Re: [tor-relays] Help Turkmens to bypass Internet censorship: run an obfs4 bridge!
gus wrote: > Second, in Turkmenistan case, it appears that one ISP (AGTS) had > different censorship rules compared to their main ISP, > Turkmentelecom. That's not possible because AGTS is entirely hosted by TurkmenTelecom. This is different from PRC China where they have 3 operators with different networks thus having each their censorship. It also cannot be compared with Russia, because until 10 years ago, the Internet in Russia was totally free, this enabled decentralization and rapid deployment. Thanks to this, the government still does not have a single button to press to shut everything down, and censorship is implemented differently by each operator. In Turkmenistan, such development was never possible. Sometimes, the filtering seems lighter in Turkmeninstan, and the reason is that TurkmenTelecom sucks at censorship. Turkmenistan does not even maintain a blacklist, they maintain a whitelist, that is, everything is blocked but what's on the list. The result is that people can't even update software, things start to break and then they are forced to lift the filtering up a little bit which sometimes result in making bootstrapping Tor possible. Also, when there is an event such as an election, they simply disconnect everything. Therefore, running bridges and relays won't help, sadly. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Police request regarding relay
li...@for-privacy.net wrote: > Without a court order, the cops have no right to request data at all. They have the right to send requests without court orders, they just cannot force you to cooperate. They do it all the time. We receive tons of them from EU Police. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Police request regarding relay
Finn wrote: > The weird thing is, that the relay in question is only a relay and > not an exit node since its creation (185.241.208.179) > (https://nusenu.github.io/OrNetStats/w/relay/B67C7039B04487854129A66B16F5EE3CFFCBB491.html) > - anyone has an idea how this happens? Best regards We receive this mostly from France and Germany. We figured out that they downloaded the Tor Browser then looked at the Tor Circuit widget and just collected the addresses they could see there. This is the same as when Police, Attention Seekers, Cyber White Knights, Censors and other scoundrels contact every ISP they see in a traceroute. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Netcraft spam
jvoisin via tor-relays wrote: > Is this something other operators have seen too or are we alone? You're not alone, they're desperately trying to advertise themselves and you shouldn't give them any form of importance by replying to them. In fact, they will probably discard your reply as the purpose of their Spam is to advertise their crap rather than actually report a serious problem. > but the netcraft spam keeps coming, annoying everyone. Just filter them out? > is there anything that can be done to make them understand what's > going on? You will receive a lot of garbage like this from people trying to build themselves a reputation of Internet White Knight. Just send them to trash. Eventually, if it looks like the sender may read your answer, either try to educate them. If they persist, you may do as we do, make fun of their stupidity. However, this may not work if you're not running your own network and have a crappy ISP. In this case, you probably shouldn't host a Tor relay at them. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] G-Core Labs and their humanoid robots
Roger Dingledine wrote: > Typically the way these blocklists work is that they run "honey > services" somewhere secret on the internet, often on ports like 80 > that are different from the ones they will apply the blocklist to. > And if anybody connects to their secret honey IP address on port 80, > they call them a likely spammer and refuse to allow emails/etc to > their other services from that address. I don't think that it is the reason. Most likely G-Core Labs received automatic abuse reports from hosts that complained that there were attempts to scan some website or brute force an SMTP relay. Then they triggered the filtering in fear of being put in blacklists. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] G-Core Labs and their humanoid robots
Thank you for sharing that. It's obvious that they are either using third-parties or that they are afraid of being bullied by the Spamhaus gang. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] A way to reduce spam and brute attacks...
rus...@gmx.net wrote: > is there any way to stop or if not reduce the spam, brute force > attacks that are leaving my exit? Well port blocking or destination > IP blocking is one way but without any relevant information except > this hard, right? => https://cleantalk.org/blacklists/51.15.80.14 > > Stopped my exit for about 2-3 weeks awaiting lower number of > complaints but nothing changed. > > In the end I have to migrate from exit to relay unfortunately. I don't think that there is any reason to try to limit that. All those brute forces are inoffensive. There's only lot of them because there is enough idiots that setup their access with ridiculous passwords. If there wouldn't be that many idiots, the brute force attacks would just disappear as they wouldn't be profitable to the script-kiddie anymore. I have learned by experience that noobs learn best when they get to taste their inexperience. So in a sense, the brute force attacks are beneficial. Unfortunately, a lot of noobs that foolishly rely on centralized blacklists. There's not much that can be done but teaching them how to do without them. We have never delegated our filtering to third parties and never felt that we should do so. We get thousands of brute force attacks a day, SSH, SMTP AUTH, whatever. And so what? It does absolutely nothing. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays