that it's okay to downgrade to 1.1.1 for Tor's purposes: the
> two security vulnerabilities fixed in 1.1.1a are about DSA and ECDSA,
> which Tor doesn't use.  Also, you could use 1.1.0j if you prefer
> something patched.
>
>> How does this affect my relay? Will it still be useable?
> It will be usable by anybody connecting to it with TLS up to 1.2, and
> by clients using TLS 1.3.  Connections between your relay and other
> relays will fail if you are both upgraded to TLS 1.3.
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Compatibility issue with OpenSSL 1.1.1a

[Paul]

downgrading the libssl1.1 destroys some of my packages like apache2 and
also hinders nyx from starting (ImportError:
/usr/lib/x86_64-linux-gnu/libssl.so.1.1: version `OPENSSL_1_1_1' not
found (required by
/usr/lib/python3.6/lib-dynload/_ssl.cpython-36m-x86_64-linux-gnu.so))

I will not be able to downgrade, so we need a fix soon please

Am 06.12.2018 um 10:32 schrieb Emilian Ursu:
> Add "deb http://security.debian.org/ stretch/updates main"
> to /etc/apt/sources.list.d/stretch.list
> apt-get update
> apt-get -t stretch install openssl
> remove /etc/apt/sources.list.d/stretch.list
>
> On Mon, Dec 03, 2018 at 07:31:55PM +0100, Paul wrote:
>> Thank you for the anwer, but i am unable to find precompiled packages
>> for 1.1.1 for debian.
>>
>> I am currently using buster and i could downgrade to 1.1.0j from stretch
>> security.
>>
>> Can someone help me?
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New exit relay help

[Paul]

dont forget to reload / restart the service. this can also be done out
of the nyx control software by pressing x two times.

The DirFrontpage will be accessable on the dirport and u will have to
add some kind of redirect to make it reachable when httping just the ip
of the relay. a simple HaProxy or Apache2 with a redirect should be enough.

Am 27.12.18 um 22:12 schrieb dns1...@riseup.net:
> Hi,
>
> I need to install some additional software, to make the "DirFrontPage"
> work?
>
> I loaded an html file on my tor directory, uncommented the diretive
> "DirFrontPage /path/html-file", but It doesn't works and I don't see
> anything related to it in the log notice file. What I am doin wrong? I
> don't know how to solve the problem, can you help me please?
>
>
> best regards
>
> Gigi
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] 35C3 Tor Relay Operators Meetup

[Paul]

Would be great to have a follow up for all those of us who couldn't attend for 
various reasons?

Paul


Am 26.12.18 um 21:36 schrieb Alexander Dietrich:
> Another update: we have moved the meetup to 2018-12-28 (Day 2), 12:00:
> https://events.ccc.de/congress/2018/wiki/index.php/Session:Tor_relay_operators_meetup
> 
> Kind regards,
> Alexander
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] mailing list tone

[Paul]

Thank you!

Am 05.04.2019 um 19:08 schrieb George:
> The mailing list is specifically for Tor relay operators and related
> issues.  There's no space for personal attacks.
>
> Such attacks debase the main purpose of this mailing list, and set a
> negative tone for everyone, including those who are just watching the
> attacks.
>
> Additionally, condescending remarks like:
>
>>> No one else cares about you and your confused lackeys attempts to
>>> be big-boy tor relay operators.
> ...have no place here. Such remarks can discourage newcomers who are still
> learning, especially those who are not men. It reinforces the outdated
> idea that the relay operator community is a boys' club for the properly
> initiated.
>
> Let's respectfully help people who are still learning, and let's also be
> respectful about giving constructive feedback when people behave in ways
> we might not like.
>
> We want a mailing list environment that is conducive to both new and
> experienced relay operators to engage in fruitful discussions. We ask
> that you follow those guidelines, or leave.
>
> George
> for the Tor Community Council
>
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] relay unresponsive - relay resumed - stable-flag

[Paul]

I had my realy up on a rpi too for some time. Those errors came from the
limited resources of the time.

As i moved to a proper server they disapered.

Maybe it is the same with your relay too.

Am 20.04.2019 um 21:34 schrieb digitalist00:
> Hello!
> Maybe this is the cause why I've lost my stable-flag. Does anybody
> know how to fix this.
> The relay runs on a Raspberry. Need any further information?
> Yours
> digitalist
> Unbenannt.JPG
>
>
> Sent with ProtonMail  Secure Email.
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] exit operators: overall DNS failure rate above 5% - please check your DNS resolver

[Paul]

Am 28.06.19 um 22:16 schrieb nusenu:
> Dear Exit relay operators,
>
> first of all thanks for running exit relays!
>
> One of the crucial service that you provide in addition to forwarding
> TCP streams is DNS resolution for tor clients.
> Exit relays which fail to resolve hostnames
> are barely useful for tor clients.
>
> We noticed that lately the failure rates did increase significantly
> due to some major exit operators apparently having DNS issues and we would 
> like
> to urge you to visit Arthur's "Tor Exit DNS Timeouts"
> page that shows you the DNS error rate for exit relays:
>
> https://arthuredelstein.net/exits/
> (the page is usually updated once a day)
>
> Please consider checking your DNS if your exit relay consistently shows a non 
> zero
> timeout rate - and make sure you run an up to date tor version.
>
> If you are an exit operator but have no (or no working) ContactInfo, please 
> consider
> updating that field in your torrc so we can reach you if something is wrong
> with your relay.
>
> kind regards
> nusenu
>

Dear nusenu,

thank you for your work and reminding.

Apparently the same recommended setup and version produces a high failure rate 
in one relay while having no issue with another at the same AS.

Even within the same relay but different instances you can experience a failure 
rate that is double the one in the other instance.

Any idea why this is the case?

Kind regards

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] I am looking for a 36C3 ticket in Leipzig?

[Paul]

Make my X-mass :-)

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ExitPolicy reject 184.107.0.0/16* funio.com

[Paul]

You wont change the world by being everybody's darling

Paul


Am 28. Oktober 2016 17:27:01 MESZ, schrieb Geoff Down :
>You are unlikely to make any friends at the host or tsrget site by
>publishing the attack logs.
>Just sayin'.
>
>GD
>
>On Fri, Oct 28, 2016, at 04:57 AM, Markus Koch wrote:
>> Getting abuse mass mails on nearly all exist in the last hours:
>>
>
>-- 
>http://www.fastmail.com - Email service worth paying for. Try it for
>free
>
>
>
>
>
>___
>tor-relays mailing list
>tor-relays@lists.torproject.org
>https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

-- 
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] e@torworld tor relays: please specify 'MyFamily' in your torrc

[Paul]

I recently got this answer from "torworld.org" -see below.

They told me that a relay 
https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A6788321 
with contact "e @torworld" is not operated by them.

As nusenu showed at the end of the message some days ago somebody with a 
similar contact address was running 5 at the time, currently 6 relays.

Some questions I like to ask:

Why is somebody running relays with the contact domain of another party?

Is there a way that mails ever reach e...@torworld.org?

Why not giving a correct MyFamily set-up when running 6 relays?

5 of 6 relays have a Guard status - let me remind on a recent discussion "How 
can we trust the guards?" ?

Regards Paul



 Weitergeleitete Nachricht 
Return-Path:

Subject:Re: [tor-relays] 'MyFamily'  torworld.org
To: pa011 
From:   Abuse TorWorld 
Date:   Thu, 12 Jan 2017 10:54:58 -0800



Hello,

This Exit node is not affiliated with us.

"https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A6788321";

All the nodes we'll operate will have this "abuse [AT] torworld.org - BTC 
17iwdtpmgHdPt15twdT2sUcdeKgz9PTNMQ" In their contact info area, and when the 
website is back up. You can check to see a list of current Tor nodes we operate 
etc.

As for the MyFamily for the Guard/Middle nodes; Lunar operates/runs those.
So you'll have to get in contact with him if you want to talk about his 
MyFamily setup.


Take care,



On 1/10/2017 1:16 PM, pa011 wrote:
>
> Am 10.01.2017 um 21:01 schrieb nusenu:
>>
>> pa011:
>>> Could you explain please why names like torworld.org, torservers.net,
>>> online de, etc. are not aggregated in one position on
>>> https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operators.txt
>>
>> https://github.com/ornetstats/stats writes:
>>> Relays are aggregated based on effective families.
>> So they are not setting MyFamily properly or someone else is using their
>> contactInfo.
>>
>> Maybe I should rename the files to main_..._families.txt
> Better would be a warning:  Family currently worth nothing !!
>
>
> torservers.net: 
> https://atlas.torproject.org/#details/ABF7FBF389C9A747938B639B20E80620B460B2A9
>  -> no one of the given family is blue, so yes the family seems wrong
>
>
> zwiebeln online de: 
> https://atlas.torproject.org/#details/0E2773CF5609FD7FA52837E53DF4B0D47F0D15B7
>  -> all the family members are blue, counting 27 , which is slightly more 
> than your 2 lines added together this morning
>
>
> torworld.org : 
> https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A6788321
>  -> currently 12 big Exits - no Family given at all at 
> https://torstatus.rueckgr.at/index.php


Am 15.01.2017 um 01:02 schrieb nusenu:
> Hi e AT torworld.org,
> 
> thanks for running 5 relays!
> 
> Please do not forget to set the MyFamily parameter in your torrc
> configuration to tell clients your relays belong to a single operator.
> 
> If you need help with the MyFamily option let us know.
> 
> thanks,
> nusenu
> https://github.com/nusenu/ansible-relayor
> 
> +-++--++
> | contact | nickname   | exit | eMyFamilyCount |
> +-++--++
> | e @ torworld.org| Basil  |1 |   NULL |
> | e AT TorWorld.org   | LOLHillary |1 |   NULL |
> | e [AT] torworld.org | Cajun  |0 |   NULL |
> | e [at] torworld.org | Gigi   |1 |   NULL |
> | e...@torworld.org  | SurfingAOL |1 |   NULL |
> +-++--++
> 
> https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt
> 

> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] 'MyFamily' .... torworld.org

[Paul]

Hey, why don’t you just explain to the relay mailing list what it is all 
about..?

Why are you different to "abuse [AT] torworld.org " and where are you probably 
the same ?

What is your idea (business model) behind , why are supporting Tor in such a 
heavy way ?

What are your driving forces...?

Its not a must, but it would be less suspicious for somebody with you size!

Thanks and Regards - to whom ever - Paul

Am 19.01.2017 um 05:22 schrieb e:
> Thanks for the heads up Paul.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] 'MyFamily' .... torworld.org

[Paul]

"thank you for running a Tor relay" - or in other words - got a spare T-Shirt 
for you - what’s your size Markus :-)

Hopefully you have read here recently this " but imagine if you could get 
access to
some sort of administration panel for OVH/DigitalOcean etc. Co-opting a
large number of relays/exits through that process might be a lot easier,."

One could imagine other possible scenarios as well - so I wouldn’t put all eggs 
in the same basket on my way to the market..



Am 20.01.2017 um 05:57 schrieb niftybunny:
> The funny thing is … while bashing torworld nobody cares that I am on my way 
> to be number one. Please dont mind me, just a rodent passing by ….
> 
> 
>> On 19 Jan 2017, at 22:01, Paul  wrote:
>>
>> Hey, why don’t you just explain to the relay mailing list what it is all 
>> about..?
>>
>> Why are you different to "abuse [AT] torworld.org " and where are you 
>> probably the same ?
>>
>> What is your idea (business model) behind , why are supporting Tor in such a 
>> heavy way ?
>>
>> What are your driving forces...?
>>
>> Its not a must, but it would be less suspicious for somebody with you size!
>>
>> Thanks and Regards - to whom ever - Paul
>>
>> Am 19.01.2017 um 05:22 schrieb e:
>>> Thanks for the heads up Paul.
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Problem upgrading Tor to 0.2.9.9 on Raspbian (Debian Jessie)

[Paul]

Am 31.01.2017 um 09:17 schrieb fr33d0m4all:
> Hi,
> this is not really a Tor issue, but I'd like to know if there is someone else 
> like me that is having problems upgrading his Tor installation to the latest 
> version on its Raspberry (running Raspbian based on Debian Jessie):

Yes I do share the same problem getting the same info as you
Sorry for just having "any" answer and no solution :-( 


> 
> # apt list --upgradable -a
> Listing... Done
> tor-geoipdb/stable 0.2.9.9-1~d80.jessie+1 all [upgradable from: 
> 0.2.9.8-2~d80.jessie+1]
> tor-geoipdb/now 0.2.9.8-2~d80.jessie+1 all [installed,upgradable to: 
> 0.2.9.9-1~d80.jessie+1]
> tor-geoipdb/stable 0.2.5.12-4 all
> 
> tor-geoipdb package could be upgrade but the tor package on which it depends 
> is not available:
> 
> # apt install tor-geoipdb
> Reading package lists... Done
> Building dependency tree
> Reading state information... Done
> Some packages could not be installed. This may mean that you have
> requested an impossible situation or if you are using the unstable
> distribution that some required packages have not yet been created
> or been moved out of Incoming.
> The following information may help to resolve the situation:
> 
> The following packages have unmet dependencies:
>  tor-geoipdb : Depends: tor (>= 0.2.9.9-1~d80.jessie+1) but 
> 0.2.9.8-2~d80.jessie+1 is to be installed
> E: Unable to correct problems, you have held broken packages.
> 
> Thank you in advance for any answer,
>Fr33d0m4All
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Reminder: If you are on 0.2.9.x, make sure you are running 0.2.9.9

[Paul]

Looks like FreeBSD and most people running BSD is (are) lacking behind - "sudo 
pkg update && sudo pkg upgrade -y" is not bringing success - what do you 
recommend there?

Thanks

Paul


Am 09.02.2017 um 22:10 schrieb Roger Dingledine:
> On Thu, Feb 09, 2017 at 09:51:14PM +0100, Maarten A. wrote:
>> My log indicates Tor 0.2.5.12 (git-6350e21f2de7272f)
> [...]
>> I think I read somewhere debian does security backport, hence the old
>> version numbers. You probably know this already.
>>
>> I'm running Debian GNU/Linux 8.7 (jessie)
> 
> Yep, that is a fine and reasonable version to run. It's old, sure,
> but it should still be safe and useful. Our fine deb maintainer keeps
> it patched with the more important security updates.
> 
> --Roger
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Reminder: If you are on 0.2.9.x, make sure you are running 0.2.9.9

[Paul]

Am 10.02.2017 um 19:21 schrieb nusenu:
>> Looks like FreeBSD and most people running BSD is (are) lacking
>> behind - "sudo pkg update && sudo pkg upgrade -y" is not bringing
>> success - what do you recommend there?
> 
> 
> If you did not get tor 0.2.9.9 via pkg yet you are probably using the
> quarterly [1] and not the latest [2] repo.
> (/etc/pkg/FreeBSD.conf)
> 
> 'latest' has 0.2.9.9 since 2017-02-05.
> 
> 
> 
> 
> [1]http://pkg.freebsd.org/FreeBSD:11:amd64/quarterly/All/tor-0.2.9.8.txz
> [2]http://pkg.freebsd.org/FreeBSD:11:amd64/latest/All/tor-0.2.9.9_1.txz
> 

@nusenu:Thank you for your hint - I had indeed a quarterly entry there. Now I 
did a full reinstall like mentioned here: 
https://forums.freebsd.org/threads/52843/

@fatal: thank you - yes that worked great as well


Handling BSD is that easy (!!) - why cant we convince more folks to install it?


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] [warn] circuit_mark_for_close under (Linux 4.4.0-21-generic) Tor 0.2.9.10

[Paul]

[warn] circuit_mark_for_close_(): Bug: Duplicate call to circuit_mark_for_close 
at ../src/or/onion.c:238 (first at ../src/or/command.c:579) (on Tor 0.2.9.10 )

Can this warning be neglected - I thought it is a BSD and not a Linux issue?
Got nearly a hundred of them today - all with the same time stamp.

Thanks - Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] DirCache 0

[Paul]

Running a relay on small RAM I putted "DirCache 0" to save memory.

As one can read here https://www.torproject.org/docs/tor-manual.html.en 
"Setting either DirPort or BridgeRelay and setting DirCache to 0 is not 
supported. (Default: 1) " I cant set a DirPort as well, which means I cant 
publish a DirPortFrontPage Exit-notice.

Any idea how to circumvent this problem.

Thanks Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Who is running the two biggest Exits in the network?

[Paul]

Since about mid April there are just two similar Exits making up now about 4.5% 
exit probability together.
Located in Panama, run in the okservers.net network, AS395978 ,they don’t give 
up any further information about themselves.

Personally I would feel better at least having a contact or even better, 
knowing who is giving that much effort.
Probably a MyFamily configuration should be placed as well?

https://atlas.torproject.org/#details/29C92C854E0F6652A77F3A8B231D6932993969E8

https://atlas.torproject.org/#details/2CA4B2F36C2DDECFCB0B5A0D3300ED30E68E2D62

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Who is running the two biggest Exits in the network?

[Paul]

Am 27.05.2017 um 00:48 schrieb Duncan:
> Hi Paul,
> 
> Paul:
>> Since about mid April there are just two similar Exits making up now
>> about 4.5% exit probability together.
>> Located in Panama, run in the okservers.net network, AS395978 ,they
>> don’t give up any further information about themselves.
>>
>> Personally I would feel better at least having a contact or even
>> better, knowing who is giving that much effort.
>> Probably a MyFamily configuration should be placed as well?
>>
> 
> I'm just wanting to raise the point, that while lack of contact information 
> may be concerning, in my opinion the contact information is definitely not 
> something you should rely on to assess how untrustworthy a given relay is. A 
> person or group with malicious intentions can fake this, easily. 

I agree with that part. 

But sometimes it helps to look and think things from an extreme point of view:
Let's assume the whole TOR would be anonymous in a way that you cant see 
contacts not even nicknames. Where in this scenario should TRUST derive from? 
Would you or anybody rely on that network, if you not at least know a certain 
number of people who give their dedication, work, money, for the project, 
people with total conviction doing the right thing. I guess you wouldn’t - at 
least I wouldn’t do so. So now you can go back, step by step and ask how many 
of those people, with how many servers under their control you need, until you 
come to the point where it's not enough any more.
As I personally prefer having a high number of known volunteers, I can tell 
that I dislike two or three servers - holding more than 4.5% Exit-prob. during 
peak time -run by (a) person(s) nobody knows - especially when there is a very 
high probability that they attack useful targets 
http://www.hackerfactor.com/blog/index.php?/archives/762-Attacked-Over-Tor.html 
!


>It is also important to remember that there may be good reasons for a 
>benevolent group of people to omit contact information.
> 
>> https://atlas.torproject.org/#details/29C92C854E0F6652A77F3A8B231D6932993969E8
>>
>> https://atlas.torproject.org/#details/2CA4B2F36C2DDECFCB0B5A0D3300ED30E68E2D62
>>
>> Paul
> 
> Regards,
> Duncan.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New exit node best practices

[Paul]

Hi Isaac,

Am 27.05.2017 um 02:45 schrieb Isaac Grover, Aileron I.T.:
> Good evening, 
> 
> After many months of running a relay, I'm planning to establish up a family 
> of exit nodes with geographically diverse VPS providers, shying away from the 
> list of the most heavily used Tor friendly providers. 

Please also consider running a Linux different OS like BSD, if your ISP is 
capable 

> 
> Several questions:
> - Does establishing a family increase the risk of the nodes being taken down 
> en masse?

No, I haven’t made this experience

> - Do you suggest providing ample contact information for the node directory, 
> as opposed to little or none?

Please have a look on the ongoing dialogue about this in here in the list

Regards

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] keys.gnupg.net broken; can't add Debian Tor repo

[paul]

 
 

 On the SSL issue: keys.gnupg.net is an alias to the SKS keyserver pool, which 
is a number of public volunteer run servers:
 

 
https://sks-keyservers.net/status/
 

 
My guess is you hit a misconfigured one that redirected you to TLS without 
checking what host you requested.
 

 
For example I redirect http://keyserver.paulfurley.com to 
https://keyserver.paulfurley.com *only* if the requested host is 
keyserver.paulfurley.com. Otherwise I would serve a certificate with a 
mismatching domain.
 

 
I'd recommend posting your finding to the sks-devel mailing list since it's 
probably something the pool should look out for and warn servers they're 
misconfigured. (I'll post it in the morning if you like.)
 

 
Paul
 

 
 

 
 
>  
> On Jul 10, 2017 at 10:58 pm,  mailto:t...@anondroid.com)>  wrote:
>  
>  
>  
> Actually, the directions on https://www.torproject.org/docs/debian.html.en   
> work okay. I was trying to automate things with Ansible, but the format 
> changed at some point, from something like:
>  
>
>  
>apt_key: id=A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 
> url=http://keys.gnupg.net/pks/lookup?op=get&search=A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89
>
>
>  
> to:
>  
>
>  
>apt_key: id=A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 
> keyserver=keys.gnupg.net
>  
>
>  
> The URL at /pks/lookup   no longer exists, so I saw a 404. Using the newer 
> format with just the hostname of the keyserver it works okay.
>  
>
>  
> Regarding   http://keys.gnupg.net   I still don't know why there is a SSL 
> mismatch in the browser, or why you can no longer access the web UI, but it's 
> not as broken as it looked.
>  
>
>  ___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] AU Relays and data retention

[Paul Templeton]

Hi All,

I have asked the Attorney Generals Department about data retention and got the 
following response.

If you run a relay/bridge here you seem to be exempt from retaining data. If 
your not an ISP and you run a service from home the ISP/carrier will retain the 
data though.

This just general information.

Regards,

Paul

UNCLASSIFIED
Dear Mr Templeton

Thank you for your enquiry to the Office of Communications and Cybercrime.
I am re-sending our reply to your original enquiry that we sent on 12 September 
2017 that seems to have not arrived.
The extent of data retention obligations for your relevant service would relate 
to the extent to which elements of the data set “visible” to you. For example, 
where a provider does not have “visibility” of a customer’s IP address, it is 
likely that the IP address was assigned as part of a different relevant service.
For example, if you have a record of the MAC addresses of users who access your 
network then this information must be retained for the required period.  You 
are not obliged to retain the identity of the user if this is not information 
to which you have access.
Whether the service is being offered on a commercial basis or is free is 
irrelevant in determining a service provider's obligations.
In your email you noted that "The true origin of a connection and the true 
destination will never be known and there will be no way of obtaining the 
information. That also pertains to the ports used in the circuit and all data 
passing through the circuit will be encrypted." This sentence appears to 
suggest that you may be  looking to offer some kind of an internet access 
service, in which case the destination is not required to be retained.
Your reference to encrypted content suggests a VPN. If this is the case and 
this service is not operated you, obligations do not apply. Also, data 
retention would not require you to store the contents of the communications.
Please do not hesitate to contact our office if you require further information.

Regards

Kerry

Office of Communications Access & Cybercrime Intelligence and Identity Security 
Division
T: (02) 6141 2884


The information contained in this email is intended as guidance only.  It does 
not constitute legal advice and should not be relied upon as such. If you 
require legal advice, you should consult an independent legal adviser.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] AU Relays and data retention

[Paul Templeton]

Thanx Teor,

I did speak to a lawyer and there is no requirement to retain any data if you 
run a node. It's treated as a VPN.

My question that I sent was more about whether a service (non commercial 
service) was exempt.
They don't delineate.

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Just got my first Abuse email :-)

[Paul Templeton]

It makes me happy but alas it was forwarded to me by the provider and didn't 
include an email address... so now I can not reply, SIGH

Question: this has come from port 22 usage - how important is this port to the 
general population? Thoughts...

Regards,

Paul

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Just got my first Abuse email :-)

[Paul Templeton]

Thanks Roman,

> I believe in such case you are supposed to reply to your provider
I will


> There was a mini discussion recently on that, with the general consensus
> seeming to be that keeping it open is more trouble than it's worth.
> https://lists.torproject.org/pipermail/tor-relays/2017-October/013188.html
I'll drop port 22

Regards,

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] (no subject)

[Paul Templeton]

What assistance do you need? 

- Original Message -

From: "Laty Luck"  
To: tor-relays@lists.torproject.org 
Sent: Wednesday, October 11, 2017 11:33:52 PM 
Subject: [tor-relays] (no subject) 



help 



___ 
tor-relays mailing list 
tor-relays@lists.torproject.org 
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] atlas.cogentco.com Is blocking

[Paul Templeton]

Has anyone come across a scenario where a carrier blocks IP traffic?

atlas.cogentco.com is the point which drops any packet to 95.130.9.210

The server is up and running internal monitoring says its OK. The ISP doesn't 
provide an interface to the Server so I can not log on to do any other 
validating.

Trace routes to any IP with the ISP (active or not)terminates in the ISP's 
network. Trace route from any point on the planet times out as soon as you hit 
atlas.cogentco.com

Any thoughts...

**IPonU could you ping from one of your servers at Digicube please and let me 
know.

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] atlas.cogentco.com Is blocking

[Paul Templeton]

> Whoever runs that node will need to talk to their ISP support team to 
get it unblocked.

Thanks Andy - the reason I asked because its not with the Service Provider it's 
there upstream carrier - I have lodged a ticket with the carrier and waiting to 
here back. The ISP doesn't know anything. I haven't received any notification - 
it was dropped with no indication... Plus when have major international 
carriers started to drop IP address???

I'll keep you all posted...

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Balancing throughput versus getting Black-Holed

[Paul Templeton]

Hi All,

I have a question. I would like to know other peoples experiences for exit 
nodes and the methods of mitigating getting black holed.

I have a node that gets black-holed all the time now - it runs at 18Mibt - 
41781FDC57238DAB955DF6D6E8400CEC5ACBE706 I have noticed smaller relays/exits on 
the same AS don't seem to run into the same problem. I was thinking of running 
two to three smaller exits at around 4MiBt or just going for a larger faster 
middle. Thoughs/Comments.

I have been emailing the provider and their carrier but know one ever 
responds/reply's.

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Balancing throughput versus getting Black-Holed

[Paul Templeton]

> What do you mean when you write "Black Holed" ? Are you referring to
large sites online automatically blocking users, or your traffic being
shut down by your provider?

Yes and no - The carrier is doing it - so no traffic can get through to the 
providers system (My node- even me). It's automated and can be initiated by any 
entity using the carriers infrastructure.

It's a simple Null Route - Someone is proberble oing a massive DDos...

Paul

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Balancing throughput versus getting Black-Holed

[Paul Templeton]

> How long is your relay blackholed for?
Usually 12Hrs - I'll look at a second IP to see if it helps a bit.

Having the ability to rotate address would be good... :)

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] UbuntuCore

[Paul Templeton]

These nodes are popping up everywhere - is this some sort of malware being 
deployed on systems around the globe?

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Thank you to directory operators

[Paul Templeton]

Here Here 

- Original Message -

From: "Tor Node Admin @ SechsNullDrei.org"  
To: tor-relays@lists.torproject.org 
Sent: Monday, October 30, 2017 9:58:49 PM 
Subject: [tor-relays] Thank you to directory operators 



Good morning, 



Relay operators often receive gratitude on this list for running relays, but 
let’s not forget the directory operators – those individuals/organizations who 
are more central to The Tor Network and run their directory servers at a higher 
personal risk level than the relay operators. 



Sincerely, 

Isaac, t...@sechsnulldrei.org 




___ 
tor-relays mailing list 
tor-relays@lists.torproject.org 
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Test

[Paul Templeton]

got it...

- Original Message -
From: "Alessandro Lo Mo" 
To: tor-relays@lists.torproject.org
Sent: Thursday, November 16, 2017 3:49:42 PM
Subject: [tor-relays] Test

Test
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Pretty sure our exit was being synflooded.

[Paul Templeton]

Happening to middles as well - I get black hold all the time - ISP has auto 
rules.

Paul

- Original Message -
From: t...@t-3.net
To: tor-relays@lists.torproject.org
Sent: Saturday, November 25, 2017 10:23:24 AM
Subject: [tor-relays] Pretty sure our exit was being synflooded.

Was anyone else's exit being synflooded yesterday and today? I put 
some iptables code in to help, it might have mitigated it.

I'm pretty sure our exit "Libero" was being synflooded.

Managed to lose all our flags shortly after the instability was 
(finally) resolved, go figure =p







___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ISP is aking me to send a selfie holding my identity card

[Paul Templeton]

Have three servers around the globe and never been asked for ID. Even in 
Australia where your have to identify your self with ID. 

It must be the type of system yo are purchasing as I have found all of mine are 
under the banner of corporate. 

paul 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Issues with faravahar?

[Paul Templeton]

Yup - Me Too... 


- Original Message -

From: "Aneesh Dogra"  
To: tor-relays@lists.torproject.org 
Sent: Tuesday, December 12, 2017 8:47:30 PM 
Subject: Re: [tor-relays] Issues with faravahar? 



On Tue, Dec 12, 2017 at 3:06 PM, r1610091651 < r1610091...@telenet.be > wrote: 



Hi 

I'm seeing regular issues with faravahar in logs lately. Is somebody working on 
this? 

Logs: 
Dec 12 10:32:56.000 [warn] HTTP status 502 ("Bad Gateway") was unexpected while 
uploading descriptor to server ' 154.35.175.225:80 '. Possibly the server is 
misconfigured? 
Dec 12 10:33:56.000 [warn] Received http status code 502 ("Bad Gateway") from 
server ' 154.35.175.225:80 ' while fetching 
"/tor/server/d/706E3C29265BD073DF77DC457A3CD8B1BC16C6E6+E223A1B036E3F7315DCADE32F6A4428F15148987.z".
 I'll try again soon. 

Thanks 





Hey, 

I am getting the same warnings in my log files. Running an exit relay. 

Thanks 
-- 
Regardless, I hope you're well and happy - 
Aneesh 

___ 
tor-relays mailing list 
tor-relays@lists.torproject.org 
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Become a Fallback Directory Mirror

[Paul Templeton]

You can throw 867B95CACD64653FEEC4D2CEFC5C49B4620307A7 into the mix - its my 
only stable server with little load.

I would have IPv6 but OVH AU has some sort of problem - have had a ticket open 
for two weeks now.

Paul

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] what are these spikes

[Paul Templeton]

Hi all,

just a query - I get these unusual spikes on 
https://atlas.torproject.org/#details/867B95CACD64653FEEC4D2CEFC5C49B4620307A7 
(have a look at the three month chart) and I notice some of the other AU relays 
do the same.

can anyone tell me what they are

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] what are these spikes

[Paul Templeton]

Cool 

> We have a map of over-loaded and under-loaded regions now: 
> Go to https://atlas.torproject.org/#map 
> And select "consensus weight versus bandwidth". 

paul 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] >30% of the Tor network runs outdated version: Consider enabling auto-updates

[Paul Templeton]

I can not add technical advice but it reads well.
Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Question: systematic hacking on my social media accounts

[Paul Templeton]

Hi all,

Just wondering if anyone else has had this problem over the last week. I have 
had attempts (one successful) on my social media accounts. Just found it 
strange that it was more than one.

They got into my Facebook page (Haven't used it for years) - Seems that they 
got access via really old personal questions that family have provided them via 
their online posts - ie happy birthday now that you are this old... and hows 
your dog m doing and my mum listing her maiden name etc. I can't get it 
through to people to stop them from having public profiles... SIGH. Mean while 
they have to put up with girly pics or unfriend me as i'm not interested in the 
account.

A lesson for all.

Paul


609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] 0.3.2.9 not reporting bandwidth in atlas

[Paul Templeton]

Is it me or is there some issue.
Since I've upgraded to version 0.3.2.9 there has been no update to the 
bandwidth graphs.

family:867B95CACD64653FEEC4D2CEFC5C49B4620307A7

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] torproject.org outages? (was Re: Tor Relay Setup)

[Paul Templeton]

> Tor Project infra. is being DDoSed right now. What little that can be
> done, is being done.

Maybe you could update your DNS records to create a round robin with some of 
the trusted mirrors to take the load off?

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] IPv6 for the nifty?

[Paul Templeton]

> I was wondering if you have any plans to get IPv6 connectivity?

At three of the ISPs i use have IPv6 available but my skill set is vastly 
lacking. I would love to find a mentor to assist with configs.

IPv6 is the future.

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] ISP Nat

[Paul Templeton]

Hi All,

I have an ISP who has started NATting inbound traffic and has screwed DNS 
resolution. Is there a way to bind DNS requests to use a specific IP address 
(Have multiple) that is not affected with this NATting problem.

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ISP Nat

[Paul Templeton]

> and has screwed DNS resolution. 

;; reply from unexpected source: 95.130.8.11#53, expected 95.130.8.8#53
;; reply from unexpected source: 95.130.8.11#53, expected 95.130.8.9#53

This is the problem I'm having...

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ISP Nat

[Paul Templeton]

> Can you elaborate on your network topology and NAT?

Out bound traffic from 95.130.9.210 goes via 95.130.9.1 then 95.130.8.1 then 
out to the real world.
In bound traffic comes via 95.130.8.11 then 9.130.8.120

It's NATted at 95.130.8.11 and all I see is this address connected to the 
system(ie all connections show as 95.130.8.11).

My /etc/network/interface - the DNS server is temporary for testing.

auto lo
iface lo inet loopback

auto enp4s0
iface enp4s0 inet static
address 95.130.9.210
netmask 255.255.255.255
network 95.130.9.210
broadcast 95.130.9.210
dns-nameservers 95.130.8.8 95.130.8.9
#Route statique vers la passerelle
up ip route add 95.130.9.1 dev enp4s0
up ip route add default via 95.130.9.1

up ip addr add 95.130.12.251/24 dev enp4s0
up ip addr add 95.130.12.252/24 dev enp4s0


# iface enp4s0 inet6 static
# address 2a02:a80:0:1210::2
# netmask 64
# gateway 2a02:a80:0:1210::1

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ISP Nat

[Paul Templeton]

Thanks nusenu

> I'd say this is broken network and ask them to fix it.
Ticket has been lodge but it takes for ever to get something done - The node 
has been off line for two weeks now (After a power issue in the rack). There 
has been issue after issue getting the system up again and now this. Was just 
wondering if you can force DNS requests on ip's 95.130.12.251 and/or 
95.130.12.252 as they are not affected.

If not I can run it as a middle for now... SIGH

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ISP Nat

[Paul Templeton]

Thanks teor

> I would recommend using a caching resolver, it puts much less load on the
> remote resolvers you are using.

Went down this path - its working.

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Let's increase the amount of exit relays doing DNSSEC validation

[Paul Templeton]

Hi All,

Is there anyone who uses Bind9? I'll setup DNSSEC on all Exits but I would like 
to validate the config.

I have done this on 41781FDC57238DAB955DF6D6E8400CEC5ACBE706



options {
directory "/var/cache/bind";

dnssec-enable yes;
dnssec-validation yes;

auth-nxdomain no;# conform to RFC1035
listen-on-v6 { ::1; };
listen-on { 127.0.0.1; };
allow-recursion { 127.0.0.1; ::1; };
};

include "/etc/bind/bind.keys";



When I do a dig +dnssec . | grep ";; flags:" I get ;; flags: qr rd ra ad; 
QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 1 this looks as if its working.

There is no forwarding.

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Let's increase the amount of exit relays doing DNSSEC validation

[Paul Templeton]

Thanx Alexander

> Just to be safe, you could also check the rest of the dig output and
> /etc/resolv.conf (or relevant resolver configuration on your system) to
> make sure your BIND is being used. The flags look fine, though.

resolv.conf only has 127.0.0.1 and Dig responds from 127.0.0.1 - Caching works 
as well.

I'll update the rest of my exits now.

Thanx All

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Secret Google and Microsoft Blacklists affecting non tor IPs if on same server.

[Paul Templeton]

> Really annoying that my email server IP has never sent anything, no relay, no 
> spam, almost no traffic so what is stated is not true and even their own 
> tools reports nothing. 
> Is Google looking at MAC addresses to do this? How can we stop it? I really 
> do not want to run another server just for tor as that costs! 


I don't think its you Tor node - it just google. I note that your DMARC, SPF, 
etc are set and valid. You mail server is not an open relay. I maintain a few 
mail servers and run into these types of problems. There is no real reason for 
them. Microsoft is the worst - no logic what so ever. Do others use your server 
and has one of those accounts been compromised? Had one last week - a user 
followed a spam link and gave out their username and password - we sent 30 
emails out in an hour... You don't need to be on black lists to be blocked by 
the major players. You might want to relax your DMARC to see what happens. 


Paul 









609662E824251C283164243846C035C803940378 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New DNS related fields in the ContactInfo Sharing Specification

[Paul Templeton]

> https://github.com/nusenu/ContactInfo-Information-Sharing-Specification

Is there an assumption that a 100% of the system is dedicated to Tor or will 
there be a key available to specify?
I.e. 25%BW and/or 50%CPU.

I'm just saying as I have three bare metal systems two that have 1gbit Ethernet 
no data cap but they only use 15%...


Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] New DNS related fields in the ContactInfo Sharing Specification

[Paul Templeton]

>>> https://github.com/nusenu/ContactInfo-Information-Sharing-Specification

paul:
>> or will there be a key available to specify? I.e. 25%BW and/or
>> 50%CPU.
>> I'm just saying as I have three bare metal systems two that have
>> 1gbit Ethernet no data cap but they only use 15%...

nusenu: 
>Due to this last sentence I'm not sure if you
>want to convey availability (only xx% of resources are available to tor) 
>or usage (tor uses only xx% of the resources it has available)?

The latter - Tor uses only xx% of the resources it has available. It might help 
by knowing where capacity is available for extra services if and when required 
by the Tor Project. Just Saying.

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] metricsbot broken

[Paul Templeton]

Who ever looks after the @metricsbot@botsin.space its stopped working...

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Spam Emails Received From This Mailing List

[Paul Templeton]

I note that you do not receive any spam until you post to the list. So is it a 
bot subscribed to the list or is it reading the piper mail?

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] I get sad when :-(

[Paul Templeton]

I get sad when I lose control over one of the bare metal systems I run and help 
desk is slow to respond over the weekend. Then you have to throw in the time 
differences, then the language - its a wonder anything runs...

Just wanted to know if there is anyone I can hook up with to talk about some 
config/stability issues. 

I have two systems one a VPS the other bare metal and both will drop out of the 
consensuses about once a day(2 to 3 hours) but are running the whole time.
I have 4 bare metal systems but none are at capacity and would like to find the 
best approach to get more out of them. Consensus is one issue that's limiting 
capacity usage.

I would love to meet up but in a remote part of AU and I just quit my job after 
15 years so haven't time to fly anywhere at this time...

P

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] I get sad when :-(

[Paul Templeton]

> I get sad when I pay a USA 'business' for 15 VPS exits and they fly away. 

I'm sad that you get sad...

> BOINCing is good in a winter in Coffs. It was pretty crisp this morning until 
> the cpu gets going.
Reminds me of the Bitcoin mining days, used to heat the flaming shed 30+.

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] I get sad when :-(

[Paul Templeton]

>>I have two systems one a VPS the other bare metal and both will drop out of 
>>the consensuses about once a day(2 to 3 hours) but are running the whole 
>>time. 

>Hmm, that's weird. 
>Does your provider have a reliable connection? 

Both systems are hosted in Spain - Some of the Auths lose connectivity. I will 
keep an eye out to see if it is the same ones. 

>> I have 4 bare metal systems but none are at capacity and would like to find 
>> the best approach to get more out of them. Consensus is one issue that's 
>> limiting capacity usage. 
>We have a troubleshooting guide for slow relays: 
>https://trac.torproject.org/projects/tor/wiki/doc/MyRelayIsSlow 

>Let us know how it goes. 
I was thinking of running a second instance on an under weighted node in AU. 

___ 
tor-relays mailing list 
tor-relays@lists.torproject.org 
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 



609662E824251C283164243846C035C803940378 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Alleged Family Members

[Paul Templeton]

> How long is the timeout for 'Alleged Family Members' to disappear on
> 'metrics.torproject.org'? Can I force it?

Shouldn't take long, but did you leave the relay finger print in the MyFamily 
section in the torrc file?

P

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] A general question for relay operators

[Paul Templeton]

> You can rent a relay anywhere in the world. (I rent a few machines in
> other countries, because internet in my country is slow.)

pfft - Does they live in AU - LOL - If they do then its expensive as well...

But teor is right plenty of systems out there in the world - some really cheap.

P

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Exit Node Winter Shutdown

[Paul Templeton]

> I regret to inform you all that I will be shutting down my Tor Exit node - 
> Winter [ 0] after more than five years. 

Makes me sad :-( 

Keep a backup - you may find hope else where... You never know. 

P 


609662E824251C283164243846C035C803940378 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Coordinated raids of Zwiebelfreunde at various locations in Germany

[Paul Templeton]

I feel sorry for these guys.

I hope they had backups off shore as they probably won't see their stuff 
returned for some time or at all as investigations can take years.

If they need funds for legal support I'll chip in if they require it.

Paul

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] OutboundBindAddressExit

[Paul Templeton]

Can you only bind one address or is there a way to use multiple?

P

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] multiple OutboundBindAddressExit IPs

[Paul Templeton]

>nusenu:
>> feature request for prefixes is on my
>> todo list

>https://trac.torproject.org/projects/tor/ticket/26646

This would be good. The scenario for me is I have two exists that fall out of 
the census because of ISP firewall rules (Haven't figured it out yet).

The nodes stay up and running and you can connect to them but the outbound 
seems to be block (Typically three hours). I do not know if would be better to 
rotate IP Addresses per circuit or just to rotate every so many minutes. Long 
lived circuits could persist though.

There seems to be a threshold in the amount of traffic that I push through the 
node before it gets flagged. With a feature like this I could double the throgh 
put.

P

609662E824251C283164243846C035C803940378

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Coordinated raids of Zwiebelfreunde at various locations in Germany

[Paul Templeton]

> They seized most of our electronical storage equipment (disks,
laptops, PCs, GnuPG Smartcards/Yubikeys), but it is safe to assume that
they will not be able to break the encryption (or the smartcards). They
also took our mobile phones, but even if they were to break into them,
no login data or anything else affecting our infrastructure or
communications is stored on those phones.

I wonder how long its going to be before new laws are sort (Again)... 
encryption.

P
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is a relay on mobile broadband possible in Australia?

[Paul Templeton]

> Would anyone have had any luck running a relay via mobile broadband in 
> Australia? 
> The DirPort 9030 and the ORPort 9001 are blocked. 
> Is it impossible to work around the port blocking? 

What provider - I used to run one on iiNet broadband. 

P 


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is a relay on mobile broadband possible in Australia?

[Paul Templeton]

> What provider - I used to run one on iiNet broadband.

Just went online - iiNet does have this service anymore...

https://www.iinet.net.au/internet/broadband/mobile/
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] DNS Time Outs

[Paul Templeton]

Hi all,

how often does the site https://arthuredelstein.net/exits/ update. 'coffswifi4' 
was reporting 60% timeouts but I have setup a stand alone DNS for it and would 
like to know if its resolved the problem.

I think this is why it kept on being dropped from the consensus...

For nusenu - Yes I have setup DNSSEC :-)

Regards,

Paul

137CF322859E400455E457DB920F65FFDD222CDF

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DNS Time Outs

[Paul Templeton]

Crap - Just found out I have a problem - DNS

The Tor service runs and doesn't stop but the DNS stops working. The DNS 
service is running but not returning lookups. I run Bind9. Even fail over DNS 
fails. If I restart the Tor service all is good again. Any idea's?

P

137CF322859E400455E457DB920F65FFDD222CDF

- Original Message -----
From: "Paul Templeton" 
To: tor-relays@lists.torproject.org
Sent: Monday, July 9, 2018 8:55:39 AM
Subject: [tor-relays] DNS Time Outs

Hi all,

how often does the site https://arthuredelstein.net/exits/ update. 'coffswifi4' 
was reporting 60% timeouts but I have setup a stand alone DNS for it and would 
like to know if its resolved the problem.

I think this is why it kept on being dropped from the consensus...

For nusenu - Yes I have setup DNSSEC :-)

Regards,

Paul

137CF322859E400455E457DB920F65FFDD222CDF

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DNS Time Outs

[Paul Templeton]

> Exits don't get dropped from the consensus for DNS failures.
> The directory authorities only check ORPort connectivity.

Then I have two separate problems...
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays