Re: [tor-relays] 36C3 voucher

[pa011]

> While still running several Exits I would be more than happy to meet others
> there
>
> Thanks



Me too :-)

So a voucher would be highly welcome

Greetings

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] 'MyFamily' .... torworld.org

[pa011]

Am 10.01.2017 um 21:01 schrieb nusenu:
> 
> 
> pa011:
>> Could you explain please why names like torworld.org, torservers.net,
>> online de, etc. are not aggregated in one position on
>> https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operators.txt
> 
> 
> https://github.com/ornetstats/stats writes:
>> Relays are aggregated based on effective families.
> 
> So they are not setting MyFamily properly or someone else is using their
> contactInfo.
> 
> Maybe I should rename the files to main_..._families.txt

Better would be a warning:  Family currently worth nothing !!


torservers.net: 
https://atlas.torproject.org/#details/ABF7FBF389C9A747938B639B20E80620B460B2A9 
-> no one of the given family is blue, so yes the family seems wrong


zwiebeln online de: 
https://atlas.torproject.org/#details/0E2773CF5609FD7FA52837E53DF4B0D47F0D15B7 
-> all the family members are blue, counting 27 , which is slightly more than 
your 2 lines added together this morning


torworld.org : 
https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A6788321 
-> currently 12 big Exits - no Family given at all at 
https://torstatus.rueckgr.at/index.php
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] 'MyFamily' .... torworld.org

[pa011]

Hi nusenu,

thank you for your daily work about "MyFamily".

Could you explain please why names like torworld.org, torservers.net, online 
de, etc. are not aggregated in one position on 
https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operators.txt

Would you judge torworld.org, which is on the 
"/potentially_dangerous_relaygroups" now for a long time to be a commercial 
service?


Regards
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] MyFamily updated

[pa011]

Am 26.12.2016 um 14:53 schrieb nusenu:
> 
> 
> Thanks for fixing it!
> 
> +---++
> | nickname  | eMyFamilyCount |
> +---++
> | NeelTorRelay1 | 4. |
> | NeelTorExitUSWest | 4. |
> | NeelTorExitCZ | 4. |
> | NeelTorRelay2 | 4. |
> +---++

With thanks to your work nusenu, we will come to the point where only  
"torworld.org" will be left on the potentially dangerous exits 
https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt
 :-)

Rgds Paul

p.s. would be glad to meet you and other Exit volunteers in Hamburg from 
tomorrow !


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] "[warn] Cannot make an outgoing connection without a DirPort" under BSD

[pa011]

I am running (FreeBSD 11.0-RELEASE-p2)   Tor 0.2.8.11
getting following warnings while Self-testing indicates that DirPort is 
reachable from the outside?

Can these warnings be ignored, while Tor is running properly afterwards ?

Merry Christmas!

Paul 

Dec 24 13:20:57.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Dec 24 13:20:57.000 [warn] Cannot make an outgoing connection without a DirPort.
Dec 24 13:20:58.000 [notice] Bootstrapped 85%: Finishing handshake with first 
hop
Dec 24 13:20:58.000 [notice] Bootstrapped 90%: Establishing a Tor circuit
Dec 24 13:20:58.000 [notice] Tor has successfully opened a circuit. Looks like 
client functionality is working.
Dec 24 13:20:58.000 [notice] Bootstrapped 100%: Done
Dec 24 13:20:58.000 [notice] Now checking whether ORPort x.x.x.x:9001 and 
DirPort x.x.x.x:9030 are reachable... (this may take up to 20 minutes -$
Dec 24 13:20:59.000 [notice] Self-testing indicates your ORPort is reachable 
from the outside. Excellent.
Dec 24 13:20:59.000 [notice] Self-testing indicates your DirPort is reachable 
from the outside. Excellent. Publishing server descriptor.
Dec 24 13:21:00.000 [notice] Performing bandwidth self-test...done.
Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort.
Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort.
Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort.
Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort.
Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort.
Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Relay on ARM server Marvell Armada 370/XP

[pa011]

Am 20.12.2016 um 14:40 schrieb Volker Mink:
> Is it OK with their TOS to run a TOR Relay7Exit?
> If so, i really consider getting a VPS there!


Volker - apart from not putting all eggs in the same basket (France as country 
and Online.net as ISP), but if you really wanna go there scaleway opened some 
cloud VPS in Amsterdam recently - same price far better performance, and yes as 
Markus wrote, they are very relaxed on Exits!
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] MyFamily update required

[pa011]

Hi nusenu,

thanks for your great work - lets assume for a second I would be with several 
relays on both of you lists:

https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operators.txt

https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt

How can I best find out which ones bring me on your second one?

Whats the number in the column MyFamilyCount - how added up?


Best regards

Paul

 only example - not me...
> +-+-+---+--+
> | first_seen  | IP  | MyFamilyCount | exit |
> +-+-+---+--+
> |   |9. |0 |
> |   |9. |0 |
> |   |8. |1 |
> |   |  NULL |0 |
> +-+-+---+--+
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] "Up-and-coming" Ticket - 33C3

[pa011]

Have Juniors interested in our work, likely to follow our steps or build new 
ones...need tickets for Hamburg 33C3 

"Up-and-coming" would be great, but would consider "Standard" as well...

Hopefully :-)

Thanks and regards

Paul

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] The t-shirt organization thingy

[pa011]

> Hi Moritz,
> 
> I do understand that it's hard to run an organization with too few
> people, it's my daily life working for staff at my university (I am the
> only administrator for 16 tablets, 34 laptops, 3 servers and 7
> thinclients, and we are not allowed to use centralized tools, I have to
> administrate all of these devices manually), so there are definitely all
> my "thank you"s I can give.
> 
> But I, for example, didn't even get an answer first, I would even love
> to get an automated email saying "Sorry if it takes a very long time, we
> are overwhelmed by the work we currently have to do" (waiting for almost
> 7 months now by the way). After 2-3 months I got an answer when we
> talked about that topic via this list in summer (though nothing official
> besides the mailing list talk). The problem is that only one person
> handles the shirts and it's ok even if I have to wait another 7 months
> or so (it's a gift at all, as you already said).
> 
> It's just that you/we/they should change something about the handling of
> the situation. It was (and for others most probably still is) the lack
> of communication that frustrates eligible relay operators so much.
> 
> But to conclude, thanks for all the work towards Tor and everything.
> Everybody has to give his work and support, so we can stand for free
> Internet (free as in freedom, not as in free beer). This was not meant
> to be against you, it was only in response to your mail because you got
> to this topic :)
> 
> Best,
> Michael


I agree with what you already expressed Michael.

On top of that I just want to remind on two mails back from June this year 
-obviously a time when the project was more focused on other issues - even 
there is and was volunteer help around:

>Date: Mon, 13 Jun 2016 22:07:26 +0200

>I would offer 2 helping hands and possibly more as well to get this and
>my own shirt out - please contact me

>Paul

>Am 08.06.2016 um 18:05 schrieb l3thal.inject...@gmail.com:
>> If tor weather isn't running, and tshirt emails aren't being sent out,
>> is someone doing this manually then? How can I help get the show on
>> the road? Not gonna lie, I was really looking forward to the tshirt
>> email as my relay definitely should have earned one about 2 weeks ago.
>> haha. Actually I just donated $100... maybe now I can get a tshirt?
>>
>> https://atlas.torproject.org/#details/1F45542A24A61BF9408F1C05E0DCE4E29F2CBA11
>> ___
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] ansible for tor relay ops

[pa011]

> 
>> Isn’t it somehow dangerous in the area we operate, to rely on a piece
>> of software created more or less by a single person?
> 
> Thanks for this question. Can you give a few examples for "dangerous" in
> the context of your question so I might be able to address your concerns
> more specifically?

That is exactly the point, if you know the danger in advance, there might be a 
change you can address and possibly handle it.

In this case, somebody like me would rely on a piece of software that he 
possible cant judge, or totally understand and there are not several people who 
might have had an eye on it,checked it and agreed, that there is no 
misbehaviour? Who are trusted people in this group, who are not and why? Who is 
giving a service for what reason? I don’t want to go more down is road ending 
up in paranoia but I am sure some of those thoughts get shared.

Yes one argument might be, there is a long track record, reputation for a 
person - difficult for newcomers to judge.

I cant be more specific and please don’t take it personally - these are just 
general thoughts...and every single question (if and when it may arise) could 
be cleared..

Thank you and regards
Paul



0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961

[pa011]

Am 10.12.2016 um 21:12 schrieb Ivan Markin:
> pa011:
>> What about relays not on the list at all?
> 
> You mean that are not subscribed for tor-relays@?

No, forget that one - was my mistakable in the spreadsheet 
> 
> btw, it would be awesome to give away t-shirts or something for running
> diverse relays.

that was a least a promise the year ago (its not any more)- and I believe one 
should stand to his promises
> 
>> I would assume that not everybody of that 23 percent does know what
>> exactly to do, apart from better running on BSD - could you please
>> give detailed recommendation for beginners - your discussion seems on
>> a high level :-)
> 
> Agree, I personally don't see any way to notify these operators about
> what to do (except clear instructions at blog.tpo or tor-relays@).
> With pleasure. 

Yes please spread this out - as simple as possible - the list has about 1700 
hundret subscribers I, if I am correct - I reckon the  important and interested 
ones are on it 

There is an awesome The Tor BSD Diversity Project. The
> instructions for BSD beginners can be found here [1].

I used them about a week ago - they were the best I could find - sure they have 
room for improvement, especially for beginners, but there are several nice 
people out there -glad to help - some awful question have me done here by me 
already

> [1] https://torbsd.github.io/relay-guides.html

Could you give some explanation please on the difference between:

-lots of challenge ACKs
-multiple challenge ACKs
-one challenge ACK
-two challenge ACKs
-vulnerable
-zero challenge

Thanks 
Paul


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961

[pa011]

> I would however be very interested to hear back from tor-relay operators
> if any of them have found Challenge ACK counter values higher than
> a million... which would indicate some kind of funny business.
> 
Thanky you for your work.

I know of 3 relays with ACK above 1 million:

TCPChallengeACK: 1081146
TCPSYNChallenge: 1062995

TCPChallengeACK: 1270948
TCPSYNChallenge: 1254428
  
TCPChallengeACK: 1189549
TCPSYNChallenge: 1171422

all running under Linux vm20198 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 
(2016-10-19) x86_64 GNU/Linux

There seems to be no relation between uptime of the server and challenges apart 
from rebooting, which resets to 0.

What about relays not on the list at all?

I would assume that not everybody of that 23 percent does know what exactly to 
do, apart from better running on BSD - could you please give detailed 
recommendation for beginners - your discussion seems on a high level :-)

Thanks and regards 

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] torworld relays in entry and exit position

[pa011]

Very good Nusenu - I like your insistent dialogue and asking in this case :-)

You are quite often referring to Ansible which is new to me. Is there a 
permanent free version around to let your 
https://github.com/nusenu/ansible-relayor run on it?

Isn’t it somehow dangerous in the area we operate, to rely on a piece of 
software created more or less by a single person?

Best regards

Paul

Am 10.12.2016 um 01:55 schrieb nusenu:
> 
> 
> Security TorWorld wrote (2016-11-14):
>> We believe that next month on the 1st of December would be a good time
>> to add this feature.
> 
> What is the current state on this?
> 
> You are still on the top of this list:
> https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] relays with dynamic IP - here Rasp2

[pa011]

Am 06.12.2016 um 18:16 schrieb Rana:
> -Original Message-
> From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf 
> Of pa011
> Sent: Tuesday, December 06, 2016 1:24 AM
> To: tor-relays@lists.torproject.org
> Subject: Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
> 
>  
>> I would like to hear about ONE Raspi Tor operator who was allowed by 
>> DirAuths (or bwauths or whatever)  to come even near 1 mbit/s bandwidth 
>> utilization
>>
> 
> let me tell: 
> https://atlas.torproject.org/#details/AA44C4BE3C90DCAAC09E5CD26150710AAA80D58B
> https://atlas.torproject.org/#details/CA9A5D5C4688F04EEC1AF810B0FD348109FA17FB
> 
> are sharing the same dynamic IP on a Rasp2 -cut every 24 hours
> 
>  day rx  | tx  |total|   avg. rate
>  +-+-+---
>  05.12.201627,20 GiB |   28,39 GiB |   55,59 GiB |5,40 Mbit/s
> 
> 
> that is slight above 1 Mbit/s  :-)
> 
> 
> Best regards
> 
> Paul
> 
> 
> Wow nice bandwidth you are pushing through Paul! You mean two Raspi 2's 
> sharing an Internet connection, each relaying 27 Gbytes per day at 5.4 Mbit/s 
> on the average?? Total 10.8 Mbit/s?? Or 2.7 Mbit/s each?

It is just 1 single Rasp2 - running 2 tor instances on 1 IP, details here 
https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create.8.txt
> 
> Definitely refutes the previously claimed 1 Mbit/s Tor limit on Raspi, and 
> means that Raspi has nothing to do with the ridiculously low utilization of 
> my relay, just as I thought. As a matter of fact this means that whoever is 
> NOT running a relay on a Raspi  (or two, or four of them) is wasting money, 
> unless he has a computer lying about with nothing better to do.
> 
> Also, what's the max memory and CPU utilization on your Raspi (I have read 
> somewhere that Tor is only capable of utilizing 2 of the 4 CPU cores), and 
> what kind of Internet connection do you have?

The Rasp2 is fairly unused, in memory and CPU - running on a German DSL - 
giving tested max. 7Mbit/s upload


top - 19:15:15 up 47 days,  1:11,  2 users,  load average: 0,37, 0,26, 0,24
Tasks: 118 total,   2 running, 116 sleeping,   0 stopped,   0 zombie
%Cpu(s): 10,3 us,  1,9 sy,  0,0 ni, 86,4 id,  0,0 wa,  0,0 hi,  1,4 si,  0,0 st
KiB Mem:947756 total,   831368 used,   116388 free,   147964 buffers
KiB Swap:   102396 total,0 used,   102396 free.   426736 cached Mem



>  BTW the $35 Raspi 3 has 33% more CPU power than your Raspi 2 and the same 
> amount of memory.

There is no need for a Rasp3 under given condition - not even the Rasp2 is 
getting warm :-)
> 
> Rana

 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[pa011]

 
> I would like to hear about ONE Raspi Tor operator who was allowed by DirAuths 
> (or bwauths or whatever)  to come even near 1 mbit/s bandwidth utilization
> 

let me tell: 
https://atlas.torproject.org/#details/AA44C4BE3C90DCAAC09E5CD26150710AAA80D58B
https://atlas.torproject.org/#details/CA9A5D5C4688F04EEC1AF810B0FD348109FA17FB

are sharing the same dynamic IP on a Rasp2 -cut every 24 hours

 day rx  | tx  |total|   avg. rate
 +-+-+---
 05.12.201627,20 GiB |   28,39 GiB |   55,59 GiB |5,40 Mbit/s


that is slight above 1 Mbit/s  :-)


Best regards

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD - solved

[pa011]

its working currently on Tor 0.2.8.9 (recommended)
otherwise it might conflict with arm?


$ sudo pkg update && sudo pkg upgrade -y
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.
Updating FreeBSD repository catalogue...
FreeBSD repository is up-to-date.
All repositories are up-to-date.

Any quick idea how to solve that one:

Resolving svn.torproject.org (svn.torproject.org)... 
2a01:4f8:172:1b46:0:abba:14:1, 138.201.14.206
Connecting to svn.torproject.org 
(svn.torproject.org)|2a01:4f8:172:1b46:0:abba:14:1|:443... connected.
ERROR: cannot verify svn.torproject.org's certificate, issued by 
'CN=Let\'s Encrypt Authority X3,O=Let\'s Encrypt,C=US':
Unable to locally verify the issuer's authority.
To connect to svn.torproject.org insecurely, use 
`--no-check-certificate'.

Rgds

Paul

Am 05.12.2016 um 18:42 schrieb diffusae:
> Hi!
> 
> That's nice to hear.
> 
> RAM is also very good for tor relays. :-)
> 
> Maybe you want to change your version to tor-devel-0.2.9.5.a, if you
> don't done this already (e. g. portsnap fetch update && portmaster
> security/tor-devel).
> 
> Regards,
> 
> 
> On 05.12.2016 18:32, pa011 wrote:
>> Working :-)
>>
>> It looks like it was missing the Address in torrc. 
>> I added up some RAM before- that didn’t help.
>>
>> Ok, now I have time to follow up all your other recommendations in the 
>> coming days.
>>
>> Thank you all very much for your help!
>>
>> Best Regards 
>> Paul
>>
>> p.s. as it is finally that easy to get BSD running, hopefully more will 
>> follow in diversifying the tor world. 
>>
>>
>>>
>>> You might also want to try setting the "Address" knob.
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD - solved

[pa011]

Working :-)

It looks like it was missing the Address in torrc. 
I added up some RAM before- that didn’t help.

Ok, now I have time to follow up all your other recommendations in the coming 
days.

Thank you all very much for your help!

Best Regards 
Paul

p.s. as it is finally that easy to get BSD running, hopefully more will follow 
in diversifying the tor world. 


> 
> You might also want to try setting the "Address" knob.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

[pa011]

Rana, I don’t think ""submit a patch" needs any clarification.

Maybe you are a little bit to aggressive in your wording :-) ?

I do have a dynamic IP as well on one relay and do know that frustration.

Relax

Paul


Am 04.12.2016 um 19:23 schrieb Rana:
> Please clarify what you mean by "submit a patch". 
> 
> I am not one of Tor technical contributors, nor do I presume capability of 
> being one. I can only report my findings as a relay operator. Which I have 
> already done here, in full detail.
> 
> -Original Message-
> From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf 
> Of Sebastian Niehaus
> Sent: Sunday, December 04, 2016 7:05 PM
> To: tor-relays@lists.torproject.org
> Subject: Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
> 
> Am 04.12.2016 um 17:54 schrieb Rana:
> 
>> In short, if Tor Project does not want relays with dynamic IP, it 
>> should say so and I would stop wasting my time. Otherwise, Tor should 
>> fix what's broken.
> 
> Please submit a patch.
> 
> 
> Thanks.
> 
> 
> Crying about what tor shold do to please you seems not very productive.
> 
> 
> Sebastian
> 
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] security/tor ignores torrc Log setting?

[pa011]

Am 03.12.2016 um 17:13 schrieb nusenu:
> 
>> By default, FreeBSD's tor and tor-devel port want to store logs inside
>> /var/log/tor/ regardless of what you put in the /usr/local/etc/tor/torrc
>> file last I looked.
> 
> Are you sure? What security/tor package version was this?
> This never happened to me.

it was on tor-devel 0.2.7.6 :

Dec 01 20:15:11.099 [notice] Tor v0.2.7.6 (with bufferevents) running on 
FreeBSD with Libevent 2.0.22-stable, OpenSSL 1.0.1s-freebsd and Zlib 1.2.8.
Dec 01 20:15:11.099 [notice] Tor can't help you if you use it wrong! Learn how 
to be safe at https://www.torproject.org/download/download#warning
Dec 01 20:15:11.100 [notice] Read configuration file "/usr/local/etc/tor/torrc".
Dec 01 20:15:11.108 [notice] Opening Control listener on 127.0.0.1:9051
Dec 01 20:15:11.109 [notice] Opening OR listener on 0.0.0.0:1443
Dec 01 20:15:11.109 [notice] Opening Directory listener on 0.0.0.0:1080
Dec 01 20:15:11.000 [warn] Couldn't open file for 'Log notice file 
/var/log/tor/notices.log': Not a directory
Dec 01 20:15:11.000 [notice] Closing partially-constructed Control listener on 
127.0.0.1:9051
Dec 01 20:15:11.000 [notice] Closing partially-constructed OR listener on 
0.0.0.0:1443
Dec 01 20:15:11.000 [notice] Closing partially-constructed Directory listener 
on 0.0.0.0:1080

and the same on  tor 0.2.8.9:

if you put "Log notice file /var/log/tor/" in torrc you get [warn] Couldn't 
open file for 'Log notice file /var/log/tor/': Is a directory

if you change torrc to "Log notice file /var/log/tor/log" it runs trough 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD

[pa011]

Ok, as I am new to freeBSD some more questions please:

 [WARN] Your server (x.x.x.x.:4443) has not managed to confirm that its ORPort 
is reachable. Relays do not publish descriptors until their ORPort and DirPort 
are reachable.

What do I have to do  - how to best set-up a decent strong firewall on a 
freeBSD Exit?
Is there any further helpful documentation around apart from the freeBSD 
handbook to get my learning curve up more quickly?

The more detailed the better :-) - Thanks in advance 
Paul


Am 02.12.2016 um 01:00 schrieb diffusae:
> 
> See you ...
> 
> :-)
> 
> On 02.12.2016 00:57, pa011 wrote:
>> solved, as far as I can see now - maybe more tomorrow..
>>
>> Thank you very much gentlemen for your help :-) !!!
>>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD

[pa011]

solved, as far as I can see now - maybe more tomorrow..

Thank you very much gentlemen for your help :-) !!!



Am 02.12.2016 um 00:51 schrieb diffusae:
> ln -s /usr/local/bin/python2.7 /usr/local/bin/python
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD

[pa011]

Am 02.12.2016 um 00:32 schrieb George:
> On 12/01/16 18:25, pa011 wrote:
>>
>>
>> Am 02.12.2016 um 00:19 schrieb diffusae:
>>> Hi!
>>>
>>> On 02.12.2016 00:04, George wrote:
>>>> Installing security/arm is simple enough.
>>>>
>>>> pkg install arm
>>>
>>> Yes, that normally should solve your problem.
>>>
>>> I've recognized that the dependencies are on Tor v0.2.8.9.
>>> You can't install it with security/tor-devel?
>>>
>> After an update I got - Tor 0.2.9.4-alpha (git-8b0755c9bb296ae2)
>>
>> So you say I should better install tor instead of tor-devel?
> 
> What did you update?  I'm confused... were you running tor-0.2.8.9
> (stable in security/tor) and upgraded via pkg(8) and got tor-0.2.9.4
> which is security/tor-devel?
> 
> I tend to recommend security/tor-devel over security/tor, unless you
> can't regularly keep the package updated.  The alpha/devel branch will
> generally include the latest security fixes and counter-measures to
> surveillance.
> 
> And on a side note, OpenBSD is likely removing lsof from their ports
> tree (see ports@ from today), which is a dependency for the arm port,
> but will have it use fstat(1) instead IIRC.
> 
I started with tor-devel: 0.2.7.6 
did sudo pkg update && sudo pkg upgrade -y
and ended so at 0.2.9.4.a

But "sudo pkg install security/arm" now made:

py27-arm: 1.4.5.0_1
python27: 2.7.12
libffi: 3.2.1
py27-setuptools27: 23.1.0
tor: 0.2.8.9

Tor can be started now when putting #Log notice file /var/log/tor/log

Starting arm by just "arm" brings up "/usr/local/bin/arm: python: not found"

Rgds Paul




___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD

[pa011]

Am 02.12.2016 um 00:21 schrieb Michael Armbruster:
> On 2016-12-01 at 23:54, pa011 wrote:
>> There were some talks about network diversity recently, so I made up my mind 
>> and started a freeBSD server.
>>
>> On advice from here 
>> https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 I placed a 
>> line in the torrc file "Log notice file /var/log/tor/log" 
>>
>> Following these instructions from the TDP:
>>
>> "touch /var/log tor && chown _tor:_tor /var/log/tor && chmod 600 
>> /var/log/tor" 
> 
> As others already said, it should be "/var/log/tor" without a space and
> with a slash.
> 
> But for me, it looks like you are trying to store the logs in a file
> "/var/log/tor/log", so in a directory named "/var/log/tor". You should
> delete the file you created with the touch command and instead use
> "mkdir /var/log/tor", then change ownership and modify access rights via
> chmod.
> 
I thought it is similar to "Log notice file /var/log/tor/notices.log" in debian 
where you specify a single file.
So you Michael say in in freeBSD the torrc file is looking for a folder entry - 
I will try that tomorrow..
so it will be
"sudo mkdir /var/log/tor"
"sudo chown _tor:_tor /var/log/tor"
"sudo chmod 600 /var/log/tor" 

Rgds
Paul


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD

[pa011]

Am 02.12.2016 um 00:19 schrieb diffusae:
> Hi!
> 
> On 02.12.2016 00:04, George wrote:
>> Installing security/arm is simple enough.
>>
>> pkg install arm
> 
> Yes, that normally should solve your problem.
> 
> I've recognized that the dependencies are on Tor v0.2.8.9.
> You can't install it with security/tor-devel?
> 
After an update I got - Tor 0.2.9.4-alpha (git-8b0755c9bb296ae2)

So you say I should better install tor instead of tor-devel?

Regards Paul
 

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD

[pa011]

I did it with sudo, because it wasn’t privileged otherwise - this is the result 
using sudo

Am 02.12.2016 um 00:03 schrieb Marcel Krzystek:
> Then it's likely a permission issue. Have you tried running the command with 
> sudo? (Or in FreeBSD, you may need to run it as su).
> 
> 
> 
> On Thu, Dec 1, 2016 at 4:01 PM, pa011 <pa...@web.de <mailto:pa...@web.de>> 
> wrote:
> 
> I saw that and tried "touch /var/log/tor" - didn’t help ..
> 
> 
> Am 01.12.2016 um 23:57 schrieb Marcel Krzystek:
> > It appears you have a space in "touch /var/log tor" that should not be 
> there. Try "touch /var/log/tor" instead.
> >
> > On Thu, Dec 1, 2016 at 3:54 PM, pa011 <pa...@web.de 
> <mailto:pa...@web.de> <mailto:pa...@web.de <mailto:pa...@web.de>>> wrote:
> >
> > There were some talks about network diversity recently, so I made 
> up my mind and started a freeBSD server.
> >
> > On advice from here 
> https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 
> <https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431> 
> <https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 
> <https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431>> I placed 
> a line in the torrc file "Log notice file /var/log/tor/log"
> >
> > Following these instructions from the TDP:
> >
> > "touch /var/log tor && chown _tor:_tor /var/log/tor && chmod 600 
> /var/log/tor"
> >
> > found here: https://torbsd.github.io/fbsd-relays.html 
> <https://torbsd.github.io/fbsd-relays.html> 
> <https://torbsd.github.io/fbsd-relays.html 
> <https://torbsd.github.io/fbsd-relays.html>> I ended up getting this warning:
> >
> > "[warn] Couldn't open file for 'Log notice file /var/log/tor/log': 
> Permission denied"
> >
> > Maybe I am to tired today to find the mistake - what is wrong 
> please?
> >
> > Is there a good instruction elsewhere?
> >
> > Is it possible to install arm on freeBSD and if so could somebody 
> help me with the implementation please?
> >
> > Thanks
> >
> > Paul
> >
> >
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org 
> <mailto:tor-relays@lists.torproject.org> 
> <mailto:tor-relays@lists.torproject.org 
> <mailto:tor-relays@lists.torproject.org>>
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays> 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>>
> >
> >
> >
> >
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org>
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
> >
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org>
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
> 
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] network diversity with freeBSD

[pa011]

I saw that and tried "touch /var/log/tor" - didn’t help ..


Am 01.12.2016 um 23:57 schrieb Marcel Krzystek:
> It appears you have a space in "touch /var/log tor" that should not be there. 
> Try "touch /var/log/tor" instead.
> 
> On Thu, Dec 1, 2016 at 3:54 PM, pa011 <pa...@web.de <mailto:pa...@web.de>> 
> wrote:
> 
> There were some talks about network diversity recently, so I made up my 
> mind and started a freeBSD server.
> 
> On advice from here 
> https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 
> <https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431> I placed 
> a line in the torrc file "Log notice file /var/log/tor/log"
> 
> Following these instructions from the TDP:
> 
> "touch /var/log tor && chown _tor:_tor /var/log/tor && chmod 600 
> /var/log/tor"
> 
> found here: https://torbsd.github.io/fbsd-relays.html 
> <https://torbsd.github.io/fbsd-relays.html> I ended up getting this warning:
> 
> "[warn] Couldn't open file for 'Log notice file /var/log/tor/log': 
> Permission denied"
> 
> Maybe I am to tired today to find the mistake - what is wrong please?
> 
> Is there a good instruction elsewhere?
> 
> Is it possible to install arm on freeBSD and if so could somebody help me 
> with the implementation please?
> 
> Thanks
> 
> Paul
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org>
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 
> <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>
> 
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] network diversity with freeBSD

[pa011]

There were some talks about network diversity recently, so I made up my mind 
and started a freeBSD server.

On advice from here 
https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 I placed a 
line in the torrc file "Log notice file /var/log/tor/log" 

Following these instructions from the TDP:

"touch /var/log tor && chown _tor:_tor /var/log/tor && chmod 600 /var/log/tor" 

found here: https://torbsd.github.io/fbsd-relays.html I ended up getting this 
warning:

"[warn] Couldn't open file for 'Log notice file /var/log/tor/log': Permission 
denied"

Maybe I am to tired today to find the mistake - what is wrong please?

Is there a good instruction elsewhere?

Is it possible to install arm on freeBSD and if so could somebody help me with 
the implementation please?

Thanks 

Paul



0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Blocking PSN

[pa011]

You can contact them on the given snei-noc-ab...@am.sony.com and they will give 
you a list of attacked IPs.

Paul

Am 29.11.2016 um 14:48 schrieb SuperSluether:
> I keep getting Account Takeover Attempt abuses on my Tor exit, and I'm not 
> sure how to handle them:
> 
> It is most likely the attack traffic is directed at one of the following 
> endpoints:
> 
> account.sonyentertainmentnetwork.com
> auth.np.ac.playstation.net
> auth.api.sonyentertainmentnetwork.com
> auth.api.np.ac.playstation.net
> 
> These endpoints on our network are resolved by Geo DNS, so the IP addresses 
> they resolve to will depend on the originating IP address.
> 
> The destination port will be TCP 443.
> 
> 
> I used 'dig' and 'ping' to see what IP address the 4 endpoints resolved as, 
> and blocked the resulting addresses, but I'm still getting the abuse. The 
> Whois records show Sony and PSN owning 63.x.x.x, 64.x.x.x, 68.x.x.x, and 
> 108.x.x.x addresses, but the websites above resolve to 23.x.x.x, so either 
> the lists are incomplete or I'm doing something wrong.
> 
> Any ideas?
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] 33C3 Ticket

[pa011]

Looking to meet other Exits in Hamburg - just need a ticket :-)

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Is my relay affected by cve-2016-8860?

[pa011]

Thank you Nusenu for your list. 

Maybe you can add a Nickname column next time for all those, who have more than 
one hamster in the race.

Rgds Paul

Am 15.11.2016 um 22:17 schrieb nusenu:
> 
> https://blog.torproject.org/blog/tor-0289-released-important-fixes
> 
> 
> If you are unsure whether you are running a vulnerable tor relay, you
> can search your contact string on the following page (sorted by cw
> fraction):
> 
> 
> https://github.com/ornetstats/stats/blob/master/o/cve-2016-8860.txt
> (generated daily)
> 
> 
> If you are on that page you are likely running a vulnerable version
> (unless someone else is using your contactinfo as well)
> 
> 
> Unfortunately the opposite does not hold true - meaning you are not 100%
> safe if you are not listed
> (I tried to keep the false positives low for the price of a higher
> false-negative rate).
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] 33C3 Ticket

[pa011]

First poor round of selling is over - anybody holding more tickets than he 
needs already?

Would still take one :-)

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Abuses: Suspicious botnet ramnit attack

[pa011]

Hi,

got the abuse below on three different exits. Anybody having any idea what to 
do and how to possibly to stop this in the future?
Thanks Paul


CERT-EU has received information regarding an infected IP belonging to your
network, which may have security problems. The information regarding the 
problems
is also included as attachments in both CSV and XML formats. All timestamps are 
in
UTC.
At this time we do not have any more information.

Where:
- ASN: is the Autonomous System Number;
- IP:  the Internet Protocol address associated with this activity;
- TIME: discovery time of the malicious activity;
- PTR/DNAME: PTR/DNAME record
- CC: ISO 3166-1 alpha-2 two-letter country code;
- TYPE: type of the security problem or threat;

- INFO: provides any additional information, if 
available.asn|ip|time|ptr|cc|type|info|info2

ASx|xxx.xxx.xxx.xxx|25-10-2016 12:10:09Z|XX|botnet drone|Description: 
Ramnit botnet victim connection to sinkhole details, Timestamp : 1477397409.72, 
City : none, Count: 8, First Seen: 25-10-2016 12:10:09, Last Seen: 25-10-2016
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] DNS resolving -problem?

[pa011]

Got problems overnight. On all servers traffic died down and looks like below - 
what went wrong please?
Here is what I did:

apt-get install dnsmasq

/etc/resolv.conf
nameserver 127.0.0.1

/etc/dnsmasq.conf 
server=216.87.84.211 #open.nic us
server=84.200.69.80  #dns.watch us
server=84.200.70.40  #dns.watch us
server=194.150.168.168
server=62.113.203.99
server=188.165.200.156
server=5.9.49.12
server=193.183.98.154
server=46.101.89.89
cache-size=1
conf-file=usr/share/dnsmasq-base/trust-anchors.conf
dnssec
dnssec-check-unsigned


etc/init.d/dnsmasq restart

vnstat -h
 eth0
  ^ r   
  | rtrt  rt
  |  rt rt rt rt   rt rt rt   rt
  |  rt rt rt rt rt rt rt r   rt rt rtrtrt  
  |  rt rt rt rt rt rt rt rt r  r  r  rt rt rt rt rt rt rt  
  |  rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt   
  |  rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt   
  |  rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt   
  |  rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt   
  |  rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt   
 -+---> 
  |  12 13 14 15 16 17 18 19 20 21 22 23 00 01 02 03 04 05 06 07 08 09 10 11 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Why do 40% of Tor exits uses 8.8.8.8 for DNS resolving ?

[pa011]

These errors do only get up when starting "apt-get update" 
not when "dig ftp.de.debian.org" - this gets solved well.



Am 17.10.2016 um 19:00 schrieb pa011:
> Thank you Toralf for you instructions and kick again.
> 
> 
> Following those 
> 
>> [2] https://zwiebeltoralf.de/torserver.html
> 
> instruction do work but leave me with several unresolved queries:
> 
> »deb.torproject.org«
> »archive.ubuntu.com«
> »security.debian.org«
> »ftp.de.debian.org«
> 
> and a few more. What servers do I put in /etc/dnsmasq.conf to get this solved 
> best?
> 
> Thanks 
> Paul
>   
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Why do 40% of Tor exits uses 8.8.8.8 for DNS resolving ?

[pa011]

Thank you Toralf for you instructions and kick again.


Following those 

> [2] https://zwiebeltoralf.de/torserver.html

instruction do work but leave me with several unresolved queries:

»deb.torproject.org«
»archive.ubuntu.com«
»security.debian.org«
»ftp.de.debian.org«

and a few more. What servers do I put in /etc/dnsmasq.conf to get this solved 
best?

Thanks 
Paul
  
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] TOR Services on Microsoft Azure

[pa011]

I do see kind of stagnation compared to other Exits in the same time frame.

So I wondered what the connectivity is ? 
Its hard to find information about bandwidth and monthly traffic volume in 
regard to prices and location regarding Azure?


Am 12.10.2016 um 18:15 schrieb nusenu:
>> Update on my Azure-Exit:
>> https://atlas.torproject.org/#details/0534295ACFD5A84312183B41D3FB275E9ADD9EE2
>> It already has consensus weight 1200 after less than two weeks and its 
>> raising.
>> Everyone should use this option to give the TOR-Network a good push. After 
>> my 
>> free time has finished, i'll try to download an image of this Exit and 
>> create a 
>> second account on azure.
>> Technical question:
>> Could it be useful to save the keys and the fingerprint to use it on a "new" 
>> VPS 
>> to start with better performance?
> 
> Yes, keeping the key will help you retain (most/some of) your relay's
> reputation (assuming you are moving within the same AS with unchanged
> connectivity).
> 
> For security implications I recommend you read teor's answers in this
> thread:
> https://lists.torproject.org/pipermail/tor-relays/2016-September/010229.html
> 
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] ISP, Abuses , Intrusion Prevention etc.

[pa011]

My personal efforts over the last months as well as the recent discussion about 
Intrusion prevention showed, there are more and more ISP's not giving support 
any more for running Tor exits, either in not allowing new ones or even 
shutting down existing ones.

Sure there are still chances to find new inexperienced ISP's, which in the 
willing to increase their customer base give allowance to run an Exit. But only 
a few weeks later their wish to get rid of you again increases with the same 
speed as the stack of abuses rises.Finally you are out again and on the back of 
their terms not even able to get your unused money back.

Further doing it that way, is kind of leaving scorched earth behind you and not 
only yourself, but for Tor as a whole.

So there are at least two questions:

- what forces drive ISP's to behave like they do with abuses?
- maybe Exit volunteers and here especially the big ones could ask some 
questions to their ISP to get more light on this

I do refer to my old questions -still unanswered:

-is it just the more work for rather poor money 
handling(forwarding)
those abuses ?
- to whom else do ISP's have to report what they are doing with 
received
  abuses?
- must ISP's answer to the origin of the abuse?
- who is getting a copy of all that conversation(if at all)?
- can an ISP loose its license (with too many or badly handled 
abuses)?
- are there any regulatory burdens for them - if so which ones?
- are ISP's treated different in different parts of the world?

- could there in the medium therm changes be made the way Tor operates to bring 
down the non linear increase of abuses

Support terribly needed and appreciated!

Paul

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Digital Ocean - running Exit node locked

[pa011]

True, about 40 Exits as of my count yesterday...

The back of that medal - concentration on only a few big providers gets 
resolved that way :-) 

Paul

Am 09.10.2016 um 11:57 schrieb Markus Koch:
> Thats really really bad news. Over 400 Digitalocean relays out there :(
> 
> Markus
> 
> 2016-10-09 11:44 GMT+02:00 pa011 <pa...@web.de>:
>> OK further bad news, Exit shut down by DO yesterday.
>> Here the latest statement from them:
>>
>> "Additionally, we are not allowing further TOR exit nodes on our 
>> infrastructure - they generate a large amount of abuse, are used for various 
>> illegal activities, and attract a large number of DDoS attacks.
>>
>> You're more than welcome to run bridges, obfs proxies, and relays, but 
>> running an exit node is at your own risk, and sufficient abuse may result in 
>> suspension of service."
>>
>>
>>
>>
>> Am 08.10.2016 um 05:00 schrieb Alecks Gates:
>>> I'm running on DO as well with the reduced exit policy and have had
>>> about five complaints in 2 months.  DO certainly appears to be getting
>>> less and less happy.  I'm glad to know it's not just me, though.
>>>
>>> Hopefully a curated list of IPs to reject will help a lot.  Thanks for
>>> the link to tornull.
>>>
>>> Exit Node fingerprints:
>>> E553AC1CA05365EA218D477C2FF4C48986919D07
>>> 889550CB9C98CF172CB977AA942B77E9759056C2
>>>
>>> Alecks
>>>
>>> On 10/07/2016 07:04 PM, Matthew Finkel wrote:
>>>> On Sat, Oct 08, 2016 at 12:16:39AM +0200, Markus Koch wrote:
>>>>> 2016-10-08 0:09 GMT+02:00 Tristan <supersluet...@gmail.com>:
>>>>>> This page has 3 policies: Reduce exit policy, reduced-reduced exit 
>>>>>> policy,
>>>>>> and a lightweight example policy.
>>>>>>
>>>>>> https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
>>>>>>
>>>>>>
>>>>>> On Oct 7, 2016 5:01 PM, "Markus Koch" <niftybu...@googlemail.com> wrote:
>>>>>>>
>>>>>>> reduced-reduced exit policy. ?
>>>>>>>
>>>>>>> Illuminate me, pls.
>>>>>>>
>>>>> Thank you both!
>>>>>
>>>>> Will try https://tornull.org. Perhaps it helps.
>>>>>
>>>>> Markus
>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Digital Ocean - running Exit node locked

[pa011]

OK further bad news, Exit shut down by DO yesterday.
Here the latest statement from them:

"Additionally, we are not allowing further TOR exit nodes on our infrastructure 
- they generate a large amount of abuse, are used for various illegal 
activities, and attract a large number of DDoS attacks.

You're more than welcome to run bridges, obfs proxies, and relays, but running 
an exit node is at your own risk, and sufficient abuse may result in suspension 
of service."




Am 08.10.2016 um 05:00 schrieb Alecks Gates:
> I'm running on DO as well with the reduced exit policy and have had
> about five complaints in 2 months.  DO certainly appears to be getting
> less and less happy.  I'm glad to know it's not just me, though.
> 
> Hopefully a curated list of IPs to reject will help a lot.  Thanks for
> the link to tornull.
> 
> Exit Node fingerprints:
> E553AC1CA05365EA218D477C2FF4C48986919D07
> 889550CB9C98CF172CB977AA942B77E9759056C2
> 
> Alecks
> 
> On 10/07/2016 07:04 PM, Matthew Finkel wrote:
>> On Sat, Oct 08, 2016 at 12:16:39AM +0200, Markus Koch wrote:
>>> 2016-10-08 0:09 GMT+02:00 Tristan :
 This page has 3 policies: Reduce exit policy, reduced-reduced exit policy,
 and a lightweight example policy.

 https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy


 On Oct 7, 2016 5:01 PM, "Markus Koch"  wrote:
>
> reduced-reduced exit policy. ?
>
> Illuminate me, pls.
>
>>> Thank you both!
>>>
>>> Will try https://tornull.org. Perhaps it helps.
>>>
>>> Markus


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Digital Ocean - running Exit node locked

[pa011]

Thanks Markus - you are obviously well experienced with them :-)
We should meet some day and share this and others..

Paul

Am 07.10.2016 um 23:33 schrieb Markus Koch:
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> They will kick you after 2-3 months. Delete account, make new account.
> Welcome to DigitalOcean!
> 
> Markus
> 
> 
> 2016-10-07 23:23 GMT+02:00 pa011 <pa...@web.de>:
>> Seems like even DO is not very much in favour of running Exits any more ?
>>
>> Anybody made the same experience - how to handle this please ?
>>
>> Thanks and Regards
>> Paul
>>
>>
>> "Hello -Although we do not specifically disallow TOR exit nodes, as the 
>> account holder you are responsible for all the traffic going through your 
>> droplet (including traffic that an exit node may generate).
>>
>> Also be aware that we do not allow some of the traffic types that come out 
>> of a typical TOR exit node (torrents, spam, SSH probes, hacking attempts, 
>> botnets, DDoS, etc).
>>
>> If you are unable to stop this sort of traffic, please reconsider running a 
>> TOR exit node as it may lead to your account suspension or termination.
>>
>> Please refer to our Terms of Service for greater detail on this issue: 
>> https://www.digitalocean.com/legal/terms/
>>
>> Best,
>>
>> DigitalOcean Support "
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Digital Ocean - running Exit node locked

[pa011]

Seems like even DO is not very much in favour of running Exits any more ?

Anybody made the same experience - how to handle this please ?

Thanks and Regards 
Paul


"Hello -Although we do not specifically disallow TOR exit nodes, as the account 
holder you are responsible for all the traffic going through your droplet 
(including traffic that an exit node may generate).

Also be aware that we do not allow some of the traffic types that come out of a 
typical TOR exit node (torrents, spam, SSH probes, hacking attempts, botnets, 
DDoS, etc).

If you are unable to stop this sort of traffic, please reconsider running a TOR 
exit node as it may lead to your account suspension or termination.

Please refer to our Terms of Service for greater detail on this issue: 
https://www.digitalocean.com/legal/terms/

Best,

DigitalOcean Support "
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] new warn message: Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.

[pa011]

Am 07.10.2016 um 20:20 schrieb Green Dream:
> One of my guard relays has a few entries on Oct 06 also:
> 
>   Oct 06 09:04:00.000 [warn] Duplicate rendezvous cookie in
> ESTABLISH_RENDEZVOUS.
>   Oct 06 09:04:00.000 [warn] Duplicate rendezvous cookie in
> ESTABLISH_RENDEZVOUS.
>   Oct 06 10:17:30.000 [warn] Duplicate rendezvous cookie in
> ESTABLISH_RENDEZVOUS.
> 
> Times are in UTC. Logs on this machine go back to Oct 03 but those are
> the only occurrences. My other guard relay with nearly identical specs
> and CW doesn't have these entries.


Several of those warnings here as well on Oct 06 - on exit as on non exit - at 
different times
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

[pa011]

Am 04.10.2016 um 18:24 schrieb krishna e bera:
> What if someone who doesnt like Tor project is deliberately accessing
> honeypots in order to get exit nodes shut down?

That seems kind of easy, because there are some certain spots where you can 
assume those pots to be and depending on the response of the host of the 
honeypot more or less pressure on the ISP could arise

> We need to establish some sort of legal or political solidarity to tell
> ISPs to be net neutral with us. 

I still cant judge the pressure and burdens apart from economical on ISP side. 
In June I asked here those questions which still didn’t find an answer:

- is it just the more work for rather poor money handling(forwarding)
those abuses ?
- to whom else does he have to report what he is doing with the gotten
abuses?
- must he answer to the origin of the abuse?
- who is getting a copy of them(if at all)?
- can he loose his license as a ISP (with to many or badly handled abuses)?
- are there any regulatory burdens for them - if so which ones?
- are ISP's treated different in different parts of the world?

> It is not our problem if someone uses
> the telecom network to read/write data to a vulnerable server - it is
> the vulnerable server's problem to fix. The ISP (and Tor network) are
> only responsible for delivering the packets and handling abuse of
> *network* resources such as DDoS - content is irrelevant.
> 
> Tor publishes exit node ip addresses so that destinations that dont want
> to deal with anonymous traffic can block it.  Did you try these answers:
> https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates

I only shortly began to send a copy of my response not only to the ISP, but 
also to the sender of the abuse - how do other people here handle this? 
Obviously the attacked target needs an other explanation as the ISP.

> 
> 
> On 04/10/16 12:01 PM, pa011 wrote:
>> Me too Markus -could fill a folder with that tax issue :-((
>> Costing a lot of time to answer and restrict the IPs
>>
>> Plus my ISP moaning with good reason: "It's not just about you, but you're 
>> giving a bad reputation to one /21 and one /22 subnet. That's ~ 3000 IPs 
>> which are potentionaly endagered to be marked as source of malicious content 
>> / blacklisted / whatever ... so you see, this is quite critical for us."
>>
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

[pa011]

Yes its ISP - plus 10 times more fire-power both, Markus and me 
which is 10 times more work, sadly :-(


Am 04.10.2016 um 18:12 schrieb Markus Koch:
> Short answer: ISP
> 
> I got 2 abuse mails (1 false positive) from Hostwinds in 4 months and
> I get weekly mass reports from DigitalOcean.
> And the thing that pisses me off is: Its all bots or Tax spam or other
> stuff I got weeks/months ago. Different day, same shitty abuse mail.
> 
> Markus
> 
> 
> 2016-10-04 18:03 GMT+02:00 Tristan <supersluet...@gmail.com>:
>> I don't know what I'm doing different, because I only got 2 complaints in
>> the last 2 months, and that was for SSH and SQL stuff.
>>
>>
>> On Oct 4, 2016 11:01 AM, "pa011" <pa...@web.de> wrote:
>>>
>>> Me too Markus -could fill a folder with that tax issue :-((
>>> Costing a lot of time to answer and restrict the IPs
>>>
>>> Plus my ISP moaning with good reason: "It's not just about you, but you're
>>> giving a bad reputation to one /21 and one /22 subnet. That's ~ 3000 IPs
>>> which are potentionaly endagered to be marked as source of malicious content
>>> / blacklisted / whatever ... so you see, this is quite critical for us."
>>>
>>> Am 04.10.2016 um 17:48 schrieb Markus Koch:
>>>> same shit here:
>>>>
>>>> Dear User,
>>>> We are contacting you because of unusual activity coming from your IP
>>>> address towards the IT infrastructure of the European Commission.
>>>> In specific, since 03/10/2016, IP addresses 95.85.45.159 &
>>>> 104.236.225.19 of Digital Ocean, located in the Netherlands (NL) and
>>>> the USA respectively, have submitted a significantly large number of
>>>> invalid VAT number requests as compared to the total number of
>>>> requests (89,59% & 89,96% respectively) towards VAT numbers from a
>>>> multiple of EU member States (MS) through the VIES on the Web service
>>>> (http://ec.europa.eu/taxation_customs/vies/). For more information on
>>>> Invalid VAT number requests please refer to FAQ, questions 7, 11, 12,
>>>> 13 and 20 of the VIES on the WEB site
>>>> (http://ec.europa.eu/taxation_customs/vies/faq.html).
>>>> The scope of our team is to monitor on a daily basis the performance
>>>> of the VIES-on-the-Web (VoW) service in order to ensure its
>>>> performance in accordance with the standards agreed upon between EU's
>>>> Directorate General for Taxation and Customs Union (DG TAXUD) and the
>>>> EU Member States.
>>>> Our objective is to secure constant and uninterrupted availability and
>>>> flow of traffic (requests for VAT validation) at all times.
>>>> Under this framework, our team intervenes whenever there is out of the
>>>> ordinary, unusual and potentially suspicious use of the system that
>>>> violates the rules of use as they are stated in the Specific
>>>> disclaimer for this service, which is available at the VoW site
>>>> (http://ec.europa.eu/taxation_customs/vies/disclaimer.html).
>>>> Consequently, in order to allow flawless use of the service, we were
>>>> obliged to block the access to VIES on the Web for the IP address
>>>> 88.198.110.130.
>>>> Following our action, we would like to know if you are aware of this
>>>> situation. Furthermore, your cooperation and contribution is necessary
>>>> in order to determine the reason for this occurrence.
>>>> Please inform us if this behaviour is normal and if such, how often it
>>>> should occur; we would then take action to unblock the traffic coming
>>>> from the corresponding IP address assuming you will agree to follow a
>>>> set ITSM VIES/Web Team
>>>> "ITSM2 is a contracted support partner for the IT Service Management
>>>> of the European Commission.
>>>> This e-mail is a reply to your message sent to the
>>>> taxud-vies...@ec.europa.eu<mailto:taxud-vies...@ec.europa.eu> e-mail.
>>>> Answers provided by the contactor are on behalf and according to
>>>> policy guidelines of DG TAXUD, but not binding for the European
>>>> Commission."
>>>>
>>>> I am so done with it, I added
>>>>
>>>> ExitPolicy reject 147.67.136.103 # TAX SPAM
>>>> ExitPolicy reject 147.67.136.21  # TAX SPAM
>>>> ExitPolicy reject 147.67.119.103  # TAX SPAM
>>>> ExitPolicy reject 147.67.119.3  # TAX SPAM
>>>> Ex

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

[pa011]

Me too Markus -could fill a folder with that tax issue :-((
Costing a lot of time to answer and restrict the IPs

Plus my ISP moaning with good reason: "It's not just about you, but you're 
giving a bad reputation to one /21 and one /22 subnet. That's ~ 3000 IPs which 
are potentionaly endagered to be marked as source of malicious content / 
blacklisted / whatever ... so you see, this is quite critical for us."

Am 04.10.2016 um 17:48 schrieb Markus Koch:
> same shit here:
> 
> Dear User,
> We are contacting you because of unusual activity coming from your IP
> address towards the IT infrastructure of the European Commission.
> In specific, since 03/10/2016, IP addresses 95.85.45.159 &
> 104.236.225.19 of Digital Ocean, located in the Netherlands (NL) and
> the USA respectively, have submitted a significantly large number of
> invalid VAT number requests as compared to the total number of
> requests (89,59% & 89,96% respectively) towards VAT numbers from a
> multiple of EU member States (MS) through the VIES on the Web service
> (http://ec.europa.eu/taxation_customs/vies/). For more information on
> Invalid VAT number requests please refer to FAQ, questions 7, 11, 12,
> 13 and 20 of the VIES on the WEB site
> (http://ec.europa.eu/taxation_customs/vies/faq.html).
> The scope of our team is to monitor on a daily basis the performance
> of the VIES-on-the-Web (VoW) service in order to ensure its
> performance in accordance with the standards agreed upon between EU's
> Directorate General for Taxation and Customs Union (DG TAXUD) and the
> EU Member States.
> Our objective is to secure constant and uninterrupted availability and
> flow of traffic (requests for VAT validation) at all times.
> Under this framework, our team intervenes whenever there is out of the
> ordinary, unusual and potentially suspicious use of the system that
> violates the rules of use as they are stated in the Specific
> disclaimer for this service, which is available at the VoW site
> (http://ec.europa.eu/taxation_customs/vies/disclaimer.html).
> Consequently, in order to allow flawless use of the service, we were
> obliged to block the access to VIES on the Web for the IP address
> 88.198.110.130.
> Following our action, we would like to know if you are aware of this
> situation. Furthermore, your cooperation and contribution is necessary
> in order to determine the reason for this occurrence.
> Please inform us if this behaviour is normal and if such, how often it
> should occur; we would then take action to unblock the traffic coming
> from the corresponding IP address assuming you will agree to follow a
> set ITSM VIES/Web Team
> "ITSM2 is a contracted support partner for the IT Service Management
> of the European Commission.
> This e-mail is a reply to your message sent to the
> taxud-vies...@ec.europa.eu<mailto:taxud-vies...@ec.europa.eu> e-mail.
> Answers provided by the contactor are on behalf and according to
> policy guidelines of DG TAXUD, but not binding for the European
> Commission."
> 
> I am so done with it, I added
> 
> ExitPolicy reject 147.67.136.103 # TAX SPAM
> ExitPolicy reject 147.67.136.21  # TAX SPAM
> ExitPolicy reject 147.67.119.103  # TAX SPAM
> ExitPolicy reject 147.67.119.3  # TAX SPAM
> ExitPolicy reject 147.67.136.3  # TAX SPAM
> ExitPolicy reject 147.67.119.21  # TAX SPAM
> 
> Thats going on for months now and by all means, this is not free speech ...
> 
> Markus.
> 
> 
> 
> 2016-10-04 17:42 GMT+02:00 pa011 <pa...@web.de>:
>> Am 04.10.2016 um 16:48 schrieb krishna e bera:
>>> On 04/10/16 08:48 AM, pa011 wrote:
>>>> One of my main ISP is going mad with the number of abuses he gets from my 
>>>> Exits (currently most on port 80).
>>>> He asks me to install "Intrusion Prevention System Software" or shutting 
>>>> down the servers.
>>>
>>> You can first ask him for a copy of the complaints in order to
>>> understand what sort of alleged abuses are taking place.  Are the
>>> complaints about spam or scraping or web server exploits or something else?
>>
>> I do get a copy of every complaint - they are unfortunately:
>>
>> - Http browser intrucion  - 
>> /var/log/apache2/other_vhosts_access.log:soldierx.com:80 xxx.xxx.xxx.xxx - - 
>> [30/Sep/2016:11:14:34 -0400] "HEAD / HTTP/1.0" 302 192 "-" "Mozilla/5.0 
>> (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"
>>
>> - invalid VAT number requests
>>
>> -recorded connection attempt(s) from your hosts to our honeypots
>>
>> - Issue: Source has attempted the following botnet activity: Semalt Referrer 
>&

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

[pa011]

Am 04.10.2016 um 16:48 schrieb krishna e bera:
> On 04/10/16 08:48 AM, pa011 wrote:
>> One of my main ISP is going mad with the number of abuses he gets from my 
>> Exits (currently most on port 80). 
>> He asks me to install "Intrusion Prevention System Software" or shutting 
>> down the servers.
> 
> You can first ask him for a copy of the complaints in order to
> understand what sort of alleged abuses are taking place.  Are the
> complaints about spam or scraping or web server exploits or something else?

I do get a copy of every complaint - they are unfortunately:

- Http browser intrucion  - 
/var/log/apache2/other_vhosts_access.log:soldierx.com:80 xxx.xxx.xxx.xxx - - 
[30/Sep/2016:11:14:34 -0400] "HEAD / HTTP/1.0" 302 192 "-" "Mozilla/5.0 
(Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12"

- invalid VAT number requests

-recorded connection attempt(s) from your hosts to our honeypots

- Issue: Source has attempted the following botnet activity: Semalt Referrer
Spam Tor Exit Bot

- botnet drone|Description: Ramnit botnet victim connection to sinkhole details,

- attackers used the method/service: *imap*

> You can change your exit policy to reduce likelihood of complaints:
> https://blog.torproject.org/blog/tips-running-exit-node

I know, but I hardly like to block port 80

>> As far as I understand implementing such a software is not going together 
>> with Tor - am I right?
> 
> If your exit nodes tamper with traffic in any way they will be labelled
> as Bad Exit. (Tor tries to be net neutral.)
> https://trac.torproject.org/projects/tor/wiki/doc/badRelays
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Intrusion Prevention System Software - Snort or Suricata

[pa011]

One of my main ISP is going mad with the number of abuses he gets from my Exits 
(currently most on port 80). 
He asks me to install "Intrusion Prevention System Software" or shutting down 
the servers.
He personally recommends Snort or Suricata.

As far as I understand implementing such a software is not going together with 
Tor - am I right?
Somebody having same or any experience?

Thanks Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] "Potentially dangerous relay groups"

[pa011]

Am 27.09.2016 um 19:37 schrieb nusenu:
> pa...@web.de wrote:
>> there is that list of "potentially_dangerous_relaygroups" you published.
>> Could yo please emphasize a bit more on what brings a relay on that list, 
>> apart from incorrect given MyFamily which doesnt seem to be always the case.
>> I mean I see quite a few well respected names on that list ?
> 
> 
> to quote from https://github.com/ornetstats/stats
> (1) "dangerous" in the sense that a tor client might has a chance to
> use more than one of these relays in a single circuit
> (2) these relays are aggregated based on contact information
> (3) if their groupsize is bigger than their effective family size
> and they are operated in more than one /16 network block they are listed
> (4) this list might contain false-positives (contact information is
> not authenticated)
> 
> Does that answer your question?
> 
> I probably should also filter entries where two out of guard_prob,
> middle_prob and exit_prob are 0 since that means that (1) is never the
> case - iff onionoo is right about these probabilities.

nusenu,

great respect of your work at first and thank you for the answer provided as 
well.

It - plus the follow up from that many contributors - did answer my questions 
apart from two left:

- should only Markus be contacted instead of lets say at least all the folks 
with more than 2 notes to make them aware?
- how could it take nearly a week for that serious discussion to start?

I tend to agree with what has been written "I am in favour of a scheme where 
the process of joining a family is 
authenticated." Personally I will correct my entries soon to get me off that 
list :-)


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] [OrNetRadar] niftybunny Digital Ocean 2016-09-22

[pa011]

Hi nusenu,

there is that list of "potentially_dangerous_relaygroups" you published.
Could yo please emphasize a bit more on what brings a relay on that list, apart 
from incorrect given MyFamily which doesnt seem to be always the case.
I mean I see quite a few well respected names on that list ?

Thank you

Paul


Am 23.09.2016 um 11:30 schrieb nusenu:
> Hi Markus,
> 
> according to your contactinfo observed on the tor network, you run 21
> relays, please consider fixing your MyFamily setting, especially because
> you run non-exit and exits.
> 
> thanks,
> nusenu
> 
> https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt
> 
> ornetra...@riseup.net wrote:
>> 2016-09-22
>> ---
>> Up|Ext|JoinTime| IP  | CC | ORp   | Dirp  |Version   | 
>> ContactInfo| Nickname | eFamlen 
>> ---
>> 1 | 0 |14:51:30| 188.166.63.113  | nl | 443   | 80|0.2.8.7   | 
>> niftybu...@googlemail.com | cairospinymouse | 1 
>> 1 | 0 |15:07:01| 95.85.45.159| nl | 443   | 80|0.2.8.7   | 
>> niftybu...@googlemail.com | mullahspinymouse | 1 
>> 1 | 0 |15:24:30| 138.197.129.153 | ca | 443   | 80|0.2.8.7   | 
>> niftybu...@googlemail.com | capespinymouse | 1 
> 
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Strange difference between rx and tx traffic

[pa011]

On one of my recently started Exits I do see a rather huge and increasing 
difference between in and out traffic that I don see on any other Exit so far.
The rise doesn’t seem to be linear..

Any explanation for that - or can it just be on the back of a not fixed 
repetitive warning?

Sep 27 06:42:46.000 [warn] eventdns: All nameservers have failed
Sep 27 06:42:46.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up

Thanks 
Paul


 eth0  /  daily

 day rx  | tx  |total|   avg. rate
 +-+-+---
 11.09.2016   539,96 MiB |   88,50 MiB |  628,47 MiB |   59,59 kbit/s
 12.09.2016 1,47 GiB |1,06 GiB |2,53 GiB |  245,60 kbit/s
 13.09.201610,03 GiB |9,86 GiB |   19,89 GiB |1,93 Mbit/s
 14.09.201617,35 GiB |   16,69 GiB |   34,04 GiB |3,30 Mbit/s
 15.09.201653,11 GiB |   51,59 GiB |  104,70 GiB |   10,17 Mbit/s
 16.09.201699,08 GiB |   96,87 GiB |  195,96 GiB |   19,03 Mbit/s
 17.09.2016   144,45 GiB |  140,66 GiB |  285,12 GiB |   27,68 Mbit/s
 18.09.2016   190,05 GiB |  184,50 GiB |  374,55 GiB |   36,36 Mbit/s
 19.09.2016   231,95 GiB |  223,90 GiB |  455,86 GiB |   44,26 Mbit/s
 20.09.2016   291,30 GiB |  282,25 GiB |  573,55 GiB |   55,69 Mbit/s
 21.09.2016   343,19 GiB |  332,33 GiB |  675,52 GiB |   65,59 Mbit/s
 22.09.2016   347,57 GiB |  329,66 GiB |  677,22 GiB |   65,75 Mbit/s
 23.09.2016   388,91 GiB |  373,21 GiB |  762,13 GiB |   74,00 Mbit/s
 24.09.2016   381,35 GiB |  361,64 GiB |  742,99 GiB |   72,14 Mbit/s
 25.09.2016   391,60 GiB |  364,34 GiB |  755,94 GiB |   73,39 Mbit/s
 26.09.2016   374,59 GiB |  337,81 GiB |  712,40 GiB |   69,17 Mbit/s
 27.09.2016   144,06 GiB |  131,67 GiB |  275,73 GiB |   70,89 Mbit/s
 +-+-+---
 estimated382,03 GiB |  349,18 GiB |  731,21 GiB |
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Moving multiple instances to another VPS

[pa011]

Thank you both.

@Tim: You would kind of argue, that the advantage of carrying the old keys to 
the new machine is not that important (to keep old level of traffic from start) 
and that it might be even better to start from scratch?

Paul


Am 12.09.2016 um 03:53 schrieb teor:

> In Debian, using tor-instance-create and systemd, there is a separate 
> directory, /var/lib/tor-instances
> You'll need to copy both /var/lib/tor and /var/lib/tor-instances to preserve 
> the keys, and /etc/tor to preserve the configs.
> 
> That said, please consider rotating keys when you move (that is, only copying 
> /etc/tor).
> 
> If your old relay or those keys were ever compromised, you'll have a fresh 
> start.
> And even if it wasn't, some of your network reputation will be reset when you 
> move IP addresses anyway.
> 
> Tim
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Moving multiple instances to another VPS

[pa011]

I have to move a multiple instances Exit from one VPS to another.

Apart from creating the same instances on the new machine with 
**tor-instance-create** I would then just copy the whole directory 
/var/lib/tor/keys to the new VPS - or should I copy all /var/lib/tor/ to not 
miss anything from the original one?

Am I miss anything else?

Thanks 

Paul


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] [WARN] Remote server sent bogus reason code 65021

[pa011]

Looks like this is solved and belonged to not open ports
Sorry for the hassle

Paul



Am 16.08.2016 um 18:34 schrieb pa011:
> Just established a new Exit with two instances on (Linux 3.16.0-4-amd64) ,Tor 
> 0.2.8.6  
> 
> On the second instance I get these warnings:
> 
> [WARN] Remote server sent bogus reason code 65021 [21 duplicates hidden]
> [WARN] Remote server sent bogus reason code 65023  [95 duplicates hidden]
> [NOTICE] Have tried resolving or connecting to address '[scrubbed]' at 3 
> different places. Giving up. [40 duplicates hidden]
> 
> The code65023 is ticking up by one in about 10 seconds?
> 
> The default instance is free of that.
> 
> Anything to worry about?
> 
> Thanks
> 
> Paul
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] [WARN] Remote server sent bogus reason code 65021

[pa011]

Just established a new Exit with two instances on (Linux 3.16.0-4-amd64) ,Tor 
0.2.8.6  

On the second instance I get these warnings:

[WARN] Remote server sent bogus reason code 65021 [21 duplicates hidden]
[WARN] Remote server sent bogus reason code 65023  [95 duplicates hidden]
[NOTICE] Have tried resolving or connecting to address '[scrubbed]' at 3 
different places. Giving up. [40 duplicates hidden]

The code65023 is ticking up by one in about 10 seconds?

The default instance is free of that.

Anything to worry about?

Thanks

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org

[pa011]

Hi Peter,

sorry was off a week and couldn’t answer: 

/run/systemd/generator/tor.service.wants/tor@tor2.service
/run/systemd/generator/tor.service.wants/tor@default.service

Anyway with "steady hand" the system seems to have repaired itself in between. 
I updated my other multi-instance exits today without any problems to 0.2.8.6.

Thank you !

Paul


Am 07.08.2016 um 00:58 schrieb Peter Palfrader:
> find /run/systemd -name 'tor@*'
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org

[pa011]

The only instance in /etc/tor/instances/ is tor2 
There is no tor and nothing else in that directory

And I do have a torrc file in /etc/tor/

Best Regards

Paul



Am 06.08.2016 um 22:30 schrieb Peter Palfrader:
> On Sat, 06 Aug 2016, pa011 wrote:
> 
>> Actually not - you are right Alexander!
>> But then the question are:
>>
>> - why do I need a user "_tor-tor" since the last update, when I didn’t need 
>> that before
>> - why is it not self creating
>> - what do I have to do - really creating "_tor-tor" with the same privileges 
>> as "_tor-tor2"?
> 
> My guess is you manually created an /etc/tor/instances/tor next to your
> tor2.  That's not the default instance that's failing here.
> 
> From your logs, you don't appear to have a default service.  Do you not
> have a /etc/tor/torrc?
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org

[pa011]

Actually not - you are right Alexander!
But then the question are:

- why do I need a user "_tor-tor" since the last update, when I didn’t need 
that before
- why is it not self creating
- what do I have to do - really creating "_tor-tor" with the same privileges as 
"_tor-tor2"?

Thanks

Paul


Am 06.08.2016 um 15:49 schrieb Alexander Dietrich:
> The error message "Ungültiger Anwender „_tor-tor“" appears several times in 
> your log, while there are no error messages about user "_tor-tor2". Does the 
> first user exist?
> 
> Best regards,
> Alexander
> ---
> PGP Key: https://dietrich.cx/pgp | 0x52FA4EE1722D54EB
> 
> On 2016-08-06 14:56, pa011 wrote:
>> Thank you Michael for your hint - corrected that, but still having
>> that problem with main instance not running:
>>
>> Aug  6 14:30:02  systemd-sysctl[142]: Failed to write '10 # to reboot
>> after kernel panic' to '/proc/sys/kernel/panic': Invalid argument
>> Aug  6 14:30:02  systemd[1]: systemd-sysctl.service: main process
>> exited, code=exited, status=1/FAILURE
>> Aug  6 14:30:02  systemd[1]: Failed to start Apply Kernel Variables.
>> Aug  6 14:30:02  systemd[1]: Unit systemd-sysctl.service entered failed 
>> state.
>> Aug  6 14:30:02  kbd[135]: Setting console screen modes.
>> Aug  6 14:30:02  kbd[135]: setterm: $TERM ist nicht festgelegt.
>> Aug  6 14:30:02  keyboard-setup[158]: Setting preliminary keymap...done.
>> Aug  6 14:30:02  netfilter-persistent[277]: run-parts: executing
>> /usr/share/netfilter-persistent/plugins.d/15-ip4tables start
>> Aug  6 14:30:02  netfilter-persistent[277]: run-parts: executing
>> /usr/share/netfilter-persistent/plugins.d/25-ip6tables start
>> Aug  6 14:30:02  console-setup[220]: Setting up console font and 
>> keymap...done.
>> Aug  6 14:30:02  networking[297]: Configuring network interfaces...done.
>> Aug  6 14:30:02  rpcbind[399]: Starting rpcbind daemon
>> Aug  6 14:30:02  rpc.statd[416]: Version 1.2.8 starting
>> Aug  6 14:30:02  sm-notify[417]: Version 1.2.8 starting
>> Aug  6 14:30:02  nfs-common[411]: Starting NFS common utilities: statd 
>> idmapd.
>> Aug  6 14:30:02  atd[433]: Cannot change to /var/spool/cron/atjobs: No
>> such file or directory
>> Aug  6 14:30:02  install[431]: /usr/bin/install: Ungültiger Anwender 
>> „_tor-tor“
>> Aug  6 14:30:02  sysstat[445]: Starting the system activity data
>> collector: sadc.Aug  6 14:30:02  systemd[1]: tor@tor.service: control
>> process exited, code=exited status=1
>> Aug  6 14:30:02  systemd[1]: Failed to start Anonymizing overlay
>> network for TCP (instance tor).
>> Aug  6 14:30:02  systemd[1]: Unit tor@tor.service entered failed state.
>> Aug  6 14:30:02  systemd[1]: atd.service: main process exited,
>> code=exited, status=1/FAILURE
>> Aug  6 14:30:02  systemd[1]: Unit atd.service entered failed state.
>> Aug  6 14:30:02  sed[481]: DataDirectory /var/lib/tor-instances/tor2
>> Aug  6 14:30:02  sed[481]: PidFile /var/run/tor-instances/tor2/tor.pid
>> Aug  6 14:30:02  sed[481]: RunAsDaemon 0
>> Aug  6 14:30:02  sed[481]: User _tor-tor2
>> Aug  6 14:30:02  sed[481]: SyslogIdentityTag tor2
>> Aug  6 14:30:02  sed[481]: ControlSocket
>> /var/run/tor-instances/tor2/control GroupWritable RelaxDirModeCheck
>> Aug  6 14:30:02  sed[481]: SocksPort
>> unix:/var/run/tor-instances/tor2/socks WorldWritable
>> Aug  6 14:30:02  sed[481]: CookieAuthentication 1
>> Aug  6 14:30:02  sed[481]: CookieAuthFileGroupReadable 1
>> Aug  6 14:30:02  sed[481]: CookieAuthFile
>> /var/run/tor-instances/tor2/control.authcookie
>> Aug  6 14:30:02  sed[481]: Log notice syslog
>> Aug  6 14:30:03  acpid: starting up with netlink and the input layer
>> Aug  6 14:30:03  acpid: 1 rule loaded
>> Aug  6 14:30:03  acpid: waiting for events: event logging is off
>> Aug  6 14:30:03  install[491]: /usr/bin/install: Ungültiger Anwender 
>> „_tor-tor“
>> Aug  6 14:30:03  systemd[1]: tor@tor.service: control process exited,
>> code=exited status=1
>> Aug  6 14:30:03  systemd[1]: Failed to start Anonymizing overlay
>> network for TCP (instance tor).
>> Aug  6 14:30:03  systemd[1]: Unit tor@tor.service entered failed state.
>> Aug  6 14:30:03  tor[482]: Aug 06 14:30:03.109 [notice] Tor v0.2.8.6
>> (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable,
>> OpenSSL 1.0.1t and Zlib$
>> Aug  6 14:30:03  tor[482]: Aug 06 14:30:03.110 [notice] Tor can't help
>> you if you use it wrong! Learn how to be safe at
>> https://www.torproject.org/download/downl$
>> Aug  6 14:30:03  tor[482]: Aug 06 14:30:03.1

Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org

[pa011]

r 
attaching for unprivileged users.
Aug  6 14:30:03  tor[489]: Configuration was validAug  6 14:30:03  tor[500]: 
Aug 06 14:30:03.221 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on 
Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib$
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.221 [notice] Tor can't help you if 
you use it wrong! Learn how to be safe at 
https://www.torproject.org/download/downl$
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.221 [notice] Read configuration file 
"/var/run/tor-instances/tor2.defaults".
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.222 [notice] Read configuration file 
"/etc/tor/instances/tor2/torrc".
Aug  6 14:30:03  tor[497]: Aug 06 14:30:03.228 [notice] Opening Control 
listener on 127.0.0.1:9051
Aug  6 14:30:03  tor[497]: Aug 06 14:30:03.228 [notice] Opening OR listener on 
0.0.0.0:443
Aug  6 14:30:03  tor[497]: Aug 06 14:30:03.228 [notice] Opening Directory 
listener on 0.0.0.0:80
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.230 [notice] Based on detected 
system memory, MaxMemInQueues is set to 370 MB. You can override this by 
setting MaxMem$
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.235 [notice] Opening Socks listener 
on 127.0.0.1:0
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.236 [notice] Socks listener 
listening on port 38400.
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.237 [notice] Opening Control 
listener on 127.0.0.1:9052
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.237 [notice] Opening OR listener on 
0.0.0.0:444
Aug  6 14:30:03  tor[500]: Aug 06 14:30:03.237 [notice] Opening Directory 
listener on 0.0.0.0:81
Aug  6 14:30:03  Tor-tor2[500]: Tor v0.2.8.6 (git-b88847615faea7c8) running on 
Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8.
Aug  6 14:30:03  Tor-tor2[500]: Tor can't help you if you use it wrong! Learn 
how to be safe at https://www.torproject.org/download/download#warning
Aug  6 14:30:03  Tor-tor2[500]: Read configuration file 
"/var/run/tor-instances/tor2.defaults".
Aug  6 14:30:03  Tor-tor2[500]: Read configuration file 
"/etc/tor/instances/tor2/torrc".
Aug  6 14:30:03  Tor-tor2[500]: Based on detected system memory, MaxMemInQueues 
is set to 370 MB. You can override this by setting MaxMemInQueues by hand.
Aug  6 14:30:03  Tor-tor2[500]: Opening Socks listener on 127.0.0.1:0
Aug  6 14:30:03  Tor-tor2[500]: Socks listener listening on port 38400.
Aug  6 14:30:03  Tor-tor2[500]: Opening Control listener on 127.0.0.1:9052
Aug  6 14:30:03  Tor-tor2[500]: Opening OR listener on 0.0.0.0:444
Aug  6 14:30:03  Tor-tor2[500]: Opening Directory listener on 0.0.0.0:81
Aug  6 14:30:03  Tor-tor2[500]: Not disabling debugger attaching for 
unprivileged users.Aug  6 14:30:03  install[503]: /usr/bin/install: Ungültiger 
Anwender „_tor-tor“
Aug  6 14:30:03  systemd[1]: tor@tor.service: control process exited, 
code=exited status=1
Aug  6 14:30:03  Tor-tor2[500]: Parsing GEOIP IPv4 file /usr/share/tor/geoip.
Aug  6 14:30:03  systemd[1]: Failed to start Anonymizing overlay network for 
TCP (instance tor).
Aug  6 14:30:03  systemd[1]: Unit tor@tor.service entered failed state.
Aug  6 14:30:03  Tor-tor2[500]: Parsing GEOIP IPv6 file /usr/share/tor/geoip6.
Aug  6 14:30:03  install[510]: /usr/bin/install: Ungültiger Anwender „_tor-tor“
Aug  6 14:30:03  systemd[1]: tor@tor.service: control process exited, 
code=exited status=1
Aug  6 14:30:03  systemd[1]: Failed to start Anonymizing overlay network for 
TCP (instance tor).
Aug  6 14:30:03  systemd[1]: Unit tor@tor.service entered failed state.
Aug  6 14:30:03  Tor-tor2[500]: Configured to measure statistics. Look for the 
*-stats files that will first be written to the data directory in 24 hours from 
no$
Aug  6 14:30:03  Tor-tor2[500]: Your Tor server's identity key fingerprint is '
Aug  6 14:30:03  Tor-tor2[500]: Bootstrapped 0%: Starting
Aug  6 14:30:03  install[517]: /usr/bin/install: Ungültiger Anwender „_tor-tor“
Aug  6 14:30:03  systemd[1]: tor@tor.service: control process exited, 
code=exited status=1
Aug  6 14:30:03  systemd[1]: Failed to start Anonymizing overlay network for 
TCP (instance tor).
Aug  6 14:30:03  systemd[1]: Unit tor@tor.service entered failed state.
Aug  6 14:30:04  systemd[1]: tor@tor.service start request repeated too 
quickly, refusing to start.
Aug  6 14:30:04  systemd[1]: Failed to start Anonymizing overlay network for 
TCP (instance tor).

Rgds

Paul

Am 06.08.2016 um 14:06 schrieb Michael Armbruster:
> Hi Paul,
> 
> You have applied a wrong ExitPolicy entry somewhere in your torrc for
> the default instance.
> 
> You wrote
> 
> "ExitPolicy reject x.x.x.x/80"
> 
> though most probably you wanted to block the port 80 on a specific
> address, so you have to provide
> 
> "ExitPolicy reject x.x.x.x:80"
> 
> instead, with a colon, not a slash. The slash is there to block a
> specific address *range*. You can read more about subnets and the
> calculation fo

Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org

[pa011]

I am inexperienced an have probably the same problem after upgrading to 0.2.8.6.

Even after reboot my second instance Tor-tor2 is running while the default 
service is exiting - syslog looks like this:

Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.744 [notice] Tor v0.2.8.6 
(git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 
1.0.1t and Zlib$
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.745 [notice] Tor can't help you if 
you use it wrong! Learn how to be safe at 
https://www.torproject.org/download/downl$
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.745 [notice] Read configuration file 
"/usr/share/tor/tor-service-defaults-torrc".
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.745 [notice] Read configuration file 
"/etc/tor/torrc".
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.747 [notice] Based on detected 
system memory, MaxMemInQueues is set to 370 MB. You can override this by 
setting MaxMem$
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.751 [warn] Bad number of mask bits 
(80) on address range; rejecting.
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.751 [warn] Couldn't parse line 
"x.x.x.x/80". Dropping
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.751 [warn] Malformed policy 'reject 
x.x.x.x/80'. Discarding entire policy list.
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.752 [warn] Failed to parse/validate 
config: Error in ExitPolicy entry.
Aug  6 12:11:33  tor[542]: Aug 06 12:11:33.752 [err] Reading config failed--see 
warnings above.
Aug  6 12:11:33  systemd[1]: tor@default.service: control process exited, 
code=exited status=1
Aug  6 12:11:33  systemd[1]: Failed to start Anonymizing overlay network for 
TCP.
Aug  6 12:11:33  systemd[1]: Unit tor@default.service entered failed state.
Aug  6 12:11:33  systemd[1]: tor@default.service start request repeated too 
quickly, refusing to start.
Aug  6 12:11:33  systemd[1]: Failed to start Anonymizing overlay network for 
TCP.
Aug  6 12:11:33  systemd[1]: Unit tor@default.service entered failed state.
Aug  6 12:11:38  Tor-tor2[492]: Bootstrapped 80%: Connecting to the Tor network
Aug  6 12:11:38  Tor-tor2[492]: Signaled readiness to systemd
Aug  6 12:11:38  Tor-tor2[492]: Opening Control listener on 
/var/run/tor-instances/tor2/control
Aug  6 12:11:38  Tor-tor2[492]: Self-testing indicates your ORPort is reachable 
from the outside. Excellent.
Aug  6 12:11:39  Tor-tor2[492]: Bootstrapped 85%: Finishing handshake with 
first hop
Aug  6 12:11:39  Tor-tor2[492]: Bootstrapped 90%: Establishing a Tor circuit
Aug  6 12:11:40  Tor-tor2[492]: Tor has successfully opened a circuit. Looks 
like client functionality is working.
Aug  6 12:11:40  Tor-tor2[492]: Bootstrapped 100%: Done


Could somebody please give me a detailed hint what to do please?

Thanks
Paul


Am 05.08.2016 um 20:27 schrieb tor relay:
>> So there is no way to disable the default instance using systemctl after all?
> 
> To answer my own question:
> systemctl mask tor@default
> disables the default instance for real.
> 
> ..but I'm still curious why tor@default is a static unit (without [Install] 
> section)
> https://bbs.archlinux.org/viewtopic.php?id=147964
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] outgooing UDP flooding on middle relay

[pa011]

strange is the difference in traffic behaivior after that:

 h  rx (KiB)   tx (KiB)  h  rx (KiB)   tx (KiB)  h  rx (KiB)
tx (KiB)
11 25.700.571 26.306.50519275.999340.63303251.998
384.160
12 32.840.796 33.571.99620271.278382.08704255.947
383.794
13 32.910.527 33.637.09221263.147383.44405244.656
385.187
14 40.052.678 40.824.13822260.674383.30906251.796
384.848
15 35.106.193 35.833.11423268.364381.41107256.603
383.204
16  0  000259.170383.97808246.394
368.462
17  0  001262.486383.67809248.525
329.171
18102.138144.73202252.385384.29910145.460
182.071


Am 01.08.2016 um 15:17 schrieb Markus Koch:
> If this is a synflood or any other ddos attack on his vps the tor server 
> would not relay the attack and in and outgoing traffic would be vastly 
> different. 
> 
> Sent from my iPad
> 
>> On 01 Aug 2016, at 15:12, teor <teor2...@gmail.com> wrote:
>>
>>
>>> On 1 Aug 2016, at 23:08, Markus Koch <niftybu...@googlemail.com> wrote:
>>>
>>> Looks like DOS/DDOS.Is it even possible to DDOS over tor?
>>
>> It's possible to (D)DOS any server using ping (or DNS, or any other UDP 
>> responder).
>> All an attacker needs is the server's IP address, which is publicly 
>> available in the Tor consensus.
>> Then they can attack the relay from the Internet.
>>
>> There's no need to use Tor to tunnel the (D)DOS. In this case, Tor doesn't 
>> tunnel UDP, so it's unlikely to be the culprit.
>>
>> Tim
>>
>>>
>>>
>>> 2016-08-01 15:04 GMT+02:00 pa011 <pa...@web.de>:
>>>> yes about the same - sorry for the page brake dont get it solved in my
>>>> thunderbird
>>>>
>>>> h  rx (KiB)   tx (KiB)  h  rx (KiB)   tx (KiB)  h  rx (KiB)
>>>> tx (KiB)
>>>> 23  6.559.929  6.748.21507  4.697.285  4.845.89315 35.106.193
>>>> 35.833.114
>>>> 00  5.129.384  5.289.45608 12.317.567 12.605.72616  0
>>>> 0
>>>> 01  3.709.181  3.843.98809 14.913.172 15.278.07917  0
>>>> 0
>>>> 02  4.405.017  4.574.74510 22.218.874 22.738.50818102.138
>>>> 144.732
>>>> 03  4.670.091  4.817.78511 25.700.571 26.306.50519275.999
>>>> 340.633
>>>> 04  4.711.807  4.853.92112 32.840.796 33.571.99620271.278
>>>> 382.087
>>>> 05  4.269.354  4.408.41713 32.910.527 33.637.09221263.147
>>>> 383.444
>>>> 06  5.279.142  5.443.89014 40.052.678 40.824.13822176.040
>>>> 258.865
>>>>
>>>>
>>>>> Am 01.08.2016 um 14:51 schrieb Markus Koch:
>>>>> In and outgoing traffic is the same size?
>>>>>
>>>>>
>>>>>
>>>>> 2016-08-01 14:44 GMT+02:00 pa011 <pa...@web.de>:
>>>>>> The ISP didn’t mention - I would have to ask.
>>>>>>
>>>>>> What I saw was that the traffic was up about linear from usually 30Mbits
>>>>>> to above 100 Mbits over about 6 hours, bringing the CPU to 100% and
>>>>>> dropping.
>>>>>>
>>>>>>
>>>>>>> Am 01.08.2016 um 14:36 schrieb Markus Koch:
>>>>>>> How many packets per second?
>>>>>>>
>>>>>>> Markus
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> 2016-08-01 14:28 GMT+02:00 pa011 <pa...@web.de>:
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> one of my middle relays got auto limited by the ISP because of
>>>>>>>> "outgooing UDP flooding ".
>>>>>>>>
>>>>>>>> The VPS is pure debian8, fail2ban, pub key and nothing else installed -
>>>>>>>> so I highly doubt the give reason for the traffic limitation.
>>>>>>>> Also I cant find anything in the log files.
>>>>>>>>
>>>>>>>> Anybody having experience with such an issue?
>>>>>>>> What to check for please?
>>>>>>>>
>>>>>>>> Paul
>>>>>>>>
>>>>>>>> ___
>>>>>>>> tor-relays mailing 

Re: [tor-relays] outgooing UDP flooding on middle relay

[pa011]

I am off for a couple of hours - if I can give some more information or
ask my ISP for something later on please let me know?

What should I do to stop this in the future and get the restrictions off
from my ISP?

Thanks
Paul

Am 01.08.2016 um 15:17 schrieb Markus Koch:
> If this is a synflood or any other ddos attack on his vps the tor server 
> would not relay the attack and in and outgoing traffic would be vastly 
> different. 
> 
> Sent from my iPad
> 
>> On 01 Aug 2016, at 15:12, teor <teor2...@gmail.com> wrote:
>>
>>
>>> On 1 Aug 2016, at 23:08, Markus Koch <niftybu...@googlemail.com> wrote:
>>>
>>> Looks like DOS/DDOS.Is it even possible to DDOS over tor?
>>
>> It's possible to (D)DOS any server using ping (or DNS, or any other UDP 
>> responder).
>> All an attacker needs is the server's IP address, which is publicly 
>> available in the Tor consensus.
>> Then they can attack the relay from the Internet.
>>
>> There's no need to use Tor to tunnel the (D)DOS. In this case, Tor doesn't 
>> tunnel UDP, so it's unlikely to be the culprit.
>>
>> Tim
>>
>>>
>>>
>>> 2016-08-01 15:04 GMT+02:00 pa011 <pa...@web.de>:
>>>> yes about the same - sorry for the page brake dont get it solved in my
>>>> thunderbird
>>>>
>>>> h  rx (KiB)   tx (KiB)  h  rx (KiB)   tx (KiB)  h  rx (KiB)
>>>> tx (KiB)
>>>> 23  6.559.929  6.748.21507  4.697.285  4.845.89315 35.106.193
>>>> 35.833.114
>>>> 00  5.129.384  5.289.45608 12.317.567 12.605.72616  0
>>>> 0
>>>> 01  3.709.181  3.843.98809 14.913.172 15.278.07917  0
>>>> 0
>>>> 02  4.405.017  4.574.74510 22.218.874 22.738.50818102.138
>>>> 144.732
>>>> 03  4.670.091  4.817.78511 25.700.571 26.306.50519275.999
>>>> 340.633
>>>> 04  4.711.807  4.853.92112 32.840.796 33.571.99620271.278
>>>> 382.087
>>>> 05  4.269.354  4.408.41713 32.910.527 33.637.09221263.147
>>>> 383.444
>>>> 06  5.279.142  5.443.89014 40.052.678 40.824.13822176.040
>>>> 258.865
>>>>
>>>>
>>>>> Am 01.08.2016 um 14:51 schrieb Markus Koch:
>>>>> In and outgoing traffic is the same size?
>>>>>
>>>>>
>>>>>
>>>>> 2016-08-01 14:44 GMT+02:00 pa011 <pa...@web.de>:
>>>>>> The ISP didn’t mention - I would have to ask.
>>>>>>
>>>>>> What I saw was that the traffic was up about linear from usually 30Mbits
>>>>>> to above 100 Mbits over about 6 hours, bringing the CPU to 100% and
>>>>>> dropping.
>>>>>>
>>>>>>
>>>>>>> Am 01.08.2016 um 14:36 schrieb Markus Koch:
>>>>>>> How many packets per second?
>>>>>>>
>>>>>>> Markus
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> 2016-08-01 14:28 GMT+02:00 pa011 <pa...@web.de>:
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> one of my middle relays got auto limited by the ISP because of
>>>>>>>> "outgooing UDP flooding ".
>>>>>>>>
>>>>>>>> The VPS is pure debian8, fail2ban, pub key and nothing else installed -
>>>>>>>> so I highly doubt the give reason for the traffic limitation.
>>>>>>>> Also I cant find anything in the log files.
>>>>>>>>
>>>>>>>> Anybody having experience with such an issue?
>>>>>>>> What to check for please?
>>>>>>>>
>>>>>>>> Paul
>>>>>>>>
>>>>>>>> ___
>>>>>>>> tor-relays mailing list
>>>>>>>> tor-relays@lists.torproject.org
>>>>>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>>>>>> ___
>>>>>>> tor-relays mailing list
>>>>>>> tor-relays@lists.torproject.org
>>>>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>>>>> ___
>>>>>&

Re: [tor-relays] outgooing UDP flooding on middle relay

[pa011]

yes about the same - sorry for the page brake dont get it solved in my
thunderbird

 h  rx (KiB)   tx (KiB)  h  rx (KiB)   tx (KiB)  h  rx (KiB)
tx (KiB)
23  6.559.929  6.748.21507  4.697.285  4.845.89315 35.106.193
35.833.114
00  5.129.384  5.289.45608 12.317.567 12.605.72616  0
  0
01  3.709.181  3.843.98809 14.913.172 15.278.07917  0
  0
02  4.405.017  4.574.74510 22.218.874 22.738.50818102.138
144.732
03  4.670.091  4.817.78511 25.700.571 26.306.50519275.999
340.633
04  4.711.807  4.853.92112 32.840.796 33.571.99620271.278
382.087
05  4.269.354  4.408.41713 32.910.527 33.637.09221263.147
383.444
06  5.279.142  5.443.89014 40.052.678 40.824.13822176.040
258.865


Am 01.08.2016 um 14:51 schrieb Markus Koch:
> In and outgoing traffic is the same size?
> 
> 
> 
> 2016-08-01 14:44 GMT+02:00 pa011 <pa...@web.de>:
>> The ISP didn’t mention - I would have to ask.
>>
>> What I saw was that the traffic was up about linear from usually 30Mbits
>> to above 100 Mbits over about 6 hours, bringing the CPU to 100% and
>> dropping.
>>
>>
>> Am 01.08.2016 um 14:36 schrieb Markus Koch:
>>> How many packets per second?
>>>
>>> Markus
>>>
>>>
>>>
>>> 2016-08-01 14:28 GMT+02:00 pa011 <pa...@web.de>:
>>>> Hello,
>>>>
>>>> one of my middle relays got auto limited by the ISP because of
>>>> "outgooing UDP flooding ".
>>>>
>>>> The VPS is pure debian8, fail2ban, pub key and nothing else installed -
>>>> so I highly doubt the give reason for the traffic limitation.
>>>> Also I cant find anything in the log files.
>>>>
>>>> Anybody having experience with such an issue?
>>>> What to check for please?
>>>>
>>>> Paul
>>>>
>>>> ___
>>>> tor-relays mailing list
>>>> tor-relays@lists.torproject.org
>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>>>
>>> ___
>>> tor-relays mailing list
>>> tor-relays@lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] outgooing UDP flooding on middle relay

[pa011]

The ISP didn’t mention - I would have to ask.

What I saw was that the traffic was up about linear from usually 30Mbits
to above 100 Mbits over about 6 hours, bringing the CPU to 100% and
dropping.


Am 01.08.2016 um 14:36 schrieb Markus Koch:
> How many packets per second?
> 
> Markus
> 
> 
> 
> 2016-08-01 14:28 GMT+02:00 pa011 <pa...@web.de>:
>> Hello,
>>
>> one of my middle relays got auto limited by the ISP because of
>> "outgooing UDP flooding ".
>>
>> The VPS is pure debian8, fail2ban, pub key and nothing else installed -
>> so I highly doubt the give reason for the traffic limitation.
>> Also I cant find anything in the log files.
>>
>> Anybody having experience with such an issue?
>> What to check for please?
>>
>> Paul
>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] outgooing UDP flooding on middle relay

[pa011]

Hello,

one of my middle relays got auto limited by the ISP because of
"outgooing UDP flooding ".

The VPS is pure debian8, fail2ban, pub key and nothing else installed -
so I highly doubt the give reason for the traffic limitation.
Also I cant find anything in the log files.

Anybody having experience with such an issue?
What to check for please?

Paul


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] VPS for Exits and non-Exits

[pa011]

Am 06.07.2016 um 22:09 schrieb Iain R. Learmonth:
> Hi,
> 
> On 06/07/16 18:25, tor relay wrote:
>>> I've been running an exit node for over a year on OVH now, no problems
>>> so far. Highly recommended (especially since they give me 10TB of
>>> traffic for about 10$USD/month; considering I use about 7-8TB of that
>>> per month, it's well worth it).
>>
>> OVH is used to much by tor operators already (>12% of the tor network
>> capacity is there).
> 
> Not the most performance enhanced page on the web but:
> 
> https://metrics.torproject.org/bubbles.html
> 
> This bubble graph shows where relays are located by autonomous system.
> If you're looking to set up new relays, attempting to grow smaller
> bubbles here (the names should be googleable enough) or trying to add
> new ones would definitely be preferred over adding more to OVH.
> 
> It's great that OVH are Tor-friendly, but diversity of the network is
> important.
> 
> Thanks,
> Iain.
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 

"..diversity of the network is important." -very important - what if a
far Western European government decides on the next "state of emergency"
to ban Tor and "asks" their domestic ISPs for support?

There are other Providers who give you 15-50 TB/month for less than 10 Euro.

Dig for them - don’t follow the pack!


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

> 
Ok - very sorry - I foolished myself -this last issue is solved :-) !!

Thank you nusenu for your help !!



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

Am 03.07.2016 um 14:28 schrieb Peter Palfrader:
> On Sun, 03 Jul 2016, pa011 wrote:
> 
>>
>>
>> Am 03.07.2016 um 13:31 schrieb Peter Palfrader:
>>> On Sun, 03 Jul 2016, pa011 wrote:
>>>
>>>>
>>>> Am 03.07.2016 um 13:03 schrieb Peter Palfrader:
>>>>> Let me read this for you.
>>>>>
>>>>> On Sun, 03 Jul 2016, pa011 wrote:
>>>>>
>>>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening OR 
>>>>>> listener on 0.0.0.0:443
>>>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to 
>>>>>> 0.0.0.0:443: Address already in use. Is Tor already running?
>>>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Directory 
>>>>>> listener on 0.0.0.0:80
>>>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to 
>>>>>> 0.0.0.0:80: Address already in use. Is Tor already running?
>>>>>
>>>>> HTH.
>>>
>>> [Hope that helps]
>>>
>>>> Would be very kind if you could explain a bit what I should do and why
>>>> if you got some spare time.
>>>
>>> It appears you have told your (second?) tor to listen on port 443.  You
>>> have something else on your machine already using Port 443.
>>>
>>> (It's a bit hard to read, since you line wrapped the log output.)
>>>
>> Sorry for the wrapping - I hopefully convinced Thunderbird not to do it
>> any more :-)
>>
>> Yes, the first tor instance is using the ports 80 and 443 - I thought
>> they could be shared between the instances. So what setting should I use
>> then in the second torrc please?
> 
> Pick different ports.  Any that are free and that you like.
> 
Hey - great thanks especially to you Peter for your whole work on
**tor-instance-create**

"top" and syslog and even atlas let me come to the conclusion that I
have two running instances now :-)

Still open:

"arm -i 9052" - is asking for a Controller password while I have a
HashedControlPassword in place ?

How to best separate the tor log files from both instances?
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

Am 03.07.2016 um 13:31 schrieb Peter Palfrader:
> On Sun, 03 Jul 2016, pa011 wrote:
> 
>>
>> Am 03.07.2016 um 13:03 schrieb Peter Palfrader:
>>> Let me read this for you.
>>>
>>> On Sun, 03 Jul 2016, pa011 wrote:
>>>
>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening OR listener 
>>>> on 0.0.0.0:443
>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to 
>>>> 0.0.0.0:443: Address already in use. Is Tor already running?
>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Directory 
>>>> listener on 0.0.0.0:80
>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to 
>>>> 0.0.0.0:80: Address already in use. Is Tor already running?
>>>
>>> HTH.
> 
> [Hope that helps]
> 
>> Would be very kind if you could explain a bit what I should do and why
>> if you got some spare time.
> 
> It appears you have told your (second?) tor to listen on port 443.  You
> have something else on your machine already using Port 443.
> 
> (It's a bit hard to read, since you line wrapped the log output.)
> 
Sorry for the wrapping - I hopefully convinced Thunderbird not to do it
any more :-)

Yes, the first tor instance is using the ports 80 and 443 - I thought
they could be shared between the instances. So what setting should I use
then in the second torrc please?

TAM ;-)
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

Am 03.07.2016 um 13:03 schrieb Peter Palfrader:
> Let me read this for you.
> 
> On Sun, 03 Jul 2016, pa011 wrote:
> 
>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening OR listener 
>> on 0.0.0.0:443
>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to 
>> 0.0.0.0:443: Address already in use. Is Tor already running?
>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Directory 
>> listener on 0.0.0.0:80
>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to 
>> 0.0.0.0:80: Address already in use. Is Tor already running?
> 
> HTH.
> 
Hi Peter,

sorry that might bring light to you - I even have to
https://www.acronymfinder.com/Slang/HtH.html , because I am new to this
business :-(

Would be very kind if you could explain a bit what I should do and why
if you got some spare time.

Thanks a lot - Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

Am 02.07.2016 um 20:14 schrieb Peter Palfrader:
> On Sat, 02 Jul 2016, pa011 wrote:
> 
>> Ok - "Log notice file /var/log/tor/notices2.log" removed from
>> torrc, but that doesn’t influence the error message from systemctl
>> in no way.
>> 
>> Still not working !
> 
> Please try to provide at least some more useful information. (Also,
> please stop top posting and full quoting).
> 
> What does /var/log/syslog say?
> 
> What does journald -f say while you *restart* the service?
> 
Hi Peter,

the system is Linux version 3.16.0-4-amd64
(debian-ker...@lists.debian.org) (gcc version 4.8.4 (Debian 4.8.4-1) )
#1 SMP Debian 3.16.7-ckt25-2+deb8u2 (2016-06-25)
with  Tor 0.2.7.6

"journald -f" brings up "command not found"

here is a copy of the syslog:

Jul 3 12:09:27 sed[4525]: DataDirectory /var/lib/tor-instances/tor2
Jul 3 12:09:27 sed[4525]: PidFile /var/run/tor-instances/tor2/tor.pid
Jul 3 12:09:27 sed[4525]: RunAsDaemon 0
Jul 3 12:09:27 sed[4525]: User _tor-tor2
Jul 3 12:09:27 sed[4525]: SyslogIdentityTag tor2
Jul 3 12:09:27 sed[4525]: ControlSocket
/var/run/tor-instances/tor2/control
Jul 3 12:09:27 sed[4525]: ControlSocketsGroupWritable 1
Jul 3 12:09:27 sed[4525]: CookieAuthentication 1
Jul 3 12:09:27 sed[4525]: CookieAuthFileGroupReadable 1
Jul 3 12:09:27 sed[4525]: CookieAuthFile
/var/run/tor-instances/tor2/control.authcookie
Jul 3 12:09:27 sed[4525]: Log notice syslog
Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.541 [notice] Tor v0.2.7.6
(git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable
OpenSSL 1.0.1t and Zlib 1.2.8.
Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.542 [notice] Tor can't help
you if you use it wrong! Learn how to be safe at
https://www.torproject.org/download/download#warning
Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.542 [notice] Read
configuration file "/var/run/tor-instances/tor2.defaults".
Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.542 [notice] Read
configuration file "/etc/tor/instances/tor2/torrc".
Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.544 [notice] Based on
detected system memory MaxMemInQueues is set to 370 MB. You can
override this by setting MaxMemInQueues by hand.
Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.545 [notice] Not disabling
debugger attaching for unprivileged users.
Jul 3 12:09:27 tor[4528]: Configuration was valid
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.583 [notice] Tor v0.2.7.6
(git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable
OpenSSL 1.0.1t and Zlib 1.2.8.
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.583 [notice] Tor can't help
you if you use it wrong! Learn how to be safe at
https://www.torproject.org/download/download#warning
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.584 [notice] Read
configuration file "/var/run/tor-instances/tor2.defaults".
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.584 [notice] Read
configuration file "/etc/tor/instances/tor2/torrc".
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.587 [notice] Based on
detected system memory MaxMemInQueues is set to 370 MB. You can
override this by setting MaxMemInQueues by hand.
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.588 [notice] Opening Socks
listener on 127.0.0.1:0
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.588 [notice] Socks listener
listening on port 52394.
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.589 [notice] Opening Control
listener on 127.0.0.1:9052
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Control
listener on /var/run/tor-instances/tor2/control
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening OR
listener on 0.0.0.0:443
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to
0.0.0.0:443: Address already in use. Is Tor already running?
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening
Directory listener on 0.0.0.0:80
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to
0.0.0.0:80: Address already in use. Is Tor already running?
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [notice] Closing
partially-constructed Socks listener on 127.0.0.1:52394
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [notice] Closing
partially-constructed Control listener on 127.0.0.1:9052
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [notice] Closing
partially-constructed Control listener on
/var/run/tor-instances/tor2/control:0
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [warn] Failed to
parse/validate config: Failed to bind one of the listener ports.
Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [err] Reading config
failed--see warnings above.
Jul 3 12:09:27 systemd[1]: tor@tor2.service: main process exited
code=exited status=1/FAILURE
Jul 3 12:09:27 systemd[1]: Failed to start Anonymizing overlay network
for TCP (instance tor2).
Jul 3 12:09:27 systemd[1]: Unit tor@tor2.service entered failed state.
Jul 3 12:09:27 sed[4539]: DataDirectory /var/lib/tor-instances/tor2
Jul 3 12:09:27 sed[4539]: PidFil

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

Ok - "Log notice file /var/log/tor/notices2.log" removed from torrc, but
that doesn’t influence the error message from systemctl in no way.

Still not working !

Does the machine on which I like to add this second instance have more
than one core??

I don’t want to use ansible at the moment - that seems far to much for
me currently - maybe three steps ahead :-)

Is there possibly an other way instead of two Tor instances running to
convince the bandwidth-authority to take more use of a 250Mbit/s line
for an Exit instead of just 40-50 Mbit/s?



Am 02.07.2016 um 18:21 schrieb nusenu:
>> Still unsuccessful, even after reboot -here is what I did:
>>
>> sudo tor-instance-create tor2
>>
>> sudo adduser xxx _tor-tor2
> 
> no need to create that user manually, tor-instance-create does that
> 
> 
>> sudo systemctl start tor@tor2
>>
>> Job for tor@tor2.service failed. See 'systemctl status tor@tor2.service'
>> and 'journalctl -xn' for details.
>>
>> xxx@xxx:~$ systemctl status tor@tor2.service
>> ● tor@tor2.service - Anonymizing overlay network for TCP (instance tor2)
>>Loaded: loaded (/lib/systemd/system/tor@.service; disabled)
>>Active: failed (Result: start-limit) since Sat 2016-07-02 17:37:32
>> CEST; 12s ago
>>
>>   Process: 710 ExecStart=/usr/bin/tor --defaults-torrc
>> /var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc
>> (code=exited, status=1/FAILURE)
>>
> 
> 
>>> these are my current settings:
>>>
>>> SocksPort auto
>>> RunAsDaemon 0
>>> Log notice file /var/log/tor/notices2.log
> 
> This is a bad idea (file permissions), why did you add that Log line?
> I recommend you stick with the default behaviour (syslog), just remove
> that line.
> 
> 
> If you simply want to setup multiple tor instances on a debian 8 target
> machine, you might also just use ansible
> 
> https://github.com/nusenu/ansible-relayor
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

Still unsuccessful, even after reboot -here is what I did:

sudo tor-instance-create tor2

sudo adduser xxx _tor-tor2

sudo systemctl start tor@tor2

Job for tor@tor2.service failed. See 'systemctl status tor@tor2.service'
and 'journalctl -xn' for details.

xxx@xxx:~$ systemctl status tor@tor2.service
● tor@tor2.service - Anonymizing overlay network for TCP (instance tor2)
   Loaded: loaded (/lib/systemd/system/tor@.service; disabled)
   Active: failed (Result: start-limit) since Sat 2016-07-02 17:37:32
CEST; 12s ago

  Process: 710 ExecStart=/usr/bin/tor --defaults-torrc
/var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc
(code=exited, status=1/FAILURE)

  Process: 707 ExecStartPre=/usr/bin/tor --defaults-torrc
/var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc
--verify-config (code=exited, status=0/SUCCESS)

  Process: 704 ExecStartPre=/bin/sed -e s/@@NAME@@/%i/g; w
/var/run/tor-instances/%i.defaults
/usr/share/tor/tor-service-defaults-torrc-instances (code=exited,
status=0/SUCCESS)

  Process: 703 ExecStartPre=/usr/bin/install -Z -m 02750 -o _tor-%i -g
_tor-%i -d /var/run/tor-instances/%i (code=exited, status=0/SUCCESS)

 Main PID: 710 (code=exited, status=1/FAILURE)


Am 02.07.2016 um 16:02 schrieb pa011:
> Ok - I do have it and I installed a second instance called "tor2".
> 
> I can control the first instance of Tor as usual with arm but how can I
> now control the running of "tor2" with arm?
> 
> When calling arm with "sudo -u _tor-tor2 arm" I get asked for a
> Controller password even while having a HashedControlPassword in place?
> 
> What are the other needed settings apart from the relay specific ones in
> the torrc file from "tor2" to get it controlled by arm?
> 
> Could somebody please give an example?
> 
> Thank you all, Paul.
> 
> 
> these are my current settings:
> 
> SocksPort auto
> RunAsDaemon 0
> Log notice file /var/log/tor/notices2.log
> ControlPort 9052
> HashedControlPassword xx:xx
> Nickname test2
> RelayBandwidthRate 500 KB
> RelayBandwidthBurst 800 KB
> 
> 
> 
> Am 01.07.2016 um 23:28 schrieb nusenu:
>>> thank you for that link.
>>>
>>> Unfortunately I have to out myself as I am a newbe and don’t know how to
>>> get it working.
>>>
>>> I can see - the tool
>>> https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create
>>> .
>>>
>>> Do I have to download it? If so where to?
>>>
>>> Sorry cant be more precise with my questions.
>>
>> This "tool" comes with the tor package (from torproject debian
>> repository), so if you installed tor from there you should have it already.
>>
>>
>>
>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

Hi,

thank you for that link.

Unfortunately I have to out myself as I am a newbe and don’t know how to
get it working.

I can see - the tool
https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create
.

Do I have to download it? If so where to?

Sorry cant be more precise with my questions.




Am 01.07.2016 um 22:26 schrieb nusenu:
> Hi,
> 
>> I do have the same issue with Debian, but didn’t find any documentation
>> that worked really. 
> 
> as previously pointed out already you might look at the
> tor-instance-create man page
> 
> https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create.8.txt
> 
> If you have specific problem people might be able to give more specific
> help.
> 
>> Could you please let me know in detail what you did,
>> if it is going well with you?
> 
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] More than one instance with Debian Jessie

[pa011]

Hi Patrick,

I do have the same issue with Debian, but didn’t find any documentation
that worked really. Could you please let me know in detail what you did,
if it is going well with you?

Thank you -best regards

Paul

Am 28.06.2016 um 10:37 schrieb Patrick ZAJDA:
> Hi Peter,
> 
> I strangely didn't find it before.
> Great, thanks!
> 
> The only thing I found before was the ticket talking about putting files
> in /etc/tor/enabled.
> 
> Best regards,
> 
> Patrick
> 
> Peter Palfrader:
>> On Tue, 28 Jun 2016, Patrick ZAJDA wrote:
>>
>>> With Debian Jessie and systemd, we can have multiple instances of Tor.
>>> But I cannot find any documentation about how to do that.
>>>
>>> Can someone tel me where to find some documentation (and not an
>>> alternative to have multiple instances). please?
>>> Else, can someone explain me how to do that if there is not documentation?
>>
>> Have you tried the tor-instance-create manpage?
>>
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] If you get weird crashes, that might be why

[pa011]

Hi Yuriy and Pascal,

I don’t know where that "Op$bf: " is from, it is stated that way in the
Tor log file.

What looks very different from other relay debug files are the number of
entries like these:

Jun 25 20:05:50 kernel: [61536.640020] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143200123:1143203019 (repaired)
Jun 25 20:05:54 kernel: [61540.044045] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143205915:1143208811 (repaired)
Jun 25 20:05:59 kernel: [61544.900036] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143211707:1143214603 (repaired)
Jun 25 20:06:31 kernel: [61577.120054] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143252251:1143255147 (repaired)
Jun 25 20:06:37 kernel: [61583.684050] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143258043:1143260939 (repaired)
Jun 25 20:06:41 kernel: [61587.156021] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143262387:1143266731 (repaired)
Jun 25 20:06:41 kernel: [61587.588021] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143263835:1143266731 (repaired)
Jun 25 20:06:45 kernel: [61591.492022] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143269627:1143272523 (repaired)
Jun 25 20:07:22 kernel: [61628.072061] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143310171:1143313067 (repaired)
Jun 25 20:07:53 kernel: [61659.280023] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143343475:1143347819 (repaired)
Jun 25 20:07:53 kernel: [61659.708017] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143344923:1143347819 (repaired)
Jun 25 20:08:21 kernel: [61687.148034] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143379675:1143382571 (repaired)
Jun 25 20:08:32 kernel: [61698.296025] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143391259:1143394155 (repaired)
Jun 25 20:08:39 kernel: [61705.388024] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143398499:1143399947 (repaired)
Jun 25 20:09:03 kernel: [61729.729801] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143426011:1143428907 (repaired)
Jun 25 20:09:15 kernel: [61741.832029] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143437595:1143440491 (repaired)
Jun 25 20:10:58 kernel: [61844.83] Peer 47.19.79.xxx:47000/55752
unexpectedly shrunk window 1143491894:1143494790 (repaired)
Jun 25 20:11:02 kernel: [61848.120017] Peer 47.19.79.xxx:4700/55752
unexpectedly shrunk window 1143497686:1143500582 (repaired)

and the number of lines like:

kernel: [113700.366999] nf_conntrack: table full, dropping packet

which comes nearly every second -sometime more.

Memory is used about 50 percent -disk space more than enough.




Am 26.06.2016 um 19:39 schrieb Yuriy M. Kaminskiy:
> On 26.06.2016 16:22, pa011 wrote:
>> On start-up my Exit (Linux 3.16.0-4-amd64) Tor 0.2.7.6  creates this log
>> message:
>>
>> [warn] OpenSSL version from headers does not match the version we're
>> running with.If you get weird crashes, that might be why. (Compiled
>> with 100010bf: Op$bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f:
>  ^^^
>> OpenSSL 1.0.1t  3 May 2016).
>>
>> Unfortunately it really crashes ones a day. This seems to be an ongoing
>> problem for years now?
>>
>> Could anyone please give some help - or is there none?
> 
> No, this is NOT a reason for those crashes.
> 
> Background:
> At May/June 2016, Debian jessie transitioned from heavily-patched
> openssl 1.0.1k (with a lot of security patches backported from later
> [stable] versions) to (much more lightly-patched) openssl 1.0.1t (which
> already included all those security fixes).
> 
> Both versions are (supposed to be) completely binary compatible, and
> running a binary compiled against 1.0.1k with openssl 1.0.1t should be
> completely safe.
> 
> If your tor crashes daily (and especially if that also happened before
> June 2016, when debian transitioned to 1.0.1t), the reason must be
> something else (hardware problem, insufficient resources [memory? disk?
> process/task/thread limit?], some obscure tor bug).
> 
> That said, above message looks weird. It comes from this code:
> 
> log_warn(LD_CRYPTO, "OpenSSL version from headers does not match the "
>"version we're running with. If you get weird crashes, that "
>"might be why. (Compiled with %lx: %s; running with %lx: %s).",
>(unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT,
>SSLeay(), SSLeay_version(SSLEAY_VERSION));
> 
> What is that "Op$bf: " in above message and where it comes from?
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo

[tor-relays] If you get weird crashes, that might be why

[pa011]

On start-up my Exit (Linux 3.16.0-4-amd64) Tor 0.2.7.6  creates this log
message:

[warn] OpenSSL version from headers does not match the version we're
running with. If you get weird crashes, that might be why. (Compiled
with 100010bf: Op$bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f:
OpenSSL 1.0.1t  3 May 2016).

Unfortunately it really crashes ones a day. This seems to be an ongoing
problem for years now?

Could anyone please give some help - or is there none?

Thanks Paul



0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Handling abuse - like to get your help please

[pa011]

Jon, all others,

yes I understand what you say and obviously have to accept the ISP's
wishes (order).

But before giving up a 100Mbit/s exit I would like to understand more
about the ISP's reasons and burdens:

- is it just the more work for rather poor money handling(forwarding)
those abuses ?
- to whom else dose he have to report what he is doing with the gotten
abuses?
- must he answer to the origin of the abuse?
- who is getting a copy of them(if at all)?
- can he loose his license as a ISP (with to many or badly handled abuses)?
- are there any regulatory burdens for them - if so which ones?
- are ISP's treated different in different parts of the world?

Answers here might help me and others in bringing forward the discussion
with them.

Paul


Am 21.06.2016 um 15:38 schrieb BlinkTor:
> On Jun 20, 2016, at 4:19 AM, pa011 <pa...@web.de> wrote:
>>
>> Hi all,
>>
>> thanks again for your hints - in my case they obviously find Tor less
>> fancy - their response today is following:
>>
>> "Hello.
>> You need to take steps to ensure that the complaint would be no longer
>> received.
>> This software is only allowed if there are no complaints on the server."
>>
>> As I cant close Port 80 and the next attack would be a different target
>> I guess there is not much room for response :-(
>>
>> Rgds
>>
>> Paul
> 
> 
> Paul,
> 
> This is a recurring issue that will not go away, because protecting malicious 
> traffic is part of the foundational Tor philosophy. Tor very intentionally 
> has no ability (beyond rudimentary port/host blocking) to control the type of 
> traffic it carries, there are no plans to add any sort of IDS functionality, 
> and filtering exit relay traffic is frowned upon by the Tor community. This 
> is why abuse reports happen, and it's the primary reason that Tor relays are 
> blocked by so many services—typically not because folks are against personal 
> privacy, but because they simply take a very practical approach to network 
> security. So, if you (or your ISP) determine that the benefits of Tor aren’t 
> compelling enough to turn a blind eye to malicious Tor traffic and the abuse 
> reports it generates, then your only real options are to either not run an 
> exit, or not run Tor at all.
> 
> That’s just the way it is.
> 
> Jon
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] [warn] eventdns: All nameservers have failed

[pa011]

Jun 19 20:24:38.000 [warn] eventdns: All nameservers have failed
Jun 19 20:24:38.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up


I do get this in my logs on an exit (Tor 0.2.7.6) several times every hour.

The /etc/resolv.conf contains

# Generated by SolusVM
nameserver 8.8.8.8
nameserver 8.8.4.4

Is it really best to set only one DNS like specified here
https://trac.torproject.org/projects/tor/ticket/11600 ?

Or are there better working solutions?
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Handling abuse - like to get your help please

[pa011]

Thank you Michael, solving that obviously easy question :-)

So what was this "attac" then about, on which way, how can I see that ?

Nice weekend to all

Paul


Am 17.06.2016 um 21:53 schrieb Michael Armbruster:
> On 2016-06-17 at 21:51, pa011 wrote:
>> Thank you both !
>>
>> @ Michael: that’s exactly what I did so far and in the past
>> @ Moritz:  I will try my best - yes it was an automated response with
>> just an name in Germany and no IP given, that I could possibly block
>>
>> "HTTP/1.1 404 293..."  are these the ports the traffic went trough ?
>>
> 
> Hi,
> 
> Glad to hear other people already helped you out with your first question :)
> 
> To answer this one: No, this is just the HTTP version (so protocol and
> version), the HTTP status code (404 for "Not Found"; file was not found
> on the server) and the size of the message that was transmitted to the
> client, 293 bytes in this case.
> 
> Best Regards,
> Michael Armbruster
> 
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Handling abuse - like to get your help please

[pa011]

Thank you both !

@ Michael: that’s exactly what I did so far and in the past
@ Moritz:  I will try my best - yes it was an automated response with
just an name in Germany and no IP given, that I could possibly block

"HTTP/1.1 404 293..."  are these the ports the traffic went trough ?



Am 17.06.2016 um 21:42 schrieb Moritz Bartl:
> On 06/17/2016 09:35 PM, pa011 wrote:
>> As I am new to this business could somebody please give me a hint how to
>> best handle such an abuse complain - possibly stop it?
> 
> You can explain Tor, offer to block that destination from your exit, and
> offer your help so they can treat Tor users differently in general.
> Teaching them that not all Tor users they will see are bad, and they
> should not outright block Tor, etc.
> 
> Often these reports are generated automatically by some intrusion
> detection systems and are purely informational.
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Handling abuse - like to get your help please

[pa011]

As I am new to this business could somebody please give me a hint how to
best handle such an abuse complain - possibly stop it?

Thanks, Regards and a nice weekend.


we have detected abuse from the IP address xxx.xxx.xxx,xxx, which
according to a
whois lookup is on your network. We would appreciate if you would
investigate
and take action as appropriate.

Log lines are given below, but please ask if you require any further
information.

If you are not the correct person to contact about this please accept
our apologies -
your e-mail address was extracted from the whois record by an automated
process.
This mail was automatically generated.

Note: Local timezone is +0200 (CEST)

/var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:50
+0200] "POST
/cgi-bin/php-cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E
HTTP/1.1" 404 293 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X)
AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d
Safari/8536.25"
/var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:51
+0200] "POST
/cgi-bin/php.cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E
HTTP/1.1" 404 293 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X)
AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d
Safari/8536.25"
/var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:52
+0200] "POST
/cgi-bin/php4?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E
HTTP/1.1" 404 290 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X)
AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d
Safari/8536.25"



0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor Weather has been discontinued

[pa011]

I would offer 2 helping hands and possibly more as well to get this and
my own shirt out - please contact me

Paul

Am 08.06.2016 um 18:05 schrieb l3thal.inject...@gmail.com:
> If tor weather isn't running, and tshirt emails aren't being sent out,
> is someone doing this manually then? How can I help get the show on
> the road? Not gonna lie, I was really looking forward to the tshirt
> email as my relay definitely should have earned one about 2 weeks ago.
> haha. Actually I just donated $100... maybe now I can get a tshirt?
> 
> https://atlas.torproject.org/#details/1F45542A24A61BF9408F1C05E0DCE4E29F2CBA11
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch

[pa011]

I like to try this chnage as well - where do I find this file/parameter
exactly?
Thanks


Am 11.06.2016 um 20:11 schrieb SuperSluether:
> Fixed it! And I feel like I'm going crazy. If I'm reading the logs
> correctly, Tor is signaling readiness to systemd /1 hundredth of a
> second (0.01)/ past the 120s limit. I changed the limit to 300s in the
> tor@default.service file, and all is well.
> 
> Thanks Peter, you really steered me in the right direction. I should
> probably start checking logs first when something stops working...
> 
> On 06/11/2016 09:50 AM, SuperSluether wrote:
>> Ok maybe I spoke too soon. After running rpi-update and rebooting,
>> it's still having trouble starting. I'll poke around and see if I can
>> find anything. Worst case scenario, I don't have enough RAM and need
>> to turn something off, which means I'm wasting everyone's time with this.
>>
>> On 06/11/2016 09:35 AM, SuperSluether wrote:
>>> I have the Raspberry Pi Model B 2, which has an ARM7 processor. As
>>> such, I am able to use the official Debian repository without issue.
>>> Current version of Tor is 0.2.7.6-1~d80.jessie+1. Systemd is at
>>> version 215-17+deb8u4.
>>>
>>> I poked around in syslog, and found this:
>>>
>>> systemd[1]: tor@default.service start operation timed out. Terminating.
>>>
>>> After increasing the systemd timeout (from 90s to 300s) Tor is
>>> running properly. Thanks for the help! I'm guessing this happened
>>> because I just have too much running on this thing. (Plex Media
>>> Server, Deluge BitTorrent Client, Tor)
>>>
>>> On 06/11/2016 03:13 AM, Peter Palfrader wrote:
 On Fri, 10 Jun 2016, SuperSluether wrote:

> After rebooting my Raspberry Pi for a few updates, Tor is not working
> properly. From the logs,
>
> [warn] OpenSSL version from headers does not match the version
> we're running
> with. If you get weird crashes, that might be why. (Compiled with
> 100010bf:
> OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t  3
> May
> 2016).
>
> Everything else in the log looks normal, but right after bootstrap 85%
> (finishing handshake with first hop) it says this:
>
> [notice] Interrupt: we have stopped accepting new connections, and
> will shut
> down in 30 seconds. Interrupt again to exit now.
 You did not say where you got your tor from.  I assume you are using
 some version (or fork) of the debian package.  Which one?

 At a guess, your system is too slow to start tor within the default
 timeout of the systemd service.  Try raising the timeout. (Which
 systemd version are you using?)

>>>
>>
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch

[pa011]

Hi Petrusko,

yes I read this "Raspbian is not Debian"

my /etc/apt/sources.list looks like this:

deb http://archive.raspbian.org/raspbian jessie main contrib non-free
deb-src http://archive.raspbian.org/raspbian jessie main contrib non-free
deb http://ftp.debian.org/debian jessie main
deb http://deb.torproject.org/torproject.org jessie main
deb-src http://deb.torproject.org/torproject.org jessie main

Thanks


Am 11.06.2016 um 14:17 schrieb Petrusko:
> Hey!
> 
> I see in your logs the Tor 0.2.7.6 (git-605ae665009853bd) is used.
> 
> This Tor version is running fine on my _Debian_ relay, 'cause I've set
> up the _Tor repo_ in the /etc/apt/sources.list
> 
> But on _Raspbian_, I'm not sure if using the Tor repo is 100% ok... :s
> https://www.torproject.org/docs/debian.html.en#ubuntu :
> << *Raspbian is not Debian.* These packages will be confusingly broken
> for Raspbian users, since Raspbian called their architecture armhf but
> Debian already has an armhf.>>
> 
> May be I'm wrong...
> I've to try Tor repo on a 2nd RPi I've got for spare, to be sure...
> Are you using the Tor repo as I guess ? and Raspbian 8 jessie ?
> 
> Raspbian repo are ok, not as updated as the Tor repo, but it's working ;)
> 
> 
> 
> Le 11/06/2016 à 13:32, pa011 a écrit :
>> Same problem here today after several updates...
>> rpi-update doesn’t solve the issue unfortunately
>> log-file looks like this:
>>
>> Jun 11 13:20:50.000 [notice] Clean shutdown finished. Exiting.
>> Jun 11 13:20:53.000 [notice] Tor 0.2.7.6 (git-605ae665009853bd) opening
>> log file.
>> Jun 11 13:20:52.462 [warn] OpenSSL version from headers does not match
>> the version we're running with. If you get weird crashes, that might be
>> why. (Compiled $ with with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running
>> with 1000114f: OpenSSL 1.0.1t  3 May 2016).
>>
>> Jun 11 13:20:53.423 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running
>> on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8.
>>
>> Jun 11 13:20:56.000 [notice] Bootstrapped 0%: Starting
>> Jun 11 13:20:58.000 [notice] Bootstrapped 5%: Connecting to directory server
>> Jun 11 13:22:54.000 [notice] Bootstrapped 80%: Connecting to the Tor network
>> Jun 11 13:22:54.000 [notice] Signaled readiness to systemd
>> Jun 11 13:22:54.000 [notice] Bootstrapped 85%: Finishing handshake with
>> first hop
>> Jun 11 13:22:54.000 [notice] Interrupt: we have stopped accepting new
>> connections, and will shut down in 30 seconds. Interrupt again to exit now.
>> Jun 11 13:23:24.000 [notice] Clean shutdown finished. Exiting.
>>
>>
>>
>>
>> Am 11.06.2016 um 11:45 schrieb Petrusko:
>>> apt-get install rpi-update
>>
>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch

[pa011]

Same problem here today after several updates...
rpi-update doesn’t solve the issue unfortunately
log-file looks like this:

Jun 11 13:20:50.000 [notice] Clean shutdown finished. Exiting.
Jun 11 13:20:53.000 [notice] Tor 0.2.7.6 (git-605ae665009853bd) opening
log file.
Jun 11 13:20:52.462 [warn] OpenSSL version from headers does not match
the version we're running with. If you get weird crashes, that might be
why. (Compiled $ with with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running
with 1000114f: OpenSSL 1.0.1t  3 May 2016).

Jun 11 13:20:53.423 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running
on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8.

Jun 11 13:20:56.000 [notice] Bootstrapped 0%: Starting
Jun 11 13:20:58.000 [notice] Bootstrapped 5%: Connecting to directory server
Jun 11 13:22:54.000 [notice] Bootstrapped 80%: Connecting to the Tor network
Jun 11 13:22:54.000 [notice] Signaled readiness to systemd
Jun 11 13:22:54.000 [notice] Bootstrapped 85%: Finishing handshake with
first hop
Jun 11 13:22:54.000 [notice] Interrupt: we have stopped accepting new
connections, and will shut down in 30 seconds. Interrupt again to exit now.
Jun 11 13:23:24.000 [notice] Clean shutdown finished. Exiting.




Am 11.06.2016 um 11:45 schrieb Petrusko:
> apt-get install rpi-update



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] TOR router install without access to root

[pa011]

@Green

Could please explain a bit more what you mean by "Avoiding using two
nodes from the same AS would seemingly go a long way toward mitigating
the attack vector you mentioned though."

Thanks
Paul

Am 25.05.2016 um 21:22 schrieb Green Dream:
> @Nils
> 
> Tor path selection avoids using relays from the same /16 subnet, and I
> thought it considered the Autonomous System (AS) as well. However now
> I'm not finding concrete evidence that path selection looks at AS. I
> found some older academic papers on the subject [1], but nothing in the
> current specification [2].
> 
> Avoiding using two nodes from the same AS would seemingly go a long way
> toward mitigating the attack vector you mentioned though.
> 
> 1) http://freehaven.net/anonbib/cache/DBLP:conf/ccs/EdmanS09.pdf
> 
> 2) https://gitweb.torproject.org/torspec.git/plain/path-spec.txt
> 
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] TOR router install without access to root

[pa011]

Hi Markus,

on your hint I was just checking feralhosting.com. They are quoting:

"We do not allow Tor exit nodes to be run on our servers. They're open
invitations for trouble, and while Tor serves a useful purpose our
network is not the place for it.
Tor relays are fine provided they strictly only act as an intermediary.

We will make an exception to this rule if you bring your own RIPE IPs
and handle abuse directly while taking full responsibility. "

Is this your experience as well?

Paul


Am 25.05.2016 um 10:16 schrieb Markus Koch:
> Linux, would like to upgrade my accounts at feralhosting.com with tor
> nodes. It must be possible because there are a lot of TOR nodes on
> feral. No clue what kind of linux they are using but you are right, I
> needed root for my other 6 TOR servers and I am just wondering if
> there is a way around it, if not I just ask them to install it for me
> :)
> 
>  Markus
> 
> 
> 2016-05-25 10:10 GMT+02:00 Petrusko :
>> Like a portable version so ?
>>
>> Windows, Linux, which operating system are you using ?
>>
>> On Linux world, I'm usually using Debian and as I know you will need a
>> root access to the server.
>> It will create a debian-tor group, write into the system...
>>
>> Or if your user is in the "sudo" group, it can be ok.
>>
>> On windows, I'm not sure if there's a portable version of Tor...
>> portable = no need to install
>>
>>
>>
>> Le 25/05/2016 10:03, Markus Koch a écrit :
>>> possible or do I have to ask my hosting company for the install on a
>>> shared server?
>>>
>>> Markus
>>> ___
>>> tor-relays mailing list
>>> tor-relays@lists.torproject.org
>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
>> --
>> Petrusko
>> PubKey EBE23AE5
>> C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5
>>
>>
>>
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] tips-running-exit-node-minimal-harassment

[pa011]

This page
https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
cant be found at the moment - anybody holding a copy of it please?

There is something similar 6 years old:
https://www.facebook.com/notes/tor-project/tips-for-running-an-exit-node-with-minimal-harassment/407918266748/
Is this still state of the art?

Thanks

Paul


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] VPS for Exits

[pa011]

I contacted ITL (https://itldc.com/) as well two weeks ago. To me they
refused opening an exit: "We decide to do not allow new public tor exit
nodes in our network. Existing public tor exit nodes we be kept."

Paul



Am 21.05.2016 um 14:37 schrieb Neel Chauhan:
>>Do you know of a VPS for an exit?
> I have two exits on VPS servers. One is on ITL (https://itldc.com/), and
> the other one is on CoolHousing using their Virtual Server Lite brand
> (http://virtualniserverlite.cz/en/). My experience with both hosts has
> been very good. For the latter, you WILL need a Reduced Exit Policy, and
> have to remove IRC ports.
> 
> I also previously had a VPS with Verelox (https://verelox.com/) when
> they had unlimited bandwidth, and they allow Tor exit nodes as well.
> 
> I don't know about other providers, but a good place to ask for a Tor
> friendly VPS is vpsBoard (https://vpsboard.com/).
> 
> -Neel Chauhan
> https://www.neelc.org/
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Handling possible abuse requests

[pa011]

Thank you all who have contributed with there hints, support and
motivation so far. I will dig into that links and papers hopefully in
the coming days and probably ask again afterwards :-)

What seems to be important is to get an IP reassignment from the ISP -is
that really essential to start?

And furthermore is it ok to run with such a set of IP4 rules:

/etc/iptables/rules.v4
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
-A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT

Thank you again

PA

Am 19.05.2016 um 13:56 schrieb Moritz Bartl:
> On 05/18/2016 10:13 PM, pa011 wrote:
>> Is there anybody out there who can give me some advice, or even help me
>> doing (answering) these?
> 
> I think it is pretty much straightforward. You can explain what Tor is,
> why you are supporting it, and in some more heated cases offer to
> temporarily block destination IP/port pairs. You will come up with your
> own language and standard cases as you go along, and from that can
> derive some template replies.
> 
>> How many of those abuses are to expect?
>> How to avoid on changing what parameters?
> 
> The easiest parameter to tune is bandwidth. The more bandwidth you
> provide, the more abusive traffic you will see. The second most
> important parameter is the ExitPolicy. See also
> https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
> and https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines .
> 
> Thanks for running Tor relays, and welcome to the exit business! :)
> 


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Handling possible abuse requests

[pa011]

I am running some pretty good developing relays which I would like to
change into exit-nodes over time. As I have no experience how to handle
possible abuses I would need some help please?

Is there anybody out there who can give me some advice, or even help me
doing (answering) these?
How many of those abuses are to expect?
How to avoid on changing what parameters?

Any hints highly appreciated.

PA


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] First Relay

[pa011]

Congratulation - I know that feeling very well ...one after another :-)

Am 10.04.2016 um 21:08 schrieb KAW:
> Got my first relay running for 4 days now :D
> 
> 
> -KAW
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 


0xC8C330E7.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] [warn] Bad password or authentication cookie on controller.

[pa011]

Hello,

yesterday I got within a minute three times the above warning in my log
file on Tor 0.2.7.6.

Could somebody please explain to me what it means and how to solve?

Is there a source where I can possibly find answers on this and other
warnings?

Thanks in advance

Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Traffic on a small Middle Relay, Advertised Bandwidth 1 MB/s

[pa011]

Since about 3 months i am running a small middle relay with Advertised
Bandwidth of 1 MB/s.

The ISP cuts the line every night as its common on most German private
DSL. The relay therefore doesn't get a stable-flag :-(

What is the amount of traffic i could/should possibly generate?

Is a utilization between 10 and 20 percent not too small, with 15% RAM,
0-20% CPU used only?

Could i do any better?

Rgds

Paul


0xF5A71575.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] How to update tor on my raspberry

[pa011]

Hallo Volker,

that looks strange. I do run a middle relay on raspian jessie and got it
weeks ago by running your commands...

/etc/apt/sources.list does have the following entries:

deb http://archive.raspbian.org/raspbian jessie main contrib non-free
deb-src http://archive.raspbian.org/raspbian jessie main contrib non-free
deb http://ftp.debian.org/debian jessie main
deb http://deb.torproject.org/torproject.org jessie main
deb-src http://deb.torproject.org/torproject.org jessie main


Regards

Paul

Am 10.01.2016 um 15:11 schrieb Volker Mink:
> Hey there. 
> 
> My exit is still running on tor 0.2.4.27.  
> How can i update it to 0.2.7.6 ?
> Apt-get offers no package with apt-get update and upgrade. 
> Any hints?
> 
> 
> Best,
> Volker
> 
> 
> 
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 


0xF5A71575.asc
Description: application/pgp-keys
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays