Re: [tor-relays] 36C3 voucher
> While still running several Exits I would be more than happy to meet others > there > > Thanks Me too :-) So a voucher would be highly welcome Greetings Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] 'MyFamily' .... torworld.org
Am 10.01.2017 um 21:01 schrieb nusenu: > > > pa011: >> Could you explain please why names like torworld.org, torservers.net, >> online de, etc. are not aggregated in one position on >> https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operators.txt > > > https://github.com/ornetstats/stats writes: >> Relays are aggregated based on effective families. > > So they are not setting MyFamily properly or someone else is using their > contactInfo. > > Maybe I should rename the files to main_..._families.txt Better would be a warning: Family currently worth nothing !! torservers.net: https://atlas.torproject.org/#details/ABF7FBF389C9A747938B639B20E80620B460B2A9 -> no one of the given family is blue, so yes the family seems wrong zwiebeln online de: https://atlas.torproject.org/#details/0E2773CF5609FD7FA52837E53DF4B0D47F0D15B7 -> all the family members are blue, counting 27 , which is slightly more than your 2 lines added together this morning torworld.org : https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A6788321 -> currently 12 big Exits - no Family given at all at https://torstatus.rueckgr.at/index.php ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] 'MyFamily' .... torworld.org
Hi nusenu, thank you for your daily work about "MyFamily". Could you explain please why names like torworld.org, torservers.net, online de, etc. are not aggregated in one position on https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operators.txt Would you judge torworld.org, which is on the "/potentially_dangerous_relaygroups" now for a long time to be a commercial service? Regards Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] MyFamily updated
Am 26.12.2016 um 14:53 schrieb nusenu: > > > Thanks for fixing it! > > +---++ > | nickname | eMyFamilyCount | > +---++ > | NeelTorRelay1 | 4. | > | NeelTorExitUSWest | 4. | > | NeelTorExitCZ | 4. | > | NeelTorRelay2 | 4. | > +---++ With thanks to your work nusenu, we will come to the point where only "torworld.org" will be left on the potentially dangerous exits https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt :-) Rgds Paul p.s. would be glad to meet you and other Exit volunteers in Hamburg from tomorrow ! 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] "[warn] Cannot make an outgoing connection without a DirPort" under BSD
I am running (FreeBSD 11.0-RELEASE-p2) Tor 0.2.8.11 getting following warnings while Self-testing indicates that DirPort is reachable from the outside? Can these warnings be ignored, while Tor is running properly afterwards ? Merry Christmas! Paul Dec 24 13:20:57.000 [notice] Bootstrapped 80%: Connecting to the Tor network Dec 24 13:20:57.000 [warn] Cannot make an outgoing connection without a DirPort. Dec 24 13:20:58.000 [notice] Bootstrapped 85%: Finishing handshake with first hop Dec 24 13:20:58.000 [notice] Bootstrapped 90%: Establishing a Tor circuit Dec 24 13:20:58.000 [notice] Tor has successfully opened a circuit. Looks like client functionality is working. Dec 24 13:20:58.000 [notice] Bootstrapped 100%: Done Dec 24 13:20:58.000 [notice] Now checking whether ORPort x.x.x.x:9001 and DirPort x.x.x.x:9030 are reachable... (this may take up to 20 minutes -$ Dec 24 13:20:59.000 [notice] Self-testing indicates your ORPort is reachable from the outside. Excellent. Dec 24 13:20:59.000 [notice] Self-testing indicates your DirPort is reachable from the outside. Excellent. Publishing server descriptor. Dec 24 13:21:00.000 [notice] Performing bandwidth self-test...done. Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort. Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort. Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort. Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort. Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort. Dec 24 13:21:57.000 [warn] Cannot make an outgoing connection without a DirPort. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Relay on ARM server Marvell Armada 370/XP
Am 20.12.2016 um 14:40 schrieb Volker Mink: > Is it OK with their TOS to run a TOR Relay7Exit? > If so, i really consider getting a VPS there! Volker - apart from not putting all eggs in the same basket (France as country and Online.net as ISP), but if you really wanna go there scaleway opened some cloud VPS in Amsterdam recently - same price far better performance, and yes as Markus wrote, they are very relaxed on Exits! ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] MyFamily update required
Hi nusenu, thanks for your great work - lets assume for a second I would be with several relays on both of you lists: https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operators.txt https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt How can I best find out which ones bring me on your second one? Whats the number in the column MyFamilyCount - how added up? Best regards Paul only example - not me... > +-+-+---+--+ > | first_seen | IP | MyFamilyCount | exit | > +-+-+---+--+ > | |9. |0 | > | |9. |0 | > | |8. |1 | > | | NULL |0 | > +-+-+---+--+ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] "Up-and-coming" Ticket - 33C3
Have Juniors interested in our work, likely to follow our steps or build new ones...need tickets for Hamburg 33C3 "Up-and-coming" would be great, but would consider "Standard" as well... Hopefully :-) Thanks and regards Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] The t-shirt organization thingy
> Hi Moritz, > > I do understand that it's hard to run an organization with too few > people, it's my daily life working for staff at my university (I am the > only administrator for 16 tablets, 34 laptops, 3 servers and 7 > thinclients, and we are not allowed to use centralized tools, I have to > administrate all of these devices manually), so there are definitely all > my "thank you"s I can give. > > But I, for example, didn't even get an answer first, I would even love > to get an automated email saying "Sorry if it takes a very long time, we > are overwhelmed by the work we currently have to do" (waiting for almost > 7 months now by the way). After 2-3 months I got an answer when we > talked about that topic via this list in summer (though nothing official > besides the mailing list talk). The problem is that only one person > handles the shirts and it's ok even if I have to wait another 7 months > or so (it's a gift at all, as you already said). > > It's just that you/we/they should change something about the handling of > the situation. It was (and for others most probably still is) the lack > of communication that frustrates eligible relay operators so much. > > But to conclude, thanks for all the work towards Tor and everything. > Everybody has to give his work and support, so we can stand for free > Internet (free as in freedom, not as in free beer). This was not meant > to be against you, it was only in response to your mail because you got > to this topic :) > > Best, > Michael I agree with what you already expressed Michael. On top of that I just want to remind on two mails back from June this year -obviously a time when the project was more focused on other issues - even there is and was volunteer help around: >Date: Mon, 13 Jun 2016 22:07:26 +0200 >I would offer 2 helping hands and possibly more as well to get this and >my own shirt out - please contact me >Paul >Am 08.06.2016 um 18:05 schrieb l3thal.inject...@gmail.com: >> If tor weather isn't running, and tshirt emails aren't being sent out, >> is someone doing this manually then? How can I help get the show on >> the road? Not gonna lie, I was really looking forward to the tshirt >> email as my relay definitely should have earned one about 2 weeks ago. >> haha. Actually I just donated $100... maybe now I can get a tshirt? >> >> https://atlas.torproject.org/#details/1F45542A24A61BF9408F1C05E0DCE4E29F2CBA11 >> ___ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] ansible for tor relay ops
> >> Isn’t it somehow dangerous in the area we operate, to rely on a piece >> of software created more or less by a single person? > > Thanks for this question. Can you give a few examples for "dangerous" in > the context of your question so I might be able to address your concerns > more specifically? That is exactly the point, if you know the danger in advance, there might be a change you can address and possibly handle it. In this case, somebody like me would rely on a piece of software that he possible cant judge, or totally understand and there are not several people who might have had an eye on it,checked it and agreed, that there is no misbehaviour? Who are trusted people in this group, who are not and why? Who is giving a service for what reason? I don’t want to go more down is road ending up in paranoia but I am sure some of those thoughts get shared. Yes one argument might be, there is a long track record, reputation for a person - difficult for newcomers to judge. I cant be more specific and please don’t take it personally - these are just general thoughts...and every single question (if and when it may arise) could be cleared.. Thank you and regards Paul 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
Am 10.12.2016 um 21:12 schrieb Ivan Markin: > pa011: >> What about relays not on the list at all? > > You mean that are not subscribed for tor-relays@? No, forget that one - was my mistakable in the spreadsheet > > btw, it would be awesome to give away t-shirts or something for running > diverse relays. that was a least a promise the year ago (its not any more)- and I believe one should stand to his promises > >> I would assume that not everybody of that 23 percent does know what >> exactly to do, apart from better running on BSD - could you please >> give detailed recommendation for beginners - your discussion seems on >> a high level :-) > > Agree, I personally don't see any way to notify these operators about > what to do (except clear instructions at blog.tpo or tor-relays@). > With pleasure. Yes please spread this out - as simple as possible - the list has about 1700 hundret subscribers I, if I am correct - I reckon the important and interested ones are on it There is an awesome The Tor BSD Diversity Project. The > instructions for BSD beginners can be found here [1]. I used them about a week ago - they were the best I could find - sure they have room for improvement, especially for beginners, but there are several nice people out there -glad to help - some awful question have me done here by me already > [1] https://torbsd.github.io/relay-guides.html Could you give some explanation please on the difference between: -lots of challenge ACKs -multiple challenge ACKs -one challenge ACK -two challenge ACKs -vulnerable -zero challenge Thanks Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Network scan results for CVE-2016-5696 / RFC5961
> I would however be very interested to hear back from tor-relay operators > if any of them have found Challenge ACK counter values higher than > a million... which would indicate some kind of funny business. > Thanky you for your work. I know of 3 relays with ACK above 1 million: TCPChallengeACK: 1081146 TCPSYNChallenge: 1062995 TCPChallengeACK: 1270948 TCPSYNChallenge: 1254428 TCPChallengeACK: 1189549 TCPSYNChallenge: 1171422 all running under Linux vm20198 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19) x86_64 GNU/Linux There seems to be no relation between uptime of the server and challenges apart from rebooting, which resets to 0. What about relays not on the list at all? I would assume that not everybody of that 23 percent does know what exactly to do, apart from better running on BSD - could you please give detailed recommendation for beginners - your discussion seems on a high level :-) Thanks and regards Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] torworld relays in entry and exit position
Very good Nusenu - I like your insistent dialogue and asking in this case :-) You are quite often referring to Ansible which is new to me. Is there a permanent free version around to let your https://github.com/nusenu/ansible-relayor run on it? Isn’t it somehow dangerous in the area we operate, to rely on a piece of software created more or less by a single person? Best regards Paul Am 10.12.2016 um 01:55 schrieb nusenu: > > > Security TorWorld wrote (2016-11-14): >> We believe that next month on the 1st of December would be a good time >> to add this feature. > > What is the current state on this? > > You are still on the top of this list: > https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] relays with dynamic IP - here Rasp2
Am 06.12.2016 um 18:16 schrieb Rana: > -Original Message- > From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf > Of pa011 > Sent: Tuesday, December 06, 2016 1:24 AM > To: tor-relays@lists.torproject.org > Subject: Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP > > >> I would like to hear about ONE Raspi Tor operator who was allowed by >> DirAuths (or bwauths or whatever) to come even near 1 mbit/s bandwidth >> utilization >> > > let me tell: > https://atlas.torproject.org/#details/AA44C4BE3C90DCAAC09E5CD26150710AAA80D58B > https://atlas.torproject.org/#details/CA9A5D5C4688F04EEC1AF810B0FD348109FA17FB > > are sharing the same dynamic IP on a Rasp2 -cut every 24 hours > > day rx | tx |total| avg. rate > +-+-+--- > 05.12.201627,20 GiB | 28,39 GiB | 55,59 GiB |5,40 Mbit/s > > > that is slight above 1 Mbit/s :-) > > > Best regards > > Paul > > > Wow nice bandwidth you are pushing through Paul! You mean two Raspi 2's > sharing an Internet connection, each relaying 27 Gbytes per day at 5.4 Mbit/s > on the average?? Total 10.8 Mbit/s?? Or 2.7 Mbit/s each? It is just 1 single Rasp2 - running 2 tor instances on 1 IP, details here https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create.8.txt > > Definitely refutes the previously claimed 1 Mbit/s Tor limit on Raspi, and > means that Raspi has nothing to do with the ridiculously low utilization of > my relay, just as I thought. As a matter of fact this means that whoever is > NOT running a relay on a Raspi (or two, or four of them) is wasting money, > unless he has a computer lying about with nothing better to do. > > Also, what's the max memory and CPU utilization on your Raspi (I have read > somewhere that Tor is only capable of utilizing 2 of the 4 CPU cores), and > what kind of Internet connection do you have? The Rasp2 is fairly unused, in memory and CPU - running on a German DSL - giving tested max. 7Mbit/s upload top - 19:15:15 up 47 days, 1:11, 2 users, load average: 0,37, 0,26, 0,24 Tasks: 118 total, 2 running, 116 sleeping, 0 stopped, 0 zombie %Cpu(s): 10,3 us, 1,9 sy, 0,0 ni, 86,4 id, 0,0 wa, 0,0 hi, 1,4 si, 0,0 st KiB Mem:947756 total, 831368 used, 116388 free, 147964 buffers KiB Swap: 102396 total,0 used, 102396 free. 426736 cached Mem > BTW the $35 Raspi 3 has 33% more CPU power than your Raspi 2 and the same > amount of memory. There is no need for a Rasp3 under given condition - not even the Rasp2 is getting warm :-) > > Rana ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
> I would like to hear about ONE Raspi Tor operator who was allowed by DirAuths > (or bwauths or whatever) to come even near 1 mbit/s bandwidth utilization > let me tell: https://atlas.torproject.org/#details/AA44C4BE3C90DCAAC09E5CD26150710AAA80D58B https://atlas.torproject.org/#details/CA9A5D5C4688F04EEC1AF810B0FD348109FA17FB are sharing the same dynamic IP on a Rasp2 -cut every 24 hours day rx | tx |total| avg. rate +-+-+--- 05.12.201627,20 GiB | 28,39 GiB | 55,59 GiB |5,40 Mbit/s that is slight above 1 Mbit/s :-) Best regards Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD - solved
its working currently on Tor 0.2.8.9 (recommended) otherwise it might conflict with arm? $ sudo pkg update && sudo pkg upgrade -y Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date. Updating FreeBSD repository catalogue... FreeBSD repository is up-to-date. All repositories are up-to-date. Any quick idea how to solve that one: Resolving svn.torproject.org (svn.torproject.org)... 2a01:4f8:172:1b46:0:abba:14:1, 138.201.14.206 Connecting to svn.torproject.org (svn.torproject.org)|2a01:4f8:172:1b46:0:abba:14:1|:443... connected. ERROR: cannot verify svn.torproject.org's certificate, issued by 'CN=Let\'s Encrypt Authority X3,O=Let\'s Encrypt,C=US': Unable to locally verify the issuer's authority. To connect to svn.torproject.org insecurely, use `--no-check-certificate'. Rgds Paul Am 05.12.2016 um 18:42 schrieb diffusae: > Hi! > > That's nice to hear. > > RAM is also very good for tor relays. :-) > > Maybe you want to change your version to tor-devel-0.2.9.5.a, if you > don't done this already (e. g. portsnap fetch update && portmaster > security/tor-devel). > > Regards, > > > On 05.12.2016 18:32, pa011 wrote: >> Working :-) >> >> It looks like it was missing the Address in torrc. >> I added up some RAM before- that didn’t help. >> >> Ok, now I have time to follow up all your other recommendations in the >> coming days. >> >> Thank you all very much for your help! >> >> Best Regards >> Paul >> >> p.s. as it is finally that easy to get BSD running, hopefully more will >> follow in diversifying the tor world. >> >> >>> >>> You might also want to try setting the "Address" knob. >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD - solved
Working :-) It looks like it was missing the Address in torrc. I added up some RAM before- that didn’t help. Ok, now I have time to follow up all your other recommendations in the coming days. Thank you all very much for your help! Best Regards Paul p.s. as it is finally that easy to get BSD running, hopefully more will follow in diversifying the tor world. > > You might also want to try setting the "Address" knob. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP
Rana, I don’t think ""submit a patch" needs any clarification. Maybe you are a little bit to aggressive in your wording :-) ? I do have a dynamic IP as well on one relay and do know that frustration. Relax Paul Am 04.12.2016 um 19:23 schrieb Rana: > Please clarify what you mean by "submit a patch". > > I am not one of Tor technical contributors, nor do I presume capability of > being one. I can only report my findings as a relay operator. Which I have > already done here, in full detail. > > -Original Message- > From: tor-relays [mailto:tor-relays-boun...@lists.torproject.org] On Behalf > Of Sebastian Niehaus > Sent: Sunday, December 04, 2016 7:05 PM > To: tor-relays@lists.torproject.org > Subject: Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP > > Am 04.12.2016 um 17:54 schrieb Rana: > >> In short, if Tor Project does not want relays with dynamic IP, it >> should say so and I would stop wasting my time. Otherwise, Tor should >> fix what's broken. > > Please submit a patch. > > > Thanks. > > > Crying about what tor shold do to please you seems not very productive. > > > Sebastian > > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] security/tor ignores torrc Log setting?
Am 03.12.2016 um 17:13 schrieb nusenu: > >> By default, FreeBSD's tor and tor-devel port want to store logs inside >> /var/log/tor/ regardless of what you put in the /usr/local/etc/tor/torrc >> file last I looked. > > Are you sure? What security/tor package version was this? > This never happened to me. it was on tor-devel 0.2.7.6 : Dec 01 20:15:11.099 [notice] Tor v0.2.7.6 (with bufferevents) running on FreeBSD with Libevent 2.0.22-stable, OpenSSL 1.0.1s-freebsd and Zlib 1.2.8. Dec 01 20:15:11.099 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Dec 01 20:15:11.100 [notice] Read configuration file "/usr/local/etc/tor/torrc". Dec 01 20:15:11.108 [notice] Opening Control listener on 127.0.0.1:9051 Dec 01 20:15:11.109 [notice] Opening OR listener on 0.0.0.0:1443 Dec 01 20:15:11.109 [notice] Opening Directory listener on 0.0.0.0:1080 Dec 01 20:15:11.000 [warn] Couldn't open file for 'Log notice file /var/log/tor/notices.log': Not a directory Dec 01 20:15:11.000 [notice] Closing partially-constructed Control listener on 127.0.0.1:9051 Dec 01 20:15:11.000 [notice] Closing partially-constructed OR listener on 0.0.0.0:1443 Dec 01 20:15:11.000 [notice] Closing partially-constructed Directory listener on 0.0.0.0:1080 and the same on tor 0.2.8.9: if you put "Log notice file /var/log/tor/" in torrc you get [warn] Couldn't open file for 'Log notice file /var/log/tor/': Is a directory if you change torrc to "Log notice file /var/log/tor/log" it runs trough ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD
Ok, as I am new to freeBSD some more questions please: [WARN] Your server (x.x.x.x.:4443) has not managed to confirm that its ORPort is reachable. Relays do not publish descriptors until their ORPort and DirPort are reachable. What do I have to do - how to best set-up a decent strong firewall on a freeBSD Exit? Is there any further helpful documentation around apart from the freeBSD handbook to get my learning curve up more quickly? The more detailed the better :-) - Thanks in advance Paul Am 02.12.2016 um 01:00 schrieb diffusae: > > See you ... > > :-) > > On 02.12.2016 00:57, pa011 wrote: >> solved, as far as I can see now - maybe more tomorrow.. >> >> Thank you very much gentlemen for your help :-) !!! >> ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD
solved, as far as I can see now - maybe more tomorrow.. Thank you very much gentlemen for your help :-) !!! Am 02.12.2016 um 00:51 schrieb diffusae: > ln -s /usr/local/bin/python2.7 /usr/local/bin/python ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD
Am 02.12.2016 um 00:32 schrieb George: > On 12/01/16 18:25, pa011 wrote: >> >> >> Am 02.12.2016 um 00:19 schrieb diffusae: >>> Hi! >>> >>> On 02.12.2016 00:04, George wrote: >>>> Installing security/arm is simple enough. >>>> >>>> pkg install arm >>> >>> Yes, that normally should solve your problem. >>> >>> I've recognized that the dependencies are on Tor v0.2.8.9. >>> You can't install it with security/tor-devel? >>> >> After an update I got - Tor 0.2.9.4-alpha (git-8b0755c9bb296ae2) >> >> So you say I should better install tor instead of tor-devel? > > What did you update? I'm confused... were you running tor-0.2.8.9 > (stable in security/tor) and upgraded via pkg(8) and got tor-0.2.9.4 > which is security/tor-devel? > > I tend to recommend security/tor-devel over security/tor, unless you > can't regularly keep the package updated. The alpha/devel branch will > generally include the latest security fixes and counter-measures to > surveillance. > > And on a side note, OpenBSD is likely removing lsof from their ports > tree (see ports@ from today), which is a dependency for the arm port, > but will have it use fstat(1) instead IIRC. > I started with tor-devel: 0.2.7.6 did sudo pkg update && sudo pkg upgrade -y and ended so at 0.2.9.4.a But "sudo pkg install security/arm" now made: py27-arm: 1.4.5.0_1 python27: 2.7.12 libffi: 3.2.1 py27-setuptools27: 23.1.0 tor: 0.2.8.9 Tor can be started now when putting #Log notice file /var/log/tor/log Starting arm by just "arm" brings up "/usr/local/bin/arm: python: not found" Rgds Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD
Am 02.12.2016 um 00:21 schrieb Michael Armbruster: > On 2016-12-01 at 23:54, pa011 wrote: >> There were some talks about network diversity recently, so I made up my mind >> and started a freeBSD server. >> >> On advice from here >> https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 I placed a >> line in the torrc file "Log notice file /var/log/tor/log" >> >> Following these instructions from the TDP: >> >> "touch /var/log tor && chown _tor:_tor /var/log/tor && chmod 600 >> /var/log/tor" > > As others already said, it should be "/var/log/tor" without a space and > with a slash. > > But for me, it looks like you are trying to store the logs in a file > "/var/log/tor/log", so in a directory named "/var/log/tor". You should > delete the file you created with the touch command and instead use > "mkdir /var/log/tor", then change ownership and modify access rights via > chmod. > I thought it is similar to "Log notice file /var/log/tor/notices.log" in debian where you specify a single file. So you Michael say in in freeBSD the torrc file is looking for a folder entry - I will try that tomorrow.. so it will be "sudo mkdir /var/log/tor" "sudo chown _tor:_tor /var/log/tor" "sudo chmod 600 /var/log/tor" Rgds Paul 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD
Am 02.12.2016 um 00:19 schrieb diffusae: > Hi! > > On 02.12.2016 00:04, George wrote: >> Installing security/arm is simple enough. >> >> pkg install arm > > Yes, that normally should solve your problem. > > I've recognized that the dependencies are on Tor v0.2.8.9. > You can't install it with security/tor-devel? > After an update I got - Tor 0.2.9.4-alpha (git-8b0755c9bb296ae2) So you say I should better install tor instead of tor-devel? Regards Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD
I did it with sudo, because it wasn’t privileged otherwise - this is the result using sudo Am 02.12.2016 um 00:03 schrieb Marcel Krzystek: > Then it's likely a permission issue. Have you tried running the command with > sudo? (Or in FreeBSD, you may need to run it as su). > > > > On Thu, Dec 1, 2016 at 4:01 PM, pa011 <pa...@web.de <mailto:pa...@web.de>> > wrote: > > I saw that and tried "touch /var/log/tor" - didn’t help .. > > > Am 01.12.2016 um 23:57 schrieb Marcel Krzystek: > > It appears you have a space in "touch /var/log tor" that should not be > there. Try "touch /var/log/tor" instead. > > > > On Thu, Dec 1, 2016 at 3:54 PM, pa011 <pa...@web.de > <mailto:pa...@web.de> <mailto:pa...@web.de <mailto:pa...@web.de>>> wrote: > > > > There were some talks about network diversity recently, so I made > up my mind and started a freeBSD server. > > > > On advice from here > https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 > <https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431> > <https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 > <https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431>> I placed > a line in the torrc file "Log notice file /var/log/tor/log" > > > > Following these instructions from the TDP: > > > > "touch /var/log tor && chown _tor:_tor /var/log/tor && chmod 600 > /var/log/tor" > > > > found here: https://torbsd.github.io/fbsd-relays.html > <https://torbsd.github.io/fbsd-relays.html> > <https://torbsd.github.io/fbsd-relays.html > <https://torbsd.github.io/fbsd-relays.html>> I ended up getting this warning: > > > > "[warn] Couldn't open file for 'Log notice file /var/log/tor/log': > Permission denied" > > > > Maybe I am to tired today to find the mistake - what is wrong > please? > > > > Is there a good instruction elsewhere? > > > > Is it possible to install arm on freeBSD and if so could somebody > help me with the implementation please? > > > > Thanks > > > > Paul > > > > > > ___ > > tor-relays mailing list > > tor-relays@lists.torproject.org > <mailto:tor-relays@lists.torproject.org> > <mailto:tor-relays@lists.torproject.org > <mailto:tor-relays@lists.torproject.org>> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays> > <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>> > > > > > > > > > > ___ > > tor-relays mailing list > > tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays> > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays> > > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] network diversity with freeBSD
I saw that and tried "touch /var/log/tor" - didn’t help .. Am 01.12.2016 um 23:57 schrieb Marcel Krzystek: > It appears you have a space in "touch /var/log tor" that should not be there. > Try "touch /var/log/tor" instead. > > On Thu, Dec 1, 2016 at 3:54 PM, pa011 <pa...@web.de <mailto:pa...@web.de>> > wrote: > > There were some talks about network diversity recently, so I made up my > mind and started a freeBSD server. > > On advice from here > https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 > <https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431> I placed > a line in the torrc file "Log notice file /var/log/tor/log" > > Following these instructions from the TDP: > > "touch /var/log tor && chown _tor:_tor /var/log/tor && chmod 600 > /var/log/tor" > > found here: https://torbsd.github.io/fbsd-relays.html > <https://torbsd.github.io/fbsd-relays.html> I ended up getting this warning: > > "[warn] Couldn't open file for 'Log notice file /var/log/tor/log': > Permission denied" > > Maybe I am to tired today to find the mistake - what is wrong please? > > Is there a good instruction elsewhere? > > Is it possible to install arm on freeBSD and if so could somebody help me > with the implementation please? > > Thanks > > Paul > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org <mailto:tor-relays@lists.torproject.org> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays> > > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] network diversity with freeBSD
There were some talks about network diversity recently, so I made up my mind and started a freeBSD server. On advice from here https://gist.github.com/teor2345/c6e2890c44097fd6aaceeedec08c6431 I placed a line in the torrc file "Log notice file /var/log/tor/log" Following these instructions from the TDP: "touch /var/log tor && chown _tor:_tor /var/log/tor && chmod 600 /var/log/tor" found here: https://torbsd.github.io/fbsd-relays.html I ended up getting this warning: "[warn] Couldn't open file for 'Log notice file /var/log/tor/log': Permission denied" Maybe I am to tired today to find the mistake - what is wrong please? Is there a good instruction elsewhere? Is it possible to install arm on freeBSD and if so could somebody help me with the implementation please? Thanks Paul 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Blocking PSN
You can contact them on the given snei-noc-ab...@am.sony.com and they will give you a list of attacked IPs. Paul Am 29.11.2016 um 14:48 schrieb SuperSluether: > I keep getting Account Takeover Attempt abuses on my Tor exit, and I'm not > sure how to handle them: > > It is most likely the attack traffic is directed at one of the following > endpoints: > > account.sonyentertainmentnetwork.com > auth.np.ac.playstation.net > auth.api.sonyentertainmentnetwork.com > auth.api.np.ac.playstation.net > > These endpoints on our network are resolved by Geo DNS, so the IP addresses > they resolve to will depend on the originating IP address. > > The destination port will be TCP 443. > > > I used 'dig' and 'ping' to see what IP address the 4 endpoints resolved as, > and blocked the resulting addresses, but I'm still getting the abuse. The > Whois records show Sony and PSN owning 63.x.x.x, 64.x.x.x, 68.x.x.x, and > 108.x.x.x addresses, but the websites above resolve to 23.x.x.x, so either > the lists are incomplete or I'm doing something wrong. > > Any ideas? > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] 33C3 Ticket
Looking to meet other Exits in Hamburg - just need a ticket :-) Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Is my relay affected by cve-2016-8860?
Thank you Nusenu for your list. Maybe you can add a Nickname column next time for all those, who have more than one hamster in the race. Rgds Paul Am 15.11.2016 um 22:17 schrieb nusenu: > > https://blog.torproject.org/blog/tor-0289-released-important-fixes > > > If you are unsure whether you are running a vulnerable tor relay, you > can search your contact string on the following page (sorted by cw > fraction): > > > https://github.com/ornetstats/stats/blob/master/o/cve-2016-8860.txt > (generated daily) > > > If you are on that page you are likely running a vulnerable version > (unless someone else is using your contactinfo as well) > > > Unfortunately the opposite does not hold true - meaning you are not 100% > safe if you are not listed > (I tried to keep the false positives low for the price of a higher > false-negative rate). > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] 33C3 Ticket
First poor round of selling is over - anybody holding more tickets than he needs already? Would still take one :-) Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Abuses: Suspicious botnet ramnit attack
Hi, got the abuse below on three different exits. Anybody having any idea what to do and how to possibly to stop this in the future? Thanks Paul CERT-EU has received information regarding an infected IP belonging to your network, which may have security problems. The information regarding the problems is also included as attachments in both CSV and XML formats. All timestamps are in UTC. At this time we do not have any more information. Where: - ASN: is the Autonomous System Number; - IP: the Internet Protocol address associated with this activity; - TIME: discovery time of the malicious activity; - PTR/DNAME: PTR/DNAME record - CC: ISO 3166-1 alpha-2 two-letter country code; - TYPE: type of the security problem or threat; - INFO: provides any additional information, if available.asn|ip|time|ptr|cc|type|info|info2 ASx|xxx.xxx.xxx.xxx|25-10-2016 12:10:09Z|XX|botnet drone|Description: Ramnit botnet victim connection to sinkhole details, Timestamp : 1477397409.72, City : none, Count: 8, First Seen: 25-10-2016 12:10:09, Last Seen: 25-10-2016 ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] DNS resolving -problem?
Got problems overnight. On all servers traffic died down and looks like below - what went wrong please? Here is what I did: apt-get install dnsmasq /etc/resolv.conf nameserver 127.0.0.1 /etc/dnsmasq.conf server=216.87.84.211 #open.nic us server=84.200.69.80 #dns.watch us server=84.200.70.40 #dns.watch us server=194.150.168.168 server=62.113.203.99 server=188.165.200.156 server=5.9.49.12 server=193.183.98.154 server=46.101.89.89 cache-size=1 conf-file=usr/share/dnsmasq-base/trust-anchors.conf dnssec dnssec-check-unsigned etc/init.d/dnsmasq restart vnstat -h eth0 ^ r | rtrt rt | rt rt rt rt rt rt rt rt | rt rt rt rt rt rt rt r rt rt rtrtrt | rt rt rt rt rt rt rt rt r r r rt rt rt rt rt rt rt | rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt | rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt | rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt | rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt | rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt rt -+---> | 12 13 14 15 16 17 18 19 20 21 22 23 00 01 02 03 04 05 06 07 08 09 10 11 ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Why do 40% of Tor exits uses 8.8.8.8 for DNS resolving ?
These errors do only get up when starting "apt-get update" not when "dig ftp.de.debian.org" - this gets solved well. Am 17.10.2016 um 19:00 schrieb pa011: > Thank you Toralf for you instructions and kick again. > > > Following those > >> [2] https://zwiebeltoralf.de/torserver.html > > instruction do work but leave me with several unresolved queries: > > »deb.torproject.org« > »archive.ubuntu.com« > »security.debian.org« > »ftp.de.debian.org« > > and a few more. What servers do I put in /etc/dnsmasq.conf to get this solved > best? > > Thanks > Paul > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Why do 40% of Tor exits uses 8.8.8.8 for DNS resolving ?
Thank you Toralf for you instructions and kick again. Following those > [2] https://zwiebeltoralf.de/torserver.html instruction do work but leave me with several unresolved queries: »deb.torproject.org« »archive.ubuntu.com« »security.debian.org« »ftp.de.debian.org« and a few more. What servers do I put in /etc/dnsmasq.conf to get this solved best? Thanks Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] TOR Services on Microsoft Azure
I do see kind of stagnation compared to other Exits in the same time frame. So I wondered what the connectivity is ? Its hard to find information about bandwidth and monthly traffic volume in regard to prices and location regarding Azure? Am 12.10.2016 um 18:15 schrieb nusenu: >> Update on my Azure-Exit: >> https://atlas.torproject.org/#details/0534295ACFD5A84312183B41D3FB275E9ADD9EE2 >> It already has consensus weight 1200 after less than two weeks and its >> raising. >> Everyone should use this option to give the TOR-Network a good push. After >> my >> free time has finished, i'll try to download an image of this Exit and >> create a >> second account on azure. >> Technical question: >> Could it be useful to save the keys and the fingerprint to use it on a "new" >> VPS >> to start with better performance? > > Yes, keeping the key will help you retain (most/some of) your relay's > reputation (assuming you are moving within the same AS with unchanged > connectivity). > > For security implications I recommend you read teor's answers in this > thread: > https://lists.torproject.org/pipermail/tor-relays/2016-September/010229.html > > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] ISP, Abuses , Intrusion Prevention etc.
My personal efforts over the last months as well as the recent discussion about Intrusion prevention showed, there are more and more ISP's not giving support any more for running Tor exits, either in not allowing new ones or even shutting down existing ones. Sure there are still chances to find new inexperienced ISP's, which in the willing to increase their customer base give allowance to run an Exit. But only a few weeks later their wish to get rid of you again increases with the same speed as the stack of abuses rises.Finally you are out again and on the back of their terms not even able to get your unused money back. Further doing it that way, is kind of leaving scorched earth behind you and not only yourself, but for Tor as a whole. So there are at least two questions: - what forces drive ISP's to behave like they do with abuses? - maybe Exit volunteers and here especially the big ones could ask some questions to their ISP to get more light on this I do refer to my old questions -still unanswered: -is it just the more work for rather poor money handling(forwarding) those abuses ? - to whom else do ISP's have to report what they are doing with received abuses? - must ISP's answer to the origin of the abuse? - who is getting a copy of all that conversation(if at all)? - can an ISP loose its license (with too many or badly handled abuses)? - are there any regulatory burdens for them - if so which ones? - are ISP's treated different in different parts of the world? - could there in the medium therm changes be made the way Tor operates to bring down the non linear increase of abuses Support terribly needed and appreciated! Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Digital Ocean - running Exit node locked
True, about 40 Exits as of my count yesterday... The back of that medal - concentration on only a few big providers gets resolved that way :-) Paul Am 09.10.2016 um 11:57 schrieb Markus Koch: > Thats really really bad news. Over 400 Digitalocean relays out there :( > > Markus > > 2016-10-09 11:44 GMT+02:00 pa011 <pa...@web.de>: >> OK further bad news, Exit shut down by DO yesterday. >> Here the latest statement from them: >> >> "Additionally, we are not allowing further TOR exit nodes on our >> infrastructure - they generate a large amount of abuse, are used for various >> illegal activities, and attract a large number of DDoS attacks. >> >> You're more than welcome to run bridges, obfs proxies, and relays, but >> running an exit node is at your own risk, and sufficient abuse may result in >> suspension of service." >> >> >> >> >> Am 08.10.2016 um 05:00 schrieb Alecks Gates: >>> I'm running on DO as well with the reduced exit policy and have had >>> about five complaints in 2 months. DO certainly appears to be getting >>> less and less happy. I'm glad to know it's not just me, though. >>> >>> Hopefully a curated list of IPs to reject will help a lot. Thanks for >>> the link to tornull. >>> >>> Exit Node fingerprints: >>> E553AC1CA05365EA218D477C2FF4C48986919D07 >>> 889550CB9C98CF172CB977AA942B77E9759056C2 >>> >>> Alecks >>> >>> On 10/07/2016 07:04 PM, Matthew Finkel wrote: >>>> On Sat, Oct 08, 2016 at 12:16:39AM +0200, Markus Koch wrote: >>>>> 2016-10-08 0:09 GMT+02:00 Tristan <supersluet...@gmail.com>: >>>>>> This page has 3 policies: Reduce exit policy, reduced-reduced exit >>>>>> policy, >>>>>> and a lightweight example policy. >>>>>> >>>>>> https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy >>>>>> >>>>>> >>>>>> On Oct 7, 2016 5:01 PM, "Markus Koch" <niftybu...@googlemail.com> wrote: >>>>>>> >>>>>>> reduced-reduced exit policy. ? >>>>>>> >>>>>>> Illuminate me, pls. >>>>>>> >>>>> Thank you both! >>>>> >>>>> Will try https://tornull.org. Perhaps it helps. >>>>> >>>>> Markus >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Digital Ocean - running Exit node locked
OK further bad news, Exit shut down by DO yesterday. Here the latest statement from them: "Additionally, we are not allowing further TOR exit nodes on our infrastructure - they generate a large amount of abuse, are used for various illegal activities, and attract a large number of DDoS attacks. You're more than welcome to run bridges, obfs proxies, and relays, but running an exit node is at your own risk, and sufficient abuse may result in suspension of service." Am 08.10.2016 um 05:00 schrieb Alecks Gates: > I'm running on DO as well with the reduced exit policy and have had > about five complaints in 2 months. DO certainly appears to be getting > less and less happy. I'm glad to know it's not just me, though. > > Hopefully a curated list of IPs to reject will help a lot. Thanks for > the link to tornull. > > Exit Node fingerprints: > E553AC1CA05365EA218D477C2FF4C48986919D07 > 889550CB9C98CF172CB977AA942B77E9759056C2 > > Alecks > > On 10/07/2016 07:04 PM, Matthew Finkel wrote: >> On Sat, Oct 08, 2016 at 12:16:39AM +0200, Markus Koch wrote: >>> 2016-10-08 0:09 GMT+02:00 Tristan: This page has 3 policies: Reduce exit policy, reduced-reduced exit policy, and a lightweight example policy. https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy On Oct 7, 2016 5:01 PM, "Markus Koch" wrote: > > reduced-reduced exit policy. ? > > Illuminate me, pls. > >>> Thank you both! >>> >>> Will try https://tornull.org. Perhaps it helps. >>> >>> Markus 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Digital Ocean - running Exit node locked
Thanks Markus - you are obviously well experienced with them :-) We should meet some day and share this and others.. Paul Am 07.10.2016 um 23:33 schrieb Markus Koch: > They will kick you after 2-3 months. Delete account, make new account. > They will kick you after 2-3 months. Delete account, make new account. > They will kick you after 2-3 months. Delete account, make new account. > They will kick you after 2-3 months. Delete account, make new account. > Welcome to DigitalOcean! > > Markus > > > 2016-10-07 23:23 GMT+02:00 pa011 <pa...@web.de>: >> Seems like even DO is not very much in favour of running Exits any more ? >> >> Anybody made the same experience - how to handle this please ? >> >> Thanks and Regards >> Paul >> >> >> "Hello -Although we do not specifically disallow TOR exit nodes, as the >> account holder you are responsible for all the traffic going through your >> droplet (including traffic that an exit node may generate). >> >> Also be aware that we do not allow some of the traffic types that come out >> of a typical TOR exit node (torrents, spam, SSH probes, hacking attempts, >> botnets, DDoS, etc). >> >> If you are unable to stop this sort of traffic, please reconsider running a >> TOR exit node as it may lead to your account suspension or termination. >> >> Please refer to our Terms of Service for greater detail on this issue: >> https://www.digitalocean.com/legal/terms/ >> >> Best, >> >> DigitalOcean Support " >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Digital Ocean - running Exit node locked
Seems like even DO is not very much in favour of running Exits any more ? Anybody made the same experience - how to handle this please ? Thanks and Regards Paul "Hello -Although we do not specifically disallow TOR exit nodes, as the account holder you are responsible for all the traffic going through your droplet (including traffic that an exit node may generate). Also be aware that we do not allow some of the traffic types that come out of a typical TOR exit node (torrents, spam, SSH probes, hacking attempts, botnets, DDoS, etc). If you are unable to stop this sort of traffic, please reconsider running a TOR exit node as it may lead to your account suspension or termination. Please refer to our Terms of Service for greater detail on this issue: https://www.digitalocean.com/legal/terms/ Best, DigitalOcean Support " ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] new warn message: Duplicate rendezvous cookie in ESTABLISH_RENDEZVOUS.
Am 07.10.2016 um 20:20 schrieb Green Dream: > One of my guard relays has a few entries on Oct 06 also: > > Oct 06 09:04:00.000 [warn] Duplicate rendezvous cookie in > ESTABLISH_RENDEZVOUS. > Oct 06 09:04:00.000 [warn] Duplicate rendezvous cookie in > ESTABLISH_RENDEZVOUS. > Oct 06 10:17:30.000 [warn] Duplicate rendezvous cookie in > ESTABLISH_RENDEZVOUS. > > Times are in UTC. Logs on this machine go back to Oct 03 but those are > the only occurrences. My other guard relay with nearly identical specs > and CW doesn't have these entries. Several of those warnings here as well on Oct 06 - on exit as on non exit - at different times ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Am 04.10.2016 um 18:24 schrieb krishna e bera: > What if someone who doesnt like Tor project is deliberately accessing > honeypots in order to get exit nodes shut down? That seems kind of easy, because there are some certain spots where you can assume those pots to be and depending on the response of the host of the honeypot more or less pressure on the ISP could arise > We need to establish some sort of legal or political solidarity to tell > ISPs to be net neutral with us. I still cant judge the pressure and burdens apart from economical on ISP side. In June I asked here those questions which still didn’t find an answer: - is it just the more work for rather poor money handling(forwarding) those abuses ? - to whom else does he have to report what he is doing with the gotten abuses? - must he answer to the origin of the abuse? - who is getting a copy of them(if at all)? - can he loose his license as a ISP (with to many or badly handled abuses)? - are there any regulatory burdens for them - if so which ones? - are ISP's treated different in different parts of the world? > It is not our problem if someone uses > the telecom network to read/write data to a vulnerable server - it is > the vulnerable server's problem to fix. The ISP (and Tor network) are > only responsible for delivering the packets and handling abuse of > *network* resources such as DDoS - content is irrelevant. > > Tor publishes exit node ip addresses so that destinations that dont want > to deal with anonymous traffic can block it. Did you try these answers: > https://trac.torproject.org/projects/tor/wiki/doc/TorAbuseTemplates I only shortly began to send a copy of my response not only to the ISP, but also to the sender of the abuse - how do other people here handle this? Obviously the attacked target needs an other explanation as the ISP. > > > On 04/10/16 12:01 PM, pa011 wrote: >> Me too Markus -could fill a folder with that tax issue :-(( >> Costing a lot of time to answer and restrict the IPs >> >> Plus my ISP moaning with good reason: "It's not just about you, but you're >> giving a bad reputation to one /21 and one /22 subnet. That's ~ 3000 IPs >> which are potentionaly endagered to be marked as source of malicious content >> / blacklisted / whatever ... so you see, this is quite critical for us." >> > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Yes its ISP - plus 10 times more fire-power both, Markus and me which is 10 times more work, sadly :-( Am 04.10.2016 um 18:12 schrieb Markus Koch: > Short answer: ISP > > I got 2 abuse mails (1 false positive) from Hostwinds in 4 months and > I get weekly mass reports from DigitalOcean. > And the thing that pisses me off is: Its all bots or Tax spam or other > stuff I got weeks/months ago. Different day, same shitty abuse mail. > > Markus > > > 2016-10-04 18:03 GMT+02:00 Tristan <supersluet...@gmail.com>: >> I don't know what I'm doing different, because I only got 2 complaints in >> the last 2 months, and that was for SSH and SQL stuff. >> >> >> On Oct 4, 2016 11:01 AM, "pa011" <pa...@web.de> wrote: >>> >>> Me too Markus -could fill a folder with that tax issue :-(( >>> Costing a lot of time to answer and restrict the IPs >>> >>> Plus my ISP moaning with good reason: "It's not just about you, but you're >>> giving a bad reputation to one /21 and one /22 subnet. That's ~ 3000 IPs >>> which are potentionaly endagered to be marked as source of malicious content >>> / blacklisted / whatever ... so you see, this is quite critical for us." >>> >>> Am 04.10.2016 um 17:48 schrieb Markus Koch: >>>> same shit here: >>>> >>>> Dear User, >>>> We are contacting you because of unusual activity coming from your IP >>>> address towards the IT infrastructure of the European Commission. >>>> In specific, since 03/10/2016, IP addresses 95.85.45.159 & >>>> 104.236.225.19 of Digital Ocean, located in the Netherlands (NL) and >>>> the USA respectively, have submitted a significantly large number of >>>> invalid VAT number requests as compared to the total number of >>>> requests (89,59% & 89,96% respectively) towards VAT numbers from a >>>> multiple of EU member States (MS) through the VIES on the Web service >>>> (http://ec.europa.eu/taxation_customs/vies/). For more information on >>>> Invalid VAT number requests please refer to FAQ, questions 7, 11, 12, >>>> 13 and 20 of the VIES on the WEB site >>>> (http://ec.europa.eu/taxation_customs/vies/faq.html). >>>> The scope of our team is to monitor on a daily basis the performance >>>> of the VIES-on-the-Web (VoW) service in order to ensure its >>>> performance in accordance with the standards agreed upon between EU's >>>> Directorate General for Taxation and Customs Union (DG TAXUD) and the >>>> EU Member States. >>>> Our objective is to secure constant and uninterrupted availability and >>>> flow of traffic (requests for VAT validation) at all times. >>>> Under this framework, our team intervenes whenever there is out of the >>>> ordinary, unusual and potentially suspicious use of the system that >>>> violates the rules of use as they are stated in the Specific >>>> disclaimer for this service, which is available at the VoW site >>>> (http://ec.europa.eu/taxation_customs/vies/disclaimer.html). >>>> Consequently, in order to allow flawless use of the service, we were >>>> obliged to block the access to VIES on the Web for the IP address >>>> 88.198.110.130. >>>> Following our action, we would like to know if you are aware of this >>>> situation. Furthermore, your cooperation and contribution is necessary >>>> in order to determine the reason for this occurrence. >>>> Please inform us if this behaviour is normal and if such, how often it >>>> should occur; we would then take action to unblock the traffic coming >>>> from the corresponding IP address assuming you will agree to follow a >>>> set ITSM VIES/Web Team >>>> "ITSM2 is a contracted support partner for the IT Service Management >>>> of the European Commission. >>>> This e-mail is a reply to your message sent to the >>>> taxud-vies...@ec.europa.eu<mailto:taxud-vies...@ec.europa.eu> e-mail. >>>> Answers provided by the contactor are on behalf and according to >>>> policy guidelines of DG TAXUD, but not binding for the European >>>> Commission." >>>> >>>> I am so done with it, I added >>>> >>>> ExitPolicy reject 147.67.136.103 # TAX SPAM >>>> ExitPolicy reject 147.67.136.21 # TAX SPAM >>>> ExitPolicy reject 147.67.119.103 # TAX SPAM >>>> ExitPolicy reject 147.67.119.3 # TAX SPAM >>>> Ex
Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Me too Markus -could fill a folder with that tax issue :-(( Costing a lot of time to answer and restrict the IPs Plus my ISP moaning with good reason: "It's not just about you, but you're giving a bad reputation to one /21 and one /22 subnet. That's ~ 3000 IPs which are potentionaly endagered to be marked as source of malicious content / blacklisted / whatever ... so you see, this is quite critical for us." Am 04.10.2016 um 17:48 schrieb Markus Koch: > same shit here: > > Dear User, > We are contacting you because of unusual activity coming from your IP > address towards the IT infrastructure of the European Commission. > In specific, since 03/10/2016, IP addresses 95.85.45.159 & > 104.236.225.19 of Digital Ocean, located in the Netherlands (NL) and > the USA respectively, have submitted a significantly large number of > invalid VAT number requests as compared to the total number of > requests (89,59% & 89,96% respectively) towards VAT numbers from a > multiple of EU member States (MS) through the VIES on the Web service > (http://ec.europa.eu/taxation_customs/vies/). For more information on > Invalid VAT number requests please refer to FAQ, questions 7, 11, 12, > 13 and 20 of the VIES on the WEB site > (http://ec.europa.eu/taxation_customs/vies/faq.html). > The scope of our team is to monitor on a daily basis the performance > of the VIES-on-the-Web (VoW) service in order to ensure its > performance in accordance with the standards agreed upon between EU's > Directorate General for Taxation and Customs Union (DG TAXUD) and the > EU Member States. > Our objective is to secure constant and uninterrupted availability and > flow of traffic (requests for VAT validation) at all times. > Under this framework, our team intervenes whenever there is out of the > ordinary, unusual and potentially suspicious use of the system that > violates the rules of use as they are stated in the Specific > disclaimer for this service, which is available at the VoW site > (http://ec.europa.eu/taxation_customs/vies/disclaimer.html). > Consequently, in order to allow flawless use of the service, we were > obliged to block the access to VIES on the Web for the IP address > 88.198.110.130. > Following our action, we would like to know if you are aware of this > situation. Furthermore, your cooperation and contribution is necessary > in order to determine the reason for this occurrence. > Please inform us if this behaviour is normal and if such, how often it > should occur; we would then take action to unblock the traffic coming > from the corresponding IP address assuming you will agree to follow a > set ITSM VIES/Web Team > "ITSM2 is a contracted support partner for the IT Service Management > of the European Commission. > This e-mail is a reply to your message sent to the > taxud-vies...@ec.europa.eu<mailto:taxud-vies...@ec.europa.eu> e-mail. > Answers provided by the contactor are on behalf and according to > policy guidelines of DG TAXUD, but not binding for the European > Commission." > > I am so done with it, I added > > ExitPolicy reject 147.67.136.103 # TAX SPAM > ExitPolicy reject 147.67.136.21 # TAX SPAM > ExitPolicy reject 147.67.119.103 # TAX SPAM > ExitPolicy reject 147.67.119.3 # TAX SPAM > ExitPolicy reject 147.67.136.3 # TAX SPAM > ExitPolicy reject 147.67.119.21 # TAX SPAM > > Thats going on for months now and by all means, this is not free speech ... > > Markus. > > > > 2016-10-04 17:42 GMT+02:00 pa011 <pa...@web.de>: >> Am 04.10.2016 um 16:48 schrieb krishna e bera: >>> On 04/10/16 08:48 AM, pa011 wrote: >>>> One of my main ISP is going mad with the number of abuses he gets from my >>>> Exits (currently most on port 80). >>>> He asks me to install "Intrusion Prevention System Software" or shutting >>>> down the servers. >>> >>> You can first ask him for a copy of the complaints in order to >>> understand what sort of alleged abuses are taking place. Are the >>> complaints about spam or scraping or web server exploits or something else? >> >> I do get a copy of every complaint - they are unfortunately: >> >> - Http browser intrucion - >> /var/log/apache2/other_vhosts_access.log:soldierx.com:80 xxx.xxx.xxx.xxx - - >> [30/Sep/2016:11:14:34 -0400] "HEAD / HTTP/1.0" 302 192 "-" "Mozilla/5.0 >> (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12" >> >> - invalid VAT number requests >> >> -recorded connection attempt(s) from your hosts to our honeypots >> >> - Issue: Source has attempted the following botnet activity: Semalt Referrer >&
Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata
Am 04.10.2016 um 16:48 schrieb krishna e bera: > On 04/10/16 08:48 AM, pa011 wrote: >> One of my main ISP is going mad with the number of abuses he gets from my >> Exits (currently most on port 80). >> He asks me to install "Intrusion Prevention System Software" or shutting >> down the servers. > > You can first ask him for a copy of the complaints in order to > understand what sort of alleged abuses are taking place. Are the > complaints about spam or scraping or web server exploits or something else? I do get a copy of every complaint - they are unfortunately: - Http browser intrucion - /var/log/apache2/other_vhosts_access.log:soldierx.com:80 xxx.xxx.xxx.xxx - - [30/Sep/2016:11:14:34 -0400] "HEAD / HTTP/1.0" 302 192 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; nl; rv:1.8.1.12) Gecko/20080201Firefox/2.0.0.12" - invalid VAT number requests -recorded connection attempt(s) from your hosts to our honeypots - Issue: Source has attempted the following botnet activity: Semalt Referrer Spam Tor Exit Bot - botnet drone|Description: Ramnit botnet victim connection to sinkhole details, - attackers used the method/service: *imap* > You can change your exit policy to reduce likelihood of complaints: > https://blog.torproject.org/blog/tips-running-exit-node I know, but I hardly like to block port 80 >> As far as I understand implementing such a software is not going together >> with Tor - am I right? > > If your exit nodes tamper with traffic in any way they will be labelled > as Bad Exit. (Tor tries to be net neutral.) > https://trac.torproject.org/projects/tor/wiki/doc/badRelays > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Intrusion Prevention System Software - Snort or Suricata
One of my main ISP is going mad with the number of abuses he gets from my Exits (currently most on port 80). He asks me to install "Intrusion Prevention System Software" or shutting down the servers. He personally recommends Snort or Suricata. As far as I understand implementing such a software is not going together with Tor - am I right? Somebody having same or any experience? Thanks Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] "Potentially dangerous relay groups"
Am 27.09.2016 um 19:37 schrieb nusenu: > pa...@web.de wrote: >> there is that list of "potentially_dangerous_relaygroups" you published. >> Could yo please emphasize a bit more on what brings a relay on that list, >> apart from incorrect given MyFamily which doesnt seem to be always the case. >> I mean I see quite a few well respected names on that list ? > > > to quote from https://github.com/ornetstats/stats > (1) "dangerous" in the sense that a tor client might has a chance to > use more than one of these relays in a single circuit > (2) these relays are aggregated based on contact information > (3) if their groupsize is bigger than their effective family size > and they are operated in more than one /16 network block they are listed > (4) this list might contain false-positives (contact information is > not authenticated) > > Does that answer your question? > > I probably should also filter entries where two out of guard_prob, > middle_prob and exit_prob are 0 since that means that (1) is never the > case - iff onionoo is right about these probabilities. nusenu, great respect of your work at first and thank you for the answer provided as well. It - plus the follow up from that many contributors - did answer my questions apart from two left: - should only Markus be contacted instead of lets say at least all the folks with more than 2 notes to make them aware? - how could it take nearly a week for that serious discussion to start? I tend to agree with what has been written "I am in favour of a scheme where the process of joining a family is authenticated." Personally I will correct my entries soon to get me off that list :-) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] [OrNetRadar] niftybunny Digital Ocean 2016-09-22
Hi nusenu, there is that list of "potentially_dangerous_relaygroups" you published. Could yo please emphasize a bit more on what brings a relay on that list, apart from incorrect given MyFamily which doesnt seem to be always the case. I mean I see quite a few well respected names on that list ? Thank you Paul Am 23.09.2016 um 11:30 schrieb nusenu: > Hi Markus, > > according to your contactinfo observed on the tor network, you run 21 > relays, please consider fixing your MyFamily setting, especially because > you run non-exit and exits. > > thanks, > nusenu > > https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dangerous_relaygroups.txt > > ornetra...@riseup.net wrote: >> 2016-09-22 >> --- >> Up|Ext|JoinTime| IP | CC | ORp | Dirp |Version | >> ContactInfo| Nickname | eFamlen >> --- >> 1 | 0 |14:51:30| 188.166.63.113 | nl | 443 | 80|0.2.8.7 | >> niftybu...@googlemail.com | cairospinymouse | 1 >> 1 | 0 |15:07:01| 95.85.45.159| nl | 443 | 80|0.2.8.7 | >> niftybu...@googlemail.com | mullahspinymouse | 1 >> 1 | 0 |15:24:30| 138.197.129.153 | ca | 443 | 80|0.2.8.7 | >> niftybu...@googlemail.com | capespinymouse | 1 > > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Strange difference between rx and tx traffic
On one of my recently started Exits I do see a rather huge and increasing difference between in and out traffic that I don see on any other Exit so far. The rise doesn’t seem to be linear.. Any explanation for that - or can it just be on the back of a not fixed repetitive warning? Sep 27 06:42:46.000 [warn] eventdns: All nameservers have failed Sep 27 06:42:46.000 [notice] eventdns: Nameserver 8.8.8.8:53 is back up Thanks Paul eth0 / daily day rx | tx |total| avg. rate +-+-+--- 11.09.2016 539,96 MiB | 88,50 MiB | 628,47 MiB | 59,59 kbit/s 12.09.2016 1,47 GiB |1,06 GiB |2,53 GiB | 245,60 kbit/s 13.09.201610,03 GiB |9,86 GiB | 19,89 GiB |1,93 Mbit/s 14.09.201617,35 GiB | 16,69 GiB | 34,04 GiB |3,30 Mbit/s 15.09.201653,11 GiB | 51,59 GiB | 104,70 GiB | 10,17 Mbit/s 16.09.201699,08 GiB | 96,87 GiB | 195,96 GiB | 19,03 Mbit/s 17.09.2016 144,45 GiB | 140,66 GiB | 285,12 GiB | 27,68 Mbit/s 18.09.2016 190,05 GiB | 184,50 GiB | 374,55 GiB | 36,36 Mbit/s 19.09.2016 231,95 GiB | 223,90 GiB | 455,86 GiB | 44,26 Mbit/s 20.09.2016 291,30 GiB | 282,25 GiB | 573,55 GiB | 55,69 Mbit/s 21.09.2016 343,19 GiB | 332,33 GiB | 675,52 GiB | 65,59 Mbit/s 22.09.2016 347,57 GiB | 329,66 GiB | 677,22 GiB | 65,75 Mbit/s 23.09.2016 388,91 GiB | 373,21 GiB | 762,13 GiB | 74,00 Mbit/s 24.09.2016 381,35 GiB | 361,64 GiB | 742,99 GiB | 72,14 Mbit/s 25.09.2016 391,60 GiB | 364,34 GiB | 755,94 GiB | 73,39 Mbit/s 26.09.2016 374,59 GiB | 337,81 GiB | 712,40 GiB | 69,17 Mbit/s 27.09.2016 144,06 GiB | 131,67 GiB | 275,73 GiB | 70,89 Mbit/s +-+-+--- estimated382,03 GiB | 349,18 GiB | 731,21 GiB | ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Moving multiple instances to another VPS
Thank you both. @Tim: You would kind of argue, that the advantage of carrying the old keys to the new machine is not that important (to keep old level of traffic from start) and that it might be even better to start from scratch? Paul Am 12.09.2016 um 03:53 schrieb teor: > In Debian, using tor-instance-create and systemd, there is a separate > directory, /var/lib/tor-instances > You'll need to copy both /var/lib/tor and /var/lib/tor-instances to preserve > the keys, and /etc/tor to preserve the configs. > > That said, please consider rotating keys when you move (that is, only copying > /etc/tor). > > If your old relay or those keys were ever compromised, you'll have a fresh > start. > And even if it wasn't, some of your network reputation will be reset when you > move IP addresses anyway. > > Tim ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Moving multiple instances to another VPS
I have to move a multiple instances Exit from one VPS to another. Apart from creating the same instances on the new machine with **tor-instance-create** I would then just copy the whole directory /var/lib/tor/keys to the new VPS - or should I copy all /var/lib/tor/ to not miss anything from the original one? Am I miss anything else? Thanks Paul 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] [WARN] Remote server sent bogus reason code 65021
Looks like this is solved and belonged to not open ports Sorry for the hassle Paul Am 16.08.2016 um 18:34 schrieb pa011: > Just established a new Exit with two instances on (Linux 3.16.0-4-amd64) ,Tor > 0.2.8.6 > > On the second instance I get these warnings: > > [WARN] Remote server sent bogus reason code 65021 [21 duplicates hidden] > [WARN] Remote server sent bogus reason code 65023 [95 duplicates hidden] > [NOTICE] Have tried resolving or connecting to address '[scrubbed]' at 3 > different places. Giving up. [40 duplicates hidden] > > The code65023 is ticking up by one in about 10 seconds? > > The default instance is free of that. > > Anything to worry about? > > Thanks > > Paul > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] [WARN] Remote server sent bogus reason code 65021
Just established a new Exit with two instances on (Linux 3.16.0-4-amd64) ,Tor 0.2.8.6 On the second instance I get these warnings: [WARN] Remote server sent bogus reason code 65021 [21 duplicates hidden] [WARN] Remote server sent bogus reason code 65023 [95 duplicates hidden] [NOTICE] Have tried resolving or connecting to address '[scrubbed]' at 3 different places. Giving up. [40 duplicates hidden] The code65023 is ticking up by one in about 10 seconds? The default instance is free of that. Anything to worry about? Thanks Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org
Hi Peter, sorry was off a week and couldn’t answer: /run/systemd/generator/tor.service.wants/tor@tor2.service /run/systemd/generator/tor.service.wants/tor@default.service Anyway with "steady hand" the system seems to have repaired itself in between. I updated my other multi-instance exits today without any problems to 0.2.8.6. Thank you ! Paul Am 07.08.2016 um 00:58 schrieb Peter Palfrader: > find /run/systemd -name 'tor@*' ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org
The only instance in /etc/tor/instances/ is tor2 There is no tor and nothing else in that directory And I do have a torrc file in /etc/tor/ Best Regards Paul Am 06.08.2016 um 22:30 schrieb Peter Palfrader: > On Sat, 06 Aug 2016, pa011 wrote: > >> Actually not - you are right Alexander! >> But then the question are: >> >> - why do I need a user "_tor-tor" since the last update, when I didn’t need >> that before >> - why is it not self creating >> - what do I have to do - really creating "_tor-tor" with the same privileges >> as "_tor-tor2"? > > My guess is you manually created an /etc/tor/instances/tor next to your > tor2. That's not the default instance that's failing here. > > From your logs, you don't appear to have a default service. Do you not > have a /etc/tor/torrc? > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org
Actually not - you are right Alexander! But then the question are: - why do I need a user "_tor-tor" since the last update, when I didn’t need that before - why is it not self creating - what do I have to do - really creating "_tor-tor" with the same privileges as "_tor-tor2"? Thanks Paul Am 06.08.2016 um 15:49 schrieb Alexander Dietrich: > The error message "Ungültiger Anwender „_tor-tor“" appears several times in > your log, while there are no error messages about user "_tor-tor2". Does the > first user exist? > > Best regards, > Alexander > --- > PGP Key: https://dietrich.cx/pgp | 0x52FA4EE1722D54EB > > On 2016-08-06 14:56, pa011 wrote: >> Thank you Michael for your hint - corrected that, but still having >> that problem with main instance not running: >> >> Aug 6 14:30:02 systemd-sysctl[142]: Failed to write '10 # to reboot >> after kernel panic' to '/proc/sys/kernel/panic': Invalid argument >> Aug 6 14:30:02 systemd[1]: systemd-sysctl.service: main process >> exited, code=exited, status=1/FAILURE >> Aug 6 14:30:02 systemd[1]: Failed to start Apply Kernel Variables. >> Aug 6 14:30:02 systemd[1]: Unit systemd-sysctl.service entered failed >> state. >> Aug 6 14:30:02 kbd[135]: Setting console screen modes. >> Aug 6 14:30:02 kbd[135]: setterm: $TERM ist nicht festgelegt. >> Aug 6 14:30:02 keyboard-setup[158]: Setting preliminary keymap...done. >> Aug 6 14:30:02 netfilter-persistent[277]: run-parts: executing >> /usr/share/netfilter-persistent/plugins.d/15-ip4tables start >> Aug 6 14:30:02 netfilter-persistent[277]: run-parts: executing >> /usr/share/netfilter-persistent/plugins.d/25-ip6tables start >> Aug 6 14:30:02 console-setup[220]: Setting up console font and >> keymap...done. >> Aug 6 14:30:02 networking[297]: Configuring network interfaces...done. >> Aug 6 14:30:02 rpcbind[399]: Starting rpcbind daemon >> Aug 6 14:30:02 rpc.statd[416]: Version 1.2.8 starting >> Aug 6 14:30:02 sm-notify[417]: Version 1.2.8 starting >> Aug 6 14:30:02 nfs-common[411]: Starting NFS common utilities: statd >> idmapd. >> Aug 6 14:30:02 atd[433]: Cannot change to /var/spool/cron/atjobs: No >> such file or directory >> Aug 6 14:30:02 install[431]: /usr/bin/install: Ungültiger Anwender >> „_tor-tor“ >> Aug 6 14:30:02 sysstat[445]: Starting the system activity data >> collector: sadc.Aug 6 14:30:02 systemd[1]: tor@tor.service: control >> process exited, code=exited status=1 >> Aug 6 14:30:02 systemd[1]: Failed to start Anonymizing overlay >> network for TCP (instance tor). >> Aug 6 14:30:02 systemd[1]: Unit tor@tor.service entered failed state. >> Aug 6 14:30:02 systemd[1]: atd.service: main process exited, >> code=exited, status=1/FAILURE >> Aug 6 14:30:02 systemd[1]: Unit atd.service entered failed state. >> Aug 6 14:30:02 sed[481]: DataDirectory /var/lib/tor-instances/tor2 >> Aug 6 14:30:02 sed[481]: PidFile /var/run/tor-instances/tor2/tor.pid >> Aug 6 14:30:02 sed[481]: RunAsDaemon 0 >> Aug 6 14:30:02 sed[481]: User _tor-tor2 >> Aug 6 14:30:02 sed[481]: SyslogIdentityTag tor2 >> Aug 6 14:30:02 sed[481]: ControlSocket >> /var/run/tor-instances/tor2/control GroupWritable RelaxDirModeCheck >> Aug 6 14:30:02 sed[481]: SocksPort >> unix:/var/run/tor-instances/tor2/socks WorldWritable >> Aug 6 14:30:02 sed[481]: CookieAuthentication 1 >> Aug 6 14:30:02 sed[481]: CookieAuthFileGroupReadable 1 >> Aug 6 14:30:02 sed[481]: CookieAuthFile >> /var/run/tor-instances/tor2/control.authcookie >> Aug 6 14:30:02 sed[481]: Log notice syslog >> Aug 6 14:30:03 acpid: starting up with netlink and the input layer >> Aug 6 14:30:03 acpid: 1 rule loaded >> Aug 6 14:30:03 acpid: waiting for events: event logging is off >> Aug 6 14:30:03 install[491]: /usr/bin/install: Ungültiger Anwender >> „_tor-tor“ >> Aug 6 14:30:03 systemd[1]: tor@tor.service: control process exited, >> code=exited status=1 >> Aug 6 14:30:03 systemd[1]: Failed to start Anonymizing overlay >> network for TCP (instance tor). >> Aug 6 14:30:03 systemd[1]: Unit tor@tor.service entered failed state. >> Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.109 [notice] Tor v0.2.8.6 >> (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, >> OpenSSL 1.0.1t and Zlib$ >> Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.110 [notice] Tor can't help >> you if you use it wrong! Learn how to be safe at >> https://www.torproject.org/download/downl$ >> Aug 6 14:30:03 tor[482]: Aug 06 14:30:03.1
Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org
r attaching for unprivileged users. Aug 6 14:30:03 tor[489]: Configuration was validAug 6 14:30:03 tor[500]: Aug 06 14:30:03.221 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib$ Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.221 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/downl$ Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.221 [notice] Read configuration file "/var/run/tor-instances/tor2.defaults". Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.222 [notice] Read configuration file "/etc/tor/instances/tor2/torrc". Aug 6 14:30:03 tor[497]: Aug 06 14:30:03.228 [notice] Opening Control listener on 127.0.0.1:9051 Aug 6 14:30:03 tor[497]: Aug 06 14:30:03.228 [notice] Opening OR listener on 0.0.0.0:443 Aug 6 14:30:03 tor[497]: Aug 06 14:30:03.228 [notice] Opening Directory listener on 0.0.0.0:80 Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.230 [notice] Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMem$ Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.235 [notice] Opening Socks listener on 127.0.0.1:0 Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.236 [notice] Socks listener listening on port 38400. Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.237 [notice] Opening Control listener on 127.0.0.1:9052 Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.237 [notice] Opening OR listener on 0.0.0.0:444 Aug 6 14:30:03 tor[500]: Aug 06 14:30:03.237 [notice] Opening Directory listener on 0.0.0.0:81 Aug 6 14:30:03 Tor-tor2[500]: Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. Aug 6 14:30:03 Tor-tor2[500]: Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Aug 6 14:30:03 Tor-tor2[500]: Read configuration file "/var/run/tor-instances/tor2.defaults". Aug 6 14:30:03 Tor-tor2[500]: Read configuration file "/etc/tor/instances/tor2/torrc". Aug 6 14:30:03 Tor-tor2[500]: Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMemInQueues by hand. Aug 6 14:30:03 Tor-tor2[500]: Opening Socks listener on 127.0.0.1:0 Aug 6 14:30:03 Tor-tor2[500]: Socks listener listening on port 38400. Aug 6 14:30:03 Tor-tor2[500]: Opening Control listener on 127.0.0.1:9052 Aug 6 14:30:03 Tor-tor2[500]: Opening OR listener on 0.0.0.0:444 Aug 6 14:30:03 Tor-tor2[500]: Opening Directory listener on 0.0.0.0:81 Aug 6 14:30:03 Tor-tor2[500]: Not disabling debugger attaching for unprivileged users.Aug 6 14:30:03 install[503]: /usr/bin/install: Ungültiger Anwender „_tor-tor“ Aug 6 14:30:03 systemd[1]: tor@tor.service: control process exited, code=exited status=1 Aug 6 14:30:03 Tor-tor2[500]: Parsing GEOIP IPv4 file /usr/share/tor/geoip. Aug 6 14:30:03 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Aug 6 14:30:03 systemd[1]: Unit tor@tor.service entered failed state. Aug 6 14:30:03 Tor-tor2[500]: Parsing GEOIP IPv6 file /usr/share/tor/geoip6. Aug 6 14:30:03 install[510]: /usr/bin/install: Ungültiger Anwender „_tor-tor“ Aug 6 14:30:03 systemd[1]: tor@tor.service: control process exited, code=exited status=1 Aug 6 14:30:03 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Aug 6 14:30:03 systemd[1]: Unit tor@tor.service entered failed state. Aug 6 14:30:03 Tor-tor2[500]: Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from no$ Aug 6 14:30:03 Tor-tor2[500]: Your Tor server's identity key fingerprint is ' Aug 6 14:30:03 Tor-tor2[500]: Bootstrapped 0%: Starting Aug 6 14:30:03 install[517]: /usr/bin/install: Ungültiger Anwender „_tor-tor“ Aug 6 14:30:03 systemd[1]: tor@tor.service: control process exited, code=exited status=1 Aug 6 14:30:03 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Aug 6 14:30:03 systemd[1]: Unit tor@tor.service entered failed state. Aug 6 14:30:04 systemd[1]: tor@tor.service start request repeated too quickly, refusing to start. Aug 6 14:30:04 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor). Rgds Paul Am 06.08.2016 um 14:06 schrieb Michael Armbruster: > Hi Paul, > > You have applied a wrong ExitPolicy entry somewhere in your torrc for > the default instance. > > You wrote > > "ExitPolicy reject x.x.x.x/80" > > though most probably you wanted to block the port 80 on a specific > address, so you have to provide > > "ExitPolicy reject x.x.x.x:80" > > instead, with a colon, not a slash. The slash is there to block a > specific address *range*. You can read more about subnets and the > calculation fo
Re: [tor-relays] experiences with debian tor 0.2.8.6 package from deb.torproject.org
I am inexperienced an have probably the same problem after upgrading to 0.2.8.6. Even after reboot my second instance Tor-tor2 is running while the default service is exiting - syslog looks like this: Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.744 [notice] Tor v0.2.8.6 (git-b88847615faea7c8) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib$ Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.745 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/downl$ Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.745 [notice] Read configuration file "/usr/share/tor/tor-service-defaults-torrc". Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.745 [notice] Read configuration file "/etc/tor/torrc". Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.747 [notice] Based on detected system memory, MaxMemInQueues is set to 370 MB. You can override this by setting MaxMem$ Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.751 [warn] Bad number of mask bits (80) on address range; rejecting. Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.751 [warn] Couldn't parse line "x.x.x.x/80". Dropping Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.751 [warn] Malformed policy 'reject x.x.x.x/80'. Discarding entire policy list. Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.752 [warn] Failed to parse/validate config: Error in ExitPolicy entry. Aug 6 12:11:33 tor[542]: Aug 06 12:11:33.752 [err] Reading config failed--see warnings above. Aug 6 12:11:33 systemd[1]: tor@default.service: control process exited, code=exited status=1 Aug 6 12:11:33 systemd[1]: Failed to start Anonymizing overlay network for TCP. Aug 6 12:11:33 systemd[1]: Unit tor@default.service entered failed state. Aug 6 12:11:33 systemd[1]: tor@default.service start request repeated too quickly, refusing to start. Aug 6 12:11:33 systemd[1]: Failed to start Anonymizing overlay network for TCP. Aug 6 12:11:33 systemd[1]: Unit tor@default.service entered failed state. Aug 6 12:11:38 Tor-tor2[492]: Bootstrapped 80%: Connecting to the Tor network Aug 6 12:11:38 Tor-tor2[492]: Signaled readiness to systemd Aug 6 12:11:38 Tor-tor2[492]: Opening Control listener on /var/run/tor-instances/tor2/control Aug 6 12:11:38 Tor-tor2[492]: Self-testing indicates your ORPort is reachable from the outside. Excellent. Aug 6 12:11:39 Tor-tor2[492]: Bootstrapped 85%: Finishing handshake with first hop Aug 6 12:11:39 Tor-tor2[492]: Bootstrapped 90%: Establishing a Tor circuit Aug 6 12:11:40 Tor-tor2[492]: Tor has successfully opened a circuit. Looks like client functionality is working. Aug 6 12:11:40 Tor-tor2[492]: Bootstrapped 100%: Done Could somebody please give me a detailed hint what to do please? Thanks Paul Am 05.08.2016 um 20:27 schrieb tor relay: >> So there is no way to disable the default instance using systemctl after all? > > To answer my own question: > systemctl mask tor@default > disables the default instance for real. > > ..but I'm still curious why tor@default is a static unit (without [Install] > section) > https://bbs.archlinux.org/viewtopic.php?id=147964 > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] outgooing UDP flooding on middle relay
strange is the difference in traffic behaivior after that: h rx (KiB) tx (KiB) h rx (KiB) tx (KiB) h rx (KiB) tx (KiB) 11 25.700.571 26.306.50519275.999340.63303251.998 384.160 12 32.840.796 33.571.99620271.278382.08704255.947 383.794 13 32.910.527 33.637.09221263.147383.44405244.656 385.187 14 40.052.678 40.824.13822260.674383.30906251.796 384.848 15 35.106.193 35.833.11423268.364381.41107256.603 383.204 16 0 000259.170383.97808246.394 368.462 17 0 001262.486383.67809248.525 329.171 18102.138144.73202252.385384.29910145.460 182.071 Am 01.08.2016 um 15:17 schrieb Markus Koch: > If this is a synflood or any other ddos attack on his vps the tor server > would not relay the attack and in and outgoing traffic would be vastly > different. > > Sent from my iPad > >> On 01 Aug 2016, at 15:12, teor <teor2...@gmail.com> wrote: >> >> >>> On 1 Aug 2016, at 23:08, Markus Koch <niftybu...@googlemail.com> wrote: >>> >>> Looks like DOS/DDOS.Is it even possible to DDOS over tor? >> >> It's possible to (D)DOS any server using ping (or DNS, or any other UDP >> responder). >> All an attacker needs is the server's IP address, which is publicly >> available in the Tor consensus. >> Then they can attack the relay from the Internet. >> >> There's no need to use Tor to tunnel the (D)DOS. In this case, Tor doesn't >> tunnel UDP, so it's unlikely to be the culprit. >> >> Tim >> >>> >>> >>> 2016-08-01 15:04 GMT+02:00 pa011 <pa...@web.de>: >>>> yes about the same - sorry for the page brake dont get it solved in my >>>> thunderbird >>>> >>>> h rx (KiB) tx (KiB) h rx (KiB) tx (KiB) h rx (KiB) >>>> tx (KiB) >>>> 23 6.559.929 6.748.21507 4.697.285 4.845.89315 35.106.193 >>>> 35.833.114 >>>> 00 5.129.384 5.289.45608 12.317.567 12.605.72616 0 >>>> 0 >>>> 01 3.709.181 3.843.98809 14.913.172 15.278.07917 0 >>>> 0 >>>> 02 4.405.017 4.574.74510 22.218.874 22.738.50818102.138 >>>> 144.732 >>>> 03 4.670.091 4.817.78511 25.700.571 26.306.50519275.999 >>>> 340.633 >>>> 04 4.711.807 4.853.92112 32.840.796 33.571.99620271.278 >>>> 382.087 >>>> 05 4.269.354 4.408.41713 32.910.527 33.637.09221263.147 >>>> 383.444 >>>> 06 5.279.142 5.443.89014 40.052.678 40.824.13822176.040 >>>> 258.865 >>>> >>>> >>>>> Am 01.08.2016 um 14:51 schrieb Markus Koch: >>>>> In and outgoing traffic is the same size? >>>>> >>>>> >>>>> >>>>> 2016-08-01 14:44 GMT+02:00 pa011 <pa...@web.de>: >>>>>> The ISP didn’t mention - I would have to ask. >>>>>> >>>>>> What I saw was that the traffic was up about linear from usually 30Mbits >>>>>> to above 100 Mbits over about 6 hours, bringing the CPU to 100% and >>>>>> dropping. >>>>>> >>>>>> >>>>>>> Am 01.08.2016 um 14:36 schrieb Markus Koch: >>>>>>> How many packets per second? >>>>>>> >>>>>>> Markus >>>>>>> >>>>>>> >>>>>>> >>>>>>> 2016-08-01 14:28 GMT+02:00 pa011 <pa...@web.de>: >>>>>>>> Hello, >>>>>>>> >>>>>>>> one of my middle relays got auto limited by the ISP because of >>>>>>>> "outgooing UDP flooding ". >>>>>>>> >>>>>>>> The VPS is pure debian8, fail2ban, pub key and nothing else installed - >>>>>>>> so I highly doubt the give reason for the traffic limitation. >>>>>>>> Also I cant find anything in the log files. >>>>>>>> >>>>>>>> Anybody having experience with such an issue? >>>>>>>> What to check for please? >>>>>>>> >>>>>>>> Paul >>>>>>>> >>>>>>>> ___ >>>>>>>> tor-relays mailing
Re: [tor-relays] outgooing UDP flooding on middle relay
I am off for a couple of hours - if I can give some more information or ask my ISP for something later on please let me know? What should I do to stop this in the future and get the restrictions off from my ISP? Thanks Paul Am 01.08.2016 um 15:17 schrieb Markus Koch: > If this is a synflood or any other ddos attack on his vps the tor server > would not relay the attack and in and outgoing traffic would be vastly > different. > > Sent from my iPad > >> On 01 Aug 2016, at 15:12, teor <teor2...@gmail.com> wrote: >> >> >>> On 1 Aug 2016, at 23:08, Markus Koch <niftybu...@googlemail.com> wrote: >>> >>> Looks like DOS/DDOS.Is it even possible to DDOS over tor? >> >> It's possible to (D)DOS any server using ping (or DNS, or any other UDP >> responder). >> All an attacker needs is the server's IP address, which is publicly >> available in the Tor consensus. >> Then they can attack the relay from the Internet. >> >> There's no need to use Tor to tunnel the (D)DOS. In this case, Tor doesn't >> tunnel UDP, so it's unlikely to be the culprit. >> >> Tim >> >>> >>> >>> 2016-08-01 15:04 GMT+02:00 pa011 <pa...@web.de>: >>>> yes about the same - sorry for the page brake dont get it solved in my >>>> thunderbird >>>> >>>> h rx (KiB) tx (KiB) h rx (KiB) tx (KiB) h rx (KiB) >>>> tx (KiB) >>>> 23 6.559.929 6.748.21507 4.697.285 4.845.89315 35.106.193 >>>> 35.833.114 >>>> 00 5.129.384 5.289.45608 12.317.567 12.605.72616 0 >>>> 0 >>>> 01 3.709.181 3.843.98809 14.913.172 15.278.07917 0 >>>> 0 >>>> 02 4.405.017 4.574.74510 22.218.874 22.738.50818102.138 >>>> 144.732 >>>> 03 4.670.091 4.817.78511 25.700.571 26.306.50519275.999 >>>> 340.633 >>>> 04 4.711.807 4.853.92112 32.840.796 33.571.99620271.278 >>>> 382.087 >>>> 05 4.269.354 4.408.41713 32.910.527 33.637.09221263.147 >>>> 383.444 >>>> 06 5.279.142 5.443.89014 40.052.678 40.824.13822176.040 >>>> 258.865 >>>> >>>> >>>>> Am 01.08.2016 um 14:51 schrieb Markus Koch: >>>>> In and outgoing traffic is the same size? >>>>> >>>>> >>>>> >>>>> 2016-08-01 14:44 GMT+02:00 pa011 <pa...@web.de>: >>>>>> The ISP didn’t mention - I would have to ask. >>>>>> >>>>>> What I saw was that the traffic was up about linear from usually 30Mbits >>>>>> to above 100 Mbits over about 6 hours, bringing the CPU to 100% and >>>>>> dropping. >>>>>> >>>>>> >>>>>>> Am 01.08.2016 um 14:36 schrieb Markus Koch: >>>>>>> How many packets per second? >>>>>>> >>>>>>> Markus >>>>>>> >>>>>>> >>>>>>> >>>>>>> 2016-08-01 14:28 GMT+02:00 pa011 <pa...@web.de>: >>>>>>>> Hello, >>>>>>>> >>>>>>>> one of my middle relays got auto limited by the ISP because of >>>>>>>> "outgooing UDP flooding ". >>>>>>>> >>>>>>>> The VPS is pure debian8, fail2ban, pub key and nothing else installed - >>>>>>>> so I highly doubt the give reason for the traffic limitation. >>>>>>>> Also I cant find anything in the log files. >>>>>>>> >>>>>>>> Anybody having experience with such an issue? >>>>>>>> What to check for please? >>>>>>>> >>>>>>>> Paul >>>>>>>> >>>>>>>> ___ >>>>>>>> tor-relays mailing list >>>>>>>> tor-relays@lists.torproject.org >>>>>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >>>>>>> ___ >>>>>>> tor-relays mailing list >>>>>>> tor-relays@lists.torproject.org >>>>>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >>>>>> ___ >>>>>&
Re: [tor-relays] outgooing UDP flooding on middle relay
yes about the same - sorry for the page brake dont get it solved in my thunderbird h rx (KiB) tx (KiB) h rx (KiB) tx (KiB) h rx (KiB) tx (KiB) 23 6.559.929 6.748.21507 4.697.285 4.845.89315 35.106.193 35.833.114 00 5.129.384 5.289.45608 12.317.567 12.605.72616 0 0 01 3.709.181 3.843.98809 14.913.172 15.278.07917 0 0 02 4.405.017 4.574.74510 22.218.874 22.738.50818102.138 144.732 03 4.670.091 4.817.78511 25.700.571 26.306.50519275.999 340.633 04 4.711.807 4.853.92112 32.840.796 33.571.99620271.278 382.087 05 4.269.354 4.408.41713 32.910.527 33.637.09221263.147 383.444 06 5.279.142 5.443.89014 40.052.678 40.824.13822176.040 258.865 Am 01.08.2016 um 14:51 schrieb Markus Koch: > In and outgoing traffic is the same size? > > > > 2016-08-01 14:44 GMT+02:00 pa011 <pa...@web.de>: >> The ISP didn’t mention - I would have to ask. >> >> What I saw was that the traffic was up about linear from usually 30Mbits >> to above 100 Mbits over about 6 hours, bringing the CPU to 100% and >> dropping. >> >> >> Am 01.08.2016 um 14:36 schrieb Markus Koch: >>> How many packets per second? >>> >>> Markus >>> >>> >>> >>> 2016-08-01 14:28 GMT+02:00 pa011 <pa...@web.de>: >>>> Hello, >>>> >>>> one of my middle relays got auto limited by the ISP because of >>>> "outgooing UDP flooding ". >>>> >>>> The VPS is pure debian8, fail2ban, pub key and nothing else installed - >>>> so I highly doubt the give reason for the traffic limitation. >>>> Also I cant find anything in the log files. >>>> >>>> Anybody having experience with such an issue? >>>> What to check for please? >>>> >>>> Paul >>>> >>>> ___ >>>> tor-relays mailing list >>>> tor-relays@lists.torproject.org >>>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >>>> >>> ___ >>> tor-relays mailing list >>> tor-relays@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >>> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] outgooing UDP flooding on middle relay
The ISP didn’t mention - I would have to ask. What I saw was that the traffic was up about linear from usually 30Mbits to above 100 Mbits over about 6 hours, bringing the CPU to 100% and dropping. Am 01.08.2016 um 14:36 schrieb Markus Koch: > How many packets per second? > > Markus > > > > 2016-08-01 14:28 GMT+02:00 pa011 <pa...@web.de>: >> Hello, >> >> one of my middle relays got auto limited by the ISP because of >> "outgooing UDP flooding ". >> >> The VPS is pure debian8, fail2ban, pub key and nothing else installed - >> so I highly doubt the give reason for the traffic limitation. >> Also I cant find anything in the log files. >> >> Anybody having experience with such an issue? >> What to check for please? >> >> Paul >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] outgooing UDP flooding on middle relay
Hello, one of my middle relays got auto limited by the ISP because of "outgooing UDP flooding ". The VPS is pure debian8, fail2ban, pub key and nothing else installed - so I highly doubt the give reason for the traffic limitation. Also I cant find anything in the log files. Anybody having experience with such an issue? What to check for please? Paul 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] VPS for Exits and non-Exits
Am 06.07.2016 um 22:09 schrieb Iain R. Learmonth: > Hi, > > On 06/07/16 18:25, tor relay wrote: >>> I've been running an exit node for over a year on OVH now, no problems >>> so far. Highly recommended (especially since they give me 10TB of >>> traffic for about 10$USD/month; considering I use about 7-8TB of that >>> per month, it's well worth it). >> >> OVH is used to much by tor operators already (>12% of the tor network >> capacity is there). > > Not the most performance enhanced page on the web but: > > https://metrics.torproject.org/bubbles.html > > This bubble graph shows where relays are located by autonomous system. > If you're looking to set up new relays, attempting to grow smaller > bubbles here (the names should be googleable enough) or trying to add > new ones would definitely be preferred over adding more to OVH. > > It's great that OVH are Tor-friendly, but diversity of the network is > important. > > Thanks, > Iain. > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > "..diversity of the network is important." -very important - what if a far Western European government decides on the next "state of emergency" to ban Tor and "asks" their domestic ISPs for support? There are other Providers who give you 15-50 TB/month for less than 10 Euro. Dig for them - don’t follow the pack! 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] More than one instance with Debian Jessie
> Ok - very sorry - I foolished myself -this last issue is solved :-) !! Thank you nusenu for your help !! signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] More than one instance with Debian Jessie
Am 03.07.2016 um 14:28 schrieb Peter Palfrader: > On Sun, 03 Jul 2016, pa011 wrote: > >> >> >> Am 03.07.2016 um 13:31 schrieb Peter Palfrader: >>> On Sun, 03 Jul 2016, pa011 wrote: >>> >>>> >>>> Am 03.07.2016 um 13:03 schrieb Peter Palfrader: >>>>> Let me read this for you. >>>>> >>>>> On Sun, 03 Jul 2016, pa011 wrote: >>>>> >>>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening OR >>>>>> listener on 0.0.0.0:443 >>>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to >>>>>> 0.0.0.0:443: Address already in use. Is Tor already running? >>>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Directory >>>>>> listener on 0.0.0.0:80 >>>>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to >>>>>> 0.0.0.0:80: Address already in use. Is Tor already running? >>>>> >>>>> HTH. >>> >>> [Hope that helps] >>> >>>> Would be very kind if you could explain a bit what I should do and why >>>> if you got some spare time. >>> >>> It appears you have told your (second?) tor to listen on port 443. You >>> have something else on your machine already using Port 443. >>> >>> (It's a bit hard to read, since you line wrapped the log output.) >>> >> Sorry for the wrapping - I hopefully convinced Thunderbird not to do it >> any more :-) >> >> Yes, the first tor instance is using the ports 80 and 443 - I thought >> they could be shared between the instances. So what setting should I use >> then in the second torrc please? > > Pick different ports. Any that are free and that you like. > Hey - great thanks especially to you Peter for your whole work on **tor-instance-create** "top" and syslog and even atlas let me come to the conclusion that I have two running instances now :-) Still open: "arm -i 9052" - is asking for a Controller password while I have a HashedControlPassword in place ? How to best separate the tor log files from both instances? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] More than one instance with Debian Jessie
Am 03.07.2016 um 13:31 schrieb Peter Palfrader: > On Sun, 03 Jul 2016, pa011 wrote: > >> >> Am 03.07.2016 um 13:03 schrieb Peter Palfrader: >>> Let me read this for you. >>> >>> On Sun, 03 Jul 2016, pa011 wrote: >>> >>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening OR listener >>>> on 0.0.0.0:443 >>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to >>>> 0.0.0.0:443: Address already in use. Is Tor already running? >>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Directory >>>> listener on 0.0.0.0:80 >>>> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to >>>> 0.0.0.0:80: Address already in use. Is Tor already running? >>> >>> HTH. > > [Hope that helps] > >> Would be very kind if you could explain a bit what I should do and why >> if you got some spare time. > > It appears you have told your (second?) tor to listen on port 443. You > have something else on your machine already using Port 443. > > (It's a bit hard to read, since you line wrapped the log output.) > Sorry for the wrapping - I hopefully convinced Thunderbird not to do it any more :-) Yes, the first tor instance is using the ports 80 and 443 - I thought they could be shared between the instances. So what setting should I use then in the second torrc please? TAM ;-) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] More than one instance with Debian Jessie
Am 03.07.2016 um 13:03 schrieb Peter Palfrader: > Let me read this for you. > > On Sun, 03 Jul 2016, pa011 wrote: > >> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening OR listener >> on 0.0.0.0:443 >> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to >> 0.0.0.0:443: Address already in use. Is Tor already running? >> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Directory >> listener on 0.0.0.0:80 >> Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to >> 0.0.0.0:80: Address already in use. Is Tor already running? > > HTH. > Hi Peter, sorry that might bring light to you - I even have to https://www.acronymfinder.com/Slang/HtH.html , because I am new to this business :-( Would be very kind if you could explain a bit what I should do and why if you got some spare time. Thanks a lot - Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] More than one instance with Debian Jessie
Am 02.07.2016 um 20:14 schrieb Peter Palfrader: > On Sat, 02 Jul 2016, pa011 wrote: > >> Ok - "Log notice file /var/log/tor/notices2.log" removed from >> torrc, but that doesn’t influence the error message from systemctl >> in no way. >> >> Still not working ! > > Please try to provide at least some more useful information. (Also, > please stop top posting and full quoting). > > What does /var/log/syslog say? > > What does journald -f say while you *restart* the service? > Hi Peter, the system is Linux version 3.16.0-4-amd64 (debian-ker...@lists.debian.org) (gcc version 4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.7-ckt25-2+deb8u2 (2016-06-25) with Tor 0.2.7.6 "journald -f" brings up "command not found" here is a copy of the syslog: Jul 3 12:09:27 sed[4525]: DataDirectory /var/lib/tor-instances/tor2 Jul 3 12:09:27 sed[4525]: PidFile /var/run/tor-instances/tor2/tor.pid Jul 3 12:09:27 sed[4525]: RunAsDaemon 0 Jul 3 12:09:27 sed[4525]: User _tor-tor2 Jul 3 12:09:27 sed[4525]: SyslogIdentityTag tor2 Jul 3 12:09:27 sed[4525]: ControlSocket /var/run/tor-instances/tor2/control Jul 3 12:09:27 sed[4525]: ControlSocketsGroupWritable 1 Jul 3 12:09:27 sed[4525]: CookieAuthentication 1 Jul 3 12:09:27 sed[4525]: CookieAuthFileGroupReadable 1 Jul 3 12:09:27 sed[4525]: CookieAuthFile /var/run/tor-instances/tor2/control.authcookie Jul 3 12:09:27 sed[4525]: Log notice syslog Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.541 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable OpenSSL 1.0.1t and Zlib 1.2.8. Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.542 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.542 [notice] Read configuration file "/var/run/tor-instances/tor2.defaults". Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.542 [notice] Read configuration file "/etc/tor/instances/tor2/torrc". Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.544 [notice] Based on detected system memory MaxMemInQueues is set to 370 MB. You can override this by setting MaxMemInQueues by hand. Jul 3 12:09:27 tor[4528]: Jul 03 12:09:27.545 [notice] Not disabling debugger attaching for unprivileged users. Jul 3 12:09:27 tor[4528]: Configuration was valid Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.583 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable OpenSSL 1.0.1t and Zlib 1.2.8. Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.583 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.584 [notice] Read configuration file "/var/run/tor-instances/tor2.defaults". Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.584 [notice] Read configuration file "/etc/tor/instances/tor2/torrc". Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.587 [notice] Based on detected system memory MaxMemInQueues is set to 370 MB. You can override this by setting MaxMemInQueues by hand. Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.588 [notice] Opening Socks listener on 127.0.0.1:0 Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.588 [notice] Socks listener listening on port 52394. Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.589 [notice] Opening Control listener on 127.0.0.1:9052 Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Control listener on /var/run/tor-instances/tor2/control Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening OR listener on 0.0.0.0:443 Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to 0.0.0.0:443: Address already in use. Is Tor already running? Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [notice] Opening Directory listener on 0.0.0.0:80 Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.590 [warn] Could not bind to 0.0.0.0:80: Address already in use. Is Tor already running? Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [notice] Closing partially-constructed Socks listener on 127.0.0.1:52394 Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [notice] Closing partially-constructed Control listener on 127.0.0.1:9052 Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [notice] Closing partially-constructed Control listener on /var/run/tor-instances/tor2/control:0 Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [warn] Failed to parse/validate config: Failed to bind one of the listener ports. Jul 3 12:09:27 tor[4532]: Jul 03 12:09:27.591 [err] Reading config failed--see warnings above. Jul 3 12:09:27 systemd[1]: tor@tor2.service: main process exited code=exited status=1/FAILURE Jul 3 12:09:27 systemd[1]: Failed to start Anonymizing overlay network for TCP (instance tor2). Jul 3 12:09:27 systemd[1]: Unit tor@tor2.service entered failed state. Jul 3 12:09:27 sed[4539]: DataDirectory /var/lib/tor-instances/tor2 Jul 3 12:09:27 sed[4539]: PidFil
Re: [tor-relays] More than one instance with Debian Jessie
Ok - "Log notice file /var/log/tor/notices2.log" removed from torrc, but that doesn’t influence the error message from systemctl in no way. Still not working ! Does the machine on which I like to add this second instance have more than one core?? I don’t want to use ansible at the moment - that seems far to much for me currently - maybe three steps ahead :-) Is there possibly an other way instead of two Tor instances running to convince the bandwidth-authority to take more use of a 250Mbit/s line for an Exit instead of just 40-50 Mbit/s? Am 02.07.2016 um 18:21 schrieb nusenu: >> Still unsuccessful, even after reboot -here is what I did: >> >> sudo tor-instance-create tor2 >> >> sudo adduser xxx _tor-tor2 > > no need to create that user manually, tor-instance-create does that > > >> sudo systemctl start tor@tor2 >> >> Job for tor@tor2.service failed. See 'systemctl status tor@tor2.service' >> and 'journalctl -xn' for details. >> >> xxx@xxx:~$ systemctl status tor@tor2.service >> ● tor@tor2.service - Anonymizing overlay network for TCP (instance tor2) >>Loaded: loaded (/lib/systemd/system/tor@.service; disabled) >>Active: failed (Result: start-limit) since Sat 2016-07-02 17:37:32 >> CEST; 12s ago >> >> Process: 710 ExecStart=/usr/bin/tor --defaults-torrc >> /var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc >> (code=exited, status=1/FAILURE) >> > > >>> these are my current settings: >>> >>> SocksPort auto >>> RunAsDaemon 0 >>> Log notice file /var/log/tor/notices2.log > > This is a bad idea (file permissions), why did you add that Log line? > I recommend you stick with the default behaviour (syslog), just remove > that line. > > > If you simply want to setup multiple tor instances on a debian 8 target > machine, you might also just use ansible > > https://github.com/nusenu/ansible-relayor > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] More than one instance with Debian Jessie
Still unsuccessful, even after reboot -here is what I did: sudo tor-instance-create tor2 sudo adduser xxx _tor-tor2 sudo systemctl start tor@tor2 Job for tor@tor2.service failed. See 'systemctl status tor@tor2.service' and 'journalctl -xn' for details. xxx@xxx:~$ systemctl status tor@tor2.service ● tor@tor2.service - Anonymizing overlay network for TCP (instance tor2) Loaded: loaded (/lib/systemd/system/tor@.service; disabled) Active: failed (Result: start-limit) since Sat 2016-07-02 17:37:32 CEST; 12s ago Process: 710 ExecStart=/usr/bin/tor --defaults-torrc /var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc (code=exited, status=1/FAILURE) Process: 707 ExecStartPre=/usr/bin/tor --defaults-torrc /var/run/tor-instances/%i.defaults -f /etc/tor/instances/%i/torrc --verify-config (code=exited, status=0/SUCCESS) Process: 704 ExecStartPre=/bin/sed -e s/@@NAME@@/%i/g; w /var/run/tor-instances/%i.defaults /usr/share/tor/tor-service-defaults-torrc-instances (code=exited, status=0/SUCCESS) Process: 703 ExecStartPre=/usr/bin/install -Z -m 02750 -o _tor-%i -g _tor-%i -d /var/run/tor-instances/%i (code=exited, status=0/SUCCESS) Main PID: 710 (code=exited, status=1/FAILURE) Am 02.07.2016 um 16:02 schrieb pa011: > Ok - I do have it and I installed a second instance called "tor2". > > I can control the first instance of Tor as usual with arm but how can I > now control the running of "tor2" with arm? > > When calling arm with "sudo -u _tor-tor2 arm" I get asked for a > Controller password even while having a HashedControlPassword in place? > > What are the other needed settings apart from the relay specific ones in > the torrc file from "tor2" to get it controlled by arm? > > Could somebody please give an example? > > Thank you all, Paul. > > > these are my current settings: > > SocksPort auto > RunAsDaemon 0 > Log notice file /var/log/tor/notices2.log > ControlPort 9052 > HashedControlPassword xx:xx > Nickname test2 > RelayBandwidthRate 500 KB > RelayBandwidthBurst 800 KB > > > > Am 01.07.2016 um 23:28 schrieb nusenu: >>> thank you for that link. >>> >>> Unfortunately I have to out myself as I am a newbe and don’t know how to >>> get it working. >>> >>> I can see - the tool >>> https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create >>> . >>> >>> Do I have to download it? If so where to? >>> >>> Sorry cant be more precise with my questions. >> >> This "tool" comes with the tor package (from torproject debian >> repository), so if you installed tor from there you should have it already. >> >> >> >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] More than one instance with Debian Jessie
Hi, thank you for that link. Unfortunately I have to out myself as I am a newbe and don’t know how to get it working. I can see - the tool https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create . Do I have to download it? If so where to? Sorry cant be more precise with my questions. Am 01.07.2016 um 22:26 schrieb nusenu: > Hi, > >> I do have the same issue with Debian, but didn’t find any documentation >> that worked really. > > as previously pointed out already you might look at the > tor-instance-create man page > > https://gitweb.torproject.org/debian/tor.git/tree/debian/tor-instance-create.8.txt > > If you have specific problem people might be able to give more specific > help. > >> Could you please let me know in detail what you did, >> if it is going well with you? > > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] More than one instance with Debian Jessie
Hi Patrick, I do have the same issue with Debian, but didn’t find any documentation that worked really. Could you please let me know in detail what you did, if it is going well with you? Thank you -best regards Paul Am 28.06.2016 um 10:37 schrieb Patrick ZAJDA: > Hi Peter, > > I strangely didn't find it before. > Great, thanks! > > The only thing I found before was the ticket talking about putting files > in /etc/tor/enabled. > > Best regards, > > Patrick > > Peter Palfrader: >> On Tue, 28 Jun 2016, Patrick ZAJDA wrote: >> >>> With Debian Jessie and systemd, we can have multiple instances of Tor. >>> But I cannot find any documentation about how to do that. >>> >>> Can someone tel me where to find some documentation (and not an >>> alternative to have multiple instances). please? >>> Else, can someone explain me how to do that if there is not documentation? >> >> Have you tried the tor-instance-create manpage? >> > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] If you get weird crashes, that might be why
Hi Yuriy and Pascal, I don’t know where that "Op$bf: " is from, it is stated that way in the Tor log file. What looks very different from other relay debug files are the number of entries like these: Jun 25 20:05:50 kernel: [61536.640020] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143200123:1143203019 (repaired) Jun 25 20:05:54 kernel: [61540.044045] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143205915:1143208811 (repaired) Jun 25 20:05:59 kernel: [61544.900036] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143211707:1143214603 (repaired) Jun 25 20:06:31 kernel: [61577.120054] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143252251:1143255147 (repaired) Jun 25 20:06:37 kernel: [61583.684050] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143258043:1143260939 (repaired) Jun 25 20:06:41 kernel: [61587.156021] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143262387:1143266731 (repaired) Jun 25 20:06:41 kernel: [61587.588021] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143263835:1143266731 (repaired) Jun 25 20:06:45 kernel: [61591.492022] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143269627:1143272523 (repaired) Jun 25 20:07:22 kernel: [61628.072061] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143310171:1143313067 (repaired) Jun 25 20:07:53 kernel: [61659.280023] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143343475:1143347819 (repaired) Jun 25 20:07:53 kernel: [61659.708017] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143344923:1143347819 (repaired) Jun 25 20:08:21 kernel: [61687.148034] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143379675:1143382571 (repaired) Jun 25 20:08:32 kernel: [61698.296025] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143391259:1143394155 (repaired) Jun 25 20:08:39 kernel: [61705.388024] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143398499:1143399947 (repaired) Jun 25 20:09:03 kernel: [61729.729801] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143426011:1143428907 (repaired) Jun 25 20:09:15 kernel: [61741.832029] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143437595:1143440491 (repaired) Jun 25 20:10:58 kernel: [61844.83] Peer 47.19.79.xxx:47000/55752 unexpectedly shrunk window 1143491894:1143494790 (repaired) Jun 25 20:11:02 kernel: [61848.120017] Peer 47.19.79.xxx:4700/55752 unexpectedly shrunk window 1143497686:1143500582 (repaired) and the number of lines like: kernel: [113700.366999] nf_conntrack: table full, dropping packet which comes nearly every second -sometime more. Memory is used about 50 percent -disk space more than enough. Am 26.06.2016 um 19:39 schrieb Yuriy M. Kaminskiy: > On 26.06.2016 16:22, pa011 wrote: >> On start-up my Exit (Linux 3.16.0-4-amd64) Tor 0.2.7.6 creates this log >> message: >> >> [warn] OpenSSL version from headers does not match the version we're >> running with.If you get weird crashes, that might be why. (Compiled >> with 100010bf: Op$bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: > ^^^ >> OpenSSL 1.0.1t 3 May 2016). >> >> Unfortunately it really crashes ones a day. This seems to be an ongoing >> problem for years now? >> >> Could anyone please give some help - or is there none? > > No, this is NOT a reason for those crashes. > > Background: > At May/June 2016, Debian jessie transitioned from heavily-patched > openssl 1.0.1k (with a lot of security patches backported from later > [stable] versions) to (much more lightly-patched) openssl 1.0.1t (which > already included all those security fixes). > > Both versions are (supposed to be) completely binary compatible, and > running a binary compiled against 1.0.1k with openssl 1.0.1t should be > completely safe. > > If your tor crashes daily (and especially if that also happened before > June 2016, when debian transitioned to 1.0.1t), the reason must be > something else (hardware problem, insufficient resources [memory? disk? > process/task/thread limit?], some obscure tor bug). > > That said, above message looks weird. It comes from this code: > > log_warn(LD_CRYPTO, "OpenSSL version from headers does not match the " >"version we're running with. If you get weird crashes, that " >"might be why. (Compiled with %lx: %s; running with %lx: %s).", >(unsigned long)OPENSSL_VERSION_NUMBER, OPENSSL_VERSION_TEXT, >SSLeay(), SSLeay_version(SSLEAY_VERSION)); > > What is that "Op$bf: " in above message and where it comes from? > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo
[tor-relays] If you get weird crashes, that might be why
On start-up my Exit (Linux 3.16.0-4-amd64) Tor 0.2.7.6 creates this log message: [warn] OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled with 100010bf: Op$bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 May 2016). Unfortunately it really crashes ones a day. This seems to be an ongoing problem for years now? Could anyone please give some help - or is there none? Thanks Paul 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Handling abuse - like to get your help please
Jon, all others, yes I understand what you say and obviously have to accept the ISP's wishes (order). But before giving up a 100Mbit/s exit I would like to understand more about the ISP's reasons and burdens: - is it just the more work for rather poor money handling(forwarding) those abuses ? - to whom else dose he have to report what he is doing with the gotten abuses? - must he answer to the origin of the abuse? - who is getting a copy of them(if at all)? - can he loose his license as a ISP (with to many or badly handled abuses)? - are there any regulatory burdens for them - if so which ones? - are ISP's treated different in different parts of the world? Answers here might help me and others in bringing forward the discussion with them. Paul Am 21.06.2016 um 15:38 schrieb BlinkTor: > On Jun 20, 2016, at 4:19 AM, pa011 <pa...@web.de> wrote: >> >> Hi all, >> >> thanks again for your hints - in my case they obviously find Tor less >> fancy - their response today is following: >> >> "Hello. >> You need to take steps to ensure that the complaint would be no longer >> received. >> This software is only allowed if there are no complaints on the server." >> >> As I cant close Port 80 and the next attack would be a different target >> I guess there is not much room for response :-( >> >> Rgds >> >> Paul > > > Paul, > > This is a recurring issue that will not go away, because protecting malicious > traffic is part of the foundational Tor philosophy. Tor very intentionally > has no ability (beyond rudimentary port/host blocking) to control the type of > traffic it carries, there are no plans to add any sort of IDS functionality, > and filtering exit relay traffic is frowned upon by the Tor community. This > is why abuse reports happen, and it's the primary reason that Tor relays are > blocked by so many services—typically not because folks are against personal > privacy, but because they simply take a very practical approach to network > security. So, if you (or your ISP) determine that the benefits of Tor aren’t > compelling enough to turn a blind eye to malicious Tor traffic and the abuse > reports it generates, then your only real options are to either not run an > exit, or not run Tor at all. > > That’s just the way it is. > > Jon > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] [warn] eventdns: All nameservers have failed
Jun 19 20:24:38.000 [warn] eventdns: All nameservers have failed Jun 19 20:24:38.000 [notice] eventdns: Nameserver 8.8.4.4:53 is back up I do get this in my logs on an exit (Tor 0.2.7.6) several times every hour. The /etc/resolv.conf contains # Generated by SolusVM nameserver 8.8.8.8 nameserver 8.8.4.4 Is it really best to set only one DNS like specified here https://trac.torproject.org/projects/tor/ticket/11600 ? Or are there better working solutions? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Handling abuse - like to get your help please
Thank you Michael, solving that obviously easy question :-) So what was this "attac" then about, on which way, how can I see that ? Nice weekend to all Paul Am 17.06.2016 um 21:53 schrieb Michael Armbruster: > On 2016-06-17 at 21:51, pa011 wrote: >> Thank you both ! >> >> @ Michael: that’s exactly what I did so far and in the past >> @ Moritz: I will try my best - yes it was an automated response with >> just an name in Germany and no IP given, that I could possibly block >> >> "HTTP/1.1 404 293..." are these the ports the traffic went trough ? >> > > Hi, > > Glad to hear other people already helped you out with your first question :) > > To answer this one: No, this is just the HTTP version (so protocol and > version), the HTTP status code (404 for "Not Found"; file was not found > on the server) and the size of the message that was transmitted to the > client, 293 bytes in this case. > > Best Regards, > Michael Armbruster > > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Handling abuse - like to get your help please
Thank you both ! @ Michael: that’s exactly what I did so far and in the past @ Moritz: I will try my best - yes it was an automated response with just an name in Germany and no IP given, that I could possibly block "HTTP/1.1 404 293..." are these the ports the traffic went trough ? Am 17.06.2016 um 21:42 schrieb Moritz Bartl: > On 06/17/2016 09:35 PM, pa011 wrote: >> As I am new to this business could somebody please give me a hint how to >> best handle such an abuse complain - possibly stop it? > > You can explain Tor, offer to block that destination from your exit, and > offer your help so they can treat Tor users differently in general. > Teaching them that not all Tor users they will see are bad, and they > should not outright block Tor, etc. > > Often these reports are generated automatically by some intrusion > detection systems and are purely informational. > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Handling abuse - like to get your help please
As I am new to this business could somebody please give me a hint how to best handle such an abuse complain - possibly stop it? Thanks, Regards and a nice weekend. we have detected abuse from the IP address xxx.xxx.xxx,xxx, which according to a whois lookup is on your network. We would appreciate if you would investigate and take action as appropriate. Log lines are given below, but please ask if you require any further information. If you are not the correct person to contact about this please accept our apologies - your e-mail address was extracted from the whois record by an automated process. This mail was automatically generated. Note: Local timezone is +0200 (CEST) /var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:50 +0200] "POST /cgi-bin/php-cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1" 404 293 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25" /var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:51 +0200] "POST /cgi-bin/php.cgi?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1" 404 293 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25" /var/log/apache2/access.log:xxx.xxx.xxx.xxx - - [17/Jun/2016:09:25:52 +0200] "POST /cgi-bin/php4?%2D%64+%61%6C%6C%6F%77%5F%75%72%6C%5F%69%6E%63%6C%75%64%65%3D%6F%6E+%2D%64+%73%61%66%65%5F%6D%6F%64%65%3D%6F%66%66+%2D%64+%73%75%68%6F%73%69%6E%2E%73%69%6D%75%6C%61%74%69%6F%6E%3D%6F%6E+%2D%64+%64%69%73%61%62%6C%65%5F%66%75%6E%63%74%69%6F%6E%73%3D%22%22+%2D%64+%6F%70%65%6E%5F%62%61%73%65%64%69%72%3D%6E%6F%6E%65+%2D%64+%61%75%74%6F%5F%70%72%65%70%65%6E%64%5F%66%69%6C%65%3D%70%68%70%3A%2F%2F%69%6E%70%75%74+%2D%64+%63%67%69%2E%66%6F%72%63%65%5F%72%65%64%69%72%65%63%74%3D%30+%2D%64+%63%67%69%2E%72%65%64%69%72%65%63%74%5F%73%74%61%74%75%73%5F%65%6E%76%3D%30+%2D%6E HTTP/1.1" 404 290 "-" "Mozilla/5.0 (iPad; CPU OS 6_0 like Mac OS X) AppleWebKit/536.26(KHTML, like Gecko) Version/6.0 Mobile/10A5355d Safari/8536.25" 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor Weather has been discontinued
I would offer 2 helping hands and possibly more as well to get this and my own shirt out - please contact me Paul Am 08.06.2016 um 18:05 schrieb l3thal.inject...@gmail.com: > If tor weather isn't running, and tshirt emails aren't being sent out, > is someone doing this manually then? How can I help get the show on > the road? Not gonna lie, I was really looking forward to the tshirt > email as my relay definitely should have earned one about 2 weeks ago. > haha. Actually I just donated $100... maybe now I can get a tshirt? > > https://atlas.torproject.org/#details/1F45542A24A61BF9408F1C05E0DCE4E29F2CBA11 > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
I like to try this chnage as well - where do I find this file/parameter exactly? Thanks Am 11.06.2016 um 20:11 schrieb SuperSluether: > Fixed it! And I feel like I'm going crazy. If I'm reading the logs > correctly, Tor is signaling readiness to systemd /1 hundredth of a > second (0.01)/ past the 120s limit. I changed the limit to 300s in the > tor@default.service file, and all is well. > > Thanks Peter, you really steered me in the right direction. I should > probably start checking logs first when something stops working... > > On 06/11/2016 09:50 AM, SuperSluether wrote: >> Ok maybe I spoke too soon. After running rpi-update and rebooting, >> it's still having trouble starting. I'll poke around and see if I can >> find anything. Worst case scenario, I don't have enough RAM and need >> to turn something off, which means I'm wasting everyone's time with this. >> >> On 06/11/2016 09:35 AM, SuperSluether wrote: >>> I have the Raspberry Pi Model B 2, which has an ARM7 processor. As >>> such, I am able to use the official Debian repository without issue. >>> Current version of Tor is 0.2.7.6-1~d80.jessie+1. Systemd is at >>> version 215-17+deb8u4. >>> >>> I poked around in syslog, and found this: >>> >>> systemd[1]: tor@default.service start operation timed out. Terminating. >>> >>> After increasing the systemd timeout (from 90s to 300s) Tor is >>> running properly. Thanks for the help! I'm guessing this happened >>> because I just have too much running on this thing. (Plex Media >>> Server, Deluge BitTorrent Client, Tor) >>> >>> On 06/11/2016 03:13 AM, Peter Palfrader wrote: On Fri, 10 Jun 2016, SuperSluether wrote: > After rebooting my Raspberry Pi for a few updates, Tor is not working > properly. From the logs, > > [warn] OpenSSL version from headers does not match the version > we're running > with. If you get weird crashes, that might be why. (Compiled with > 100010bf: > OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 > May > 2016). > > Everything else in the log looks normal, but right after bootstrap 85% > (finishing handshake with first hop) it says this: > > [notice] Interrupt: we have stopped accepting new connections, and > will shut > down in 30 seconds. Interrupt again to exit now. You did not say where you got your tor from. I assume you are using some version (or fork) of the debian package. Which one? At a guess, your system is too slow to start tor within the default timeout of the systemd service. Try raising the timeout. (Which systemd version are you using?) >>> >> > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
Hi Petrusko, yes I read this "Raspbian is not Debian" my /etc/apt/sources.list looks like this: deb http://archive.raspbian.org/raspbian jessie main contrib non-free deb-src http://archive.raspbian.org/raspbian jessie main contrib non-free deb http://ftp.debian.org/debian jessie main deb http://deb.torproject.org/torproject.org jessie main deb-src http://deb.torproject.org/torproject.org jessie main Thanks Am 11.06.2016 um 14:17 schrieb Petrusko: > Hey! > > I see in your logs the Tor 0.2.7.6 (git-605ae665009853bd) is used. > > This Tor version is running fine on my _Debian_ relay, 'cause I've set > up the _Tor repo_ in the /etc/apt/sources.list > > But on _Raspbian_, I'm not sure if using the Tor repo is 100% ok... :s > https://www.torproject.org/docs/debian.html.en#ubuntu : > << *Raspbian is not Debian.* These packages will be confusingly broken > for Raspbian users, since Raspbian called their architecture armhf but > Debian already has an armhf.>> > > May be I'm wrong... > I've to try Tor repo on a 2nd RPi I've got for spare, to be sure... > Are you using the Tor repo as I guess ? and Raspbian 8 jessie ? > > Raspbian repo are ok, not as updated as the Tor repo, but it's working ;) > > > > Le 11/06/2016 à 13:32, pa011 a écrit : >> Same problem here today after several updates... >> rpi-update doesn’t solve the issue unfortunately >> log-file looks like this: >> >> Jun 11 13:20:50.000 [notice] Clean shutdown finished. Exiting. >> Jun 11 13:20:53.000 [notice] Tor 0.2.7.6 (git-605ae665009853bd) opening >> log file. >> Jun 11 13:20:52.462 [warn] OpenSSL version from headers does not match >> the version we're running with. If you get weird crashes, that might be >> why. (Compiled $ with with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running >> with 1000114f: OpenSSL 1.0.1t 3 May 2016). >> >> Jun 11 13:20:53.423 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running >> on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. >> >> Jun 11 13:20:56.000 [notice] Bootstrapped 0%: Starting >> Jun 11 13:20:58.000 [notice] Bootstrapped 5%: Connecting to directory server >> Jun 11 13:22:54.000 [notice] Bootstrapped 80%: Connecting to the Tor network >> Jun 11 13:22:54.000 [notice] Signaled readiness to systemd >> Jun 11 13:22:54.000 [notice] Bootstrapped 85%: Finishing handshake with >> first hop >> Jun 11 13:22:54.000 [notice] Interrupt: we have stopped accepting new >> connections, and will shut down in 30 seconds. Interrupt again to exit now. >> Jun 11 13:23:24.000 [notice] Clean shutdown finished. Exiting. >> >> >> >> >> Am 11.06.2016 um 11:45 schrieb Petrusko: >>> apt-get install rpi-update >> >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor is Interrupting (?) OpenSSL Version Mismatch
Same problem here today after several updates... rpi-update doesn’t solve the issue unfortunately log-file looks like this: Jun 11 13:20:50.000 [notice] Clean shutdown finished. Exiting. Jun 11 13:20:53.000 [notice] Tor 0.2.7.6 (git-605ae665009853bd) opening log file. Jun 11 13:20:52.462 [warn] OpenSSL version from headers does not match the version we're running with. If you get weird crashes, that might be why. (Compiled $ with with 100010bf: OpenSSL 1.0.1k 8 Jan 2015; running with 1000114f: OpenSSL 1.0.1t 3 May 2016). Jun 11 13:20:53.423 [notice] Tor v0.2.7.6 (git-605ae665009853bd) running on Linux with Libevent 2.0.21-stable, OpenSSL 1.0.1t and Zlib 1.2.8. Jun 11 13:20:56.000 [notice] Bootstrapped 0%: Starting Jun 11 13:20:58.000 [notice] Bootstrapped 5%: Connecting to directory server Jun 11 13:22:54.000 [notice] Bootstrapped 80%: Connecting to the Tor network Jun 11 13:22:54.000 [notice] Signaled readiness to systemd Jun 11 13:22:54.000 [notice] Bootstrapped 85%: Finishing handshake with first hop Jun 11 13:22:54.000 [notice] Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now. Jun 11 13:23:24.000 [notice] Clean shutdown finished. Exiting. Am 11.06.2016 um 11:45 schrieb Petrusko: > apt-get install rpi-update signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] TOR router install without access to root
@Green Could please explain a bit more what you mean by "Avoiding using two nodes from the same AS would seemingly go a long way toward mitigating the attack vector you mentioned though." Thanks Paul Am 25.05.2016 um 21:22 schrieb Green Dream: > @Nils > > Tor path selection avoids using relays from the same /16 subnet, and I > thought it considered the Autonomous System (AS) as well. However now > I'm not finding concrete evidence that path selection looks at AS. I > found some older academic papers on the subject [1], but nothing in the > current specification [2]. > > Avoiding using two nodes from the same AS would seemingly go a long way > toward mitigating the attack vector you mentioned though. > > 1) http://freehaven.net/anonbib/cache/DBLP:conf/ccs/EdmanS09.pdf > > 2) https://gitweb.torproject.org/torspec.git/plain/path-spec.txt > > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] TOR router install without access to root
Hi Markus, on your hint I was just checking feralhosting.com. They are quoting: "We do not allow Tor exit nodes to be run on our servers. They're open invitations for trouble, and while Tor serves a useful purpose our network is not the place for it. Tor relays are fine provided they strictly only act as an intermediary. We will make an exception to this rule if you bring your own RIPE IPs and handle abuse directly while taking full responsibility. " Is this your experience as well? Paul Am 25.05.2016 um 10:16 schrieb Markus Koch: > Linux, would like to upgrade my accounts at feralhosting.com with tor > nodes. It must be possible because there are a lot of TOR nodes on > feral. No clue what kind of linux they are using but you are right, I > needed root for my other 6 TOR servers and I am just wondering if > there is a way around it, if not I just ask them to install it for me > :) > > Markus > > > 2016-05-25 10:10 GMT+02:00 Petrusko: >> Like a portable version so ? >> >> Windows, Linux, which operating system are you using ? >> >> On Linux world, I'm usually using Debian and as I know you will need a >> root access to the server. >> It will create a debian-tor group, write into the system... >> >> Or if your user is in the "sudo" group, it can be ok. >> >> On windows, I'm not sure if there's a portable version of Tor... >> portable = no need to install >> >> >> >> Le 25/05/2016 10:03, Markus Koch a écrit : >>> possible or do I have to ask my hosting company for the install on a >>> shared server? >>> >>> Markus >>> ___ >>> tor-relays mailing list >>> tor-relays@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> >> -- >> Petrusko >> PubKey EBE23AE5 >> C0BF 2184 4A77 4A18 90E9 F72C B3CA E665 EBE2 3AE5 >> >> >> >> ___ >> tor-relays mailing list >> tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] tips-running-exit-node-minimal-harassment
This page https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment cant be found at the moment - anybody holding a copy of it please? There is something similar 6 years old: https://www.facebook.com/notes/tor-project/tips-for-running-an-exit-node-with-minimal-harassment/407918266748/ Is this still state of the art? Thanks Paul 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] VPS for Exits
I contacted ITL (https://itldc.com/) as well two weeks ago. To me they refused opening an exit: "We decide to do not allow new public tor exit nodes in our network. Existing public tor exit nodes we be kept." Paul Am 21.05.2016 um 14:37 schrieb Neel Chauhan: >>Do you know of a VPS for an exit? > I have two exits on VPS servers. One is on ITL (https://itldc.com/), and > the other one is on CoolHousing using their Virtual Server Lite brand > (http://virtualniserverlite.cz/en/). My experience with both hosts has > been very good. For the latter, you WILL need a Reduced Exit Policy, and > have to remove IRC ports. > > I also previously had a VPS with Verelox (https://verelox.com/) when > they had unlimited bandwidth, and they allow Tor exit nodes as well. > > I don't know about other providers, but a good place to ask for a Tor > friendly VPS is vpsBoard (https://vpsboard.com/). > > -Neel Chauhan > https://www.neelc.org/ > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Handling possible abuse requests
Thank you all who have contributed with there hints, support and motivation so far. I will dig into that links and papers hopefully in the coming days and probably ask again afterwards :-) What seems to be important is to get an IP reassignment from the ISP -is that really essential to start? And furthermore is it ok to run with such a set of IP4 rules: /etc/iptables/rules.v4 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT Thank you again PA Am 19.05.2016 um 13:56 schrieb Moritz Bartl: > On 05/18/2016 10:13 PM, pa011 wrote: >> Is there anybody out there who can give me some advice, or even help me >> doing (answering) these? > > I think it is pretty much straightforward. You can explain what Tor is, > why you are supporting it, and in some more heated cases offer to > temporarily block destination IP/port pairs. You will come up with your > own language and standard cases as you go along, and from that can > derive some template replies. > >> How many of those abuses are to expect? >> How to avoid on changing what parameters? > > The easiest parameter to tune is bandwidth. The more bandwidth you > provide, the more abusive traffic you will see. The second most > important parameter is the ExitPolicy. See also > https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment > and https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines . > > Thanks for running Tor relays, and welcome to the exit business! :) > 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Handling possible abuse requests
I am running some pretty good developing relays which I would like to change into exit-nodes over time. As I have no experience how to handle possible abuses I would need some help please? Is there anybody out there who can give me some advice, or even help me doing (answering) these? How many of those abuses are to expect? How to avoid on changing what parameters? Any hints highly appreciated. PA 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] First Relay
Congratulation - I know that feeling very well ...one after another :-) Am 10.04.2016 um 21:08 schrieb KAW: > Got my first relay running for 4 days now :D > > > -KAW > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > 0xC8C330E7.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] [warn] Bad password or authentication cookie on controller.
Hello, yesterday I got within a minute three times the above warning in my log file on Tor 0.2.7.6. Could somebody please explain to me what it means and how to solve? Is there a source where I can possibly find answers on this and other warnings? Thanks in advance Paul ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Traffic on a small Middle Relay, Advertised Bandwidth 1 MB/s
Since about 3 months i am running a small middle relay with Advertised Bandwidth of 1 MB/s. The ISP cuts the line every night as its common on most German private DSL. The relay therefore doesn't get a stable-flag :-( What is the amount of traffic i could/should possibly generate? Is a utilization between 10 and 20 percent not too small, with 15% RAM, 0-20% CPU used only? Could i do any better? Rgds Paul 0xF5A71575.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] How to update tor on my raspberry
Hallo Volker, that looks strange. I do run a middle relay on raspian jessie and got it weeks ago by running your commands... /etc/apt/sources.list does have the following entries: deb http://archive.raspbian.org/raspbian jessie main contrib non-free deb-src http://archive.raspbian.org/raspbian jessie main contrib non-free deb http://ftp.debian.org/debian jessie main deb http://deb.torproject.org/torproject.org jessie main deb-src http://deb.torproject.org/torproject.org jessie main Regards Paul Am 10.01.2016 um 15:11 schrieb Volker Mink: > Hey there. > > My exit is still running on tor 0.2.4.27. > How can i update it to 0.2.7.6 ? > Apt-get offers no package with apt-get update and upgrade. > Any hints? > > > Best, > Volker > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > 0xF5A71575.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays