Re: [tor-relays] Aggressive abuse report
Hey Florentin, That is great to hear! I always include the argument that I am complying with their wishes. But it is totally pointless as I am not the only exit node. If they are truly interested in stopping abuse/attacks, they can block all exit nods as they are publicly provided by tor. But not all criminals use tor, some just used compromised servers and such. Block Tor completely does not block all abuse. And so security should be improved on the "complaining" server, no matter if it is reachable by tor or not. This leads me to the question if they are serious about security, or serious about undermining privacy with excuses and legal loopholes. The trick is to not offend anyone when making these statements. Offended people usually have a hard time listening to reason, and only focus on the damage to their image. Even if it is a private conversation. Maarten. Florentin Rochet wrote on 16-03-17 12:18: > Hi Maarten (and others who answered back), > > I got a few more mail exchange with them. I tried to educate a bit and > it seems they agreed (not explicitly) that the right to privacy is > something that should not be removed to people due to the illegal > actions of a few others. They told me to be forced by law, as a service > provider, to do their best to reduce this kind of illegal traffic. > > I told them I will reject targeted IPs seen in more than one complain. > In my opinion, that's an appropriate tradeoff. Right now, it seems that > I will not get banned :-) > > I appreciate the help, > > Florentin > > On 2017-03-14 17:08, Maarten wrote: >> Hi Florentin, >> >> Read the policy of your hoster. >> I had the same situation and already configured a reduced exit policy. >> So I just changed my exit policy. Now I do not relay to their entire IP >> block on port 80 anymore. So it can't happen again.. >> >> My hoster was fine with that. >> Along with this I sent an explenation that I am not the only Exit node >> and how to easily block all exit nodes. (The default text from the tor >> project website) >> >> I had the luck that the employee agreed that Tor's value to society >> makes the abuse acceptable. >> >> Maarten. >> >> Florentin Rochet wrote on 14-03-17 13:41: >>> Hi list, >>> >>> I am running Kadoc[0] for a few weeks and got today a more aggressive >>> complain from a System Administrator of my VPS provider. I seek for an >>> appropriate response to not get banned. Does someone experienced a >>> similar scenario and succeeded to educate the sys admins ? Here's the >>> complain: >>> >>> /"It is running a Tor Exit, hence producing a false positive." is not a >>> valid reason.// >>> //You are the one responsible for the traffic generated on/trough your >>> server, so you should make sure that no similar traffic will appear in >>> future. Illegal actions are strictly prohibited in our network/servers.// >>> //Please take immediate actions to stop this kind of activity./ >>> >>> I am almost sure that trying to argument that I am not responsible for >>> the traffic generated through my Exit is not the right angle with such >>> guy. Any ideas ? >>> >>> Best, >>> >>> Florentin Rochet >>> >>> [0] >>> https://atlas.torproject.org/#details/171696AFDB589CA2C4978EED2C6A91153D2B993B >>> >>> >>> >>> ___ >>> tor-relays mailing list >>> tor-relays@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >>> >>> >>> >>> ___ >>> tor-relays mailing list >>> tor-relays@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > <>___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Aggressive abuse report
Hi Maarten (and others who answered back), I got a few more mail exchange with them. I tried to educate a bit and it seems they agreed (not explicitly) that the right to privacy is something that should not be removed to people due to the illegal actions of a few others. They told me to be forced by law, as a service provider, to do their best to reduce this kind of illegal traffic. I told them I will reject targeted IPs seen in more than one complain. In my opinion, that's an appropriate tradeoff. Right now, it seems that I will not get banned :-) I appreciate the help, Florentin On 2017-03-14 17:08, Maarten wrote: Hi Florentin, Read the policy of your hoster. I had the same situation and already configured a reduced exit policy. So I just changed my exit policy. Now I do not relay to their entire IP block on port 80 anymore. So it can't happen again.. My hoster was fine with that. Along with this I sent an explenation that I am not the only Exit node and how to easily block all exit nodes. (The default text from the tor project website) I had the luck that the employee agreed that Tor's value to society makes the abuse acceptable. Maarten. Florentin Rochet wrote on 14-03-17 13:41: Hi list, I am running Kadoc[0] for a few weeks and got today a more aggressive complain from a System Administrator of my VPS provider. I seek for an appropriate response to not get banned. Does someone experienced a similar scenario and succeeded to educate the sys admins ? Here's the complain: /"It is running a Tor Exit, hence producing a false positive." is not a valid reason.// //You are the one responsible for the traffic generated on/trough your server, so you should make sure that no similar traffic will appear in future. Illegal actions are strictly prohibited in our network/servers.// //Please take immediate actions to stop this kind of activity./ I am almost sure that trying to argument that I am not responsible for the traffic generated through my Exit is not the right angle with such guy. Any ideas ? Best, Florentin Rochet [0] https://atlas.torproject.org/#details/171696AFDB589CA2C4978EED2C6A91153D2B993B ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Aggressive abuse report
On 14.03.2017 15:36, Juuso Lapinlampi wrote: > My concern with this is the liability on operator. In Finland (and > Europe?) Yes, this is "harmonized" and modelled after the US DMCA law, in Europe in the "e-Commerce directive" respectively the federal implementations. See https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines (and add links to your local implementation!) > I believe FICORA has advised blocking ports as necessary for security > reasons (e.g. port 25) is fine, but when it's being extended to > IP-address and/or port combinations, that's where it starts becoming > gray (in regards to #2). I would argue it's not. Since you advertise that your network cannot be used for these ports and/or IPs, you do not influence the "selection of the recipient". Otherwise, any network that only routes to particular destinations would lose limited liability, which would be pretty much against how the Internet works. > So far, replying to every abuse complaint and giving advice how to block > Tor using DNSBL or similar has worked for me. I can see it's probably > not what original poster's ISP would like to hear to have the issue > resolved, but it's less ambiguous on law and limited liability. Thus, I > suggested looking into other more friendly ISPs. I agree, helping the "other side" to understand Tor and how to NOT BLOCK using DNSBLs but rather use DNSBLs as a component to identify potentially harmful connections, and treat those differently (eg. require user registration) is a lot better. Having Wordpress plugins and similar things for the most popular CMS would help a lot, if those plugins guide you through a process where you don't end up simply blocking all Tor users right away. In many cases, ISPs are OK if you explain your options, they just want to see you "dealt with it" within a reasonable timespan (~24 hours) and are in touch with the sender of the complaint. -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Aggressive abuse report
Hi Florentin, Read the policy of your hoster. I had the same situation and already configured a reduced exit policy. So I just changed my exit policy. Now I do not relay to their entire IP block on port 80 anymore. So it can't happen again.. My hoster was fine with that. Along with this I sent an explenation that I am not the only Exit node and how to easily block all exit nodes. (The default text from the tor project website) I had the luck that the employee agreed that Tor's value to society makes the abuse acceptable. Maarten. Florentin Rochet wrote on 14-03-17 13:41: > Hi list, > > I am running Kadoc[0] for a few weeks and got today a more aggressive > complain from a System Administrator of my VPS provider. I seek for an > appropriate response to not get banned. Does someone experienced a > similar scenario and succeeded to educate the sys admins ? Here's the > complain: > > /"It is running a Tor Exit, hence producing a false positive." is not a > valid reason.// > //You are the one responsible for the traffic generated on/trough your > server, so you should make sure that no similar traffic will appear in > future. Illegal actions are strictly prohibited in our network/servers.// > //Please take immediate actions to stop this kind of activity./ > > I am almost sure that trying to argument that I am not responsible for > the traffic generated through my Exit is not the right angle with such > guy. Any ideas ? > > Best, > > Florentin Rochet > > [0] > https://atlas.torproject.org/#details/171696AFDB589CA2C4978EED2C6A91153D2B993B > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > <>___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Aggressive abuse report
If its an exit just use the reduced reduced exit policy - I dont get any abuse complaints apart from those heroes at webiron Cheers Mark B Snaptor.co.uk (non commercial) > On 14 Mar 2017, at 14:36, Juuso Lapinlampiwrote: > >> On Tue, Mar 14, 2017 at 02:17:14PM +0100, Moritz Bartl wrote: >> about it" might not be the best argument here either: I suggest you >> block the destination IP address(es) for some weeks via ExitPolicy, let > > My concern with this is the liability on operator. In Finland (and > Europe?), the limited liability provisions have three criteria for > service/network providers (Tietoyhteiskuntakaari 7.11.2014/917, 182 § > Vastuuvapaus tiedonsiirto- ja verkkoyhteyspalveluissa): > > 1. You're not the one initiating the network transfer; > 2. You're not selecting the recipient; and > 3. You don't select or modify the data to be transferred. > > I believe FICORA has advised blocking ports as necessary for security > reasons (e.g. port 25) is fine, but when it's being extended to > IP-address and/or port combinations, that's where it starts becoming > gray (in regards to #2). > > So far, replying to every abuse complaint and giving advice how to block > Tor using DNSBL or similar has worked for me. I can see it's probably > not what original poster's ISP would like to hear to have the issue > resolved, but it's less ambiguous on law and limited liability. Thus, I > suggested looking into other more friendly ISPs. > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Aggressive abuse report
On Tue, Mar 14, 2017 at 02:17:14PM +0100, Moritz Bartl wrote: > about it" might not be the best argument here either: I suggest you > block the destination IP address(es) for some weeks via ExitPolicy, let My concern with this is the liability on operator. In Finland (and Europe?), the limited liability provisions have three criteria for service/network providers (Tietoyhteiskuntakaari 7.11.2014/917, 182 § Vastuuvapaus tiedonsiirto- ja verkkoyhteyspalveluissa): 1. You're not the one initiating the network transfer; 2. You're not selecting the recipient; and 3. You don't select or modify the data to be transferred. I believe FICORA has advised blocking ports as necessary for security reasons (e.g. port 25) is fine, but when it's being extended to IP-address and/or port combinations, that's where it starts becoming gray (in regards to #2). So far, replying to every abuse complaint and giving advice how to block Tor using DNSBL or similar has worked for me. I can see it's probably not what original poster's ISP would like to hear to have the issue resolved, but it's less ambiguous on law and limited liability. Thus, I suggested looking into other more friendly ISPs. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Aggressive abuse report
Hi list, I am running Kadoc[0] for a few weeks and got today a more aggressive complain from a System Administrator of my VPS provider. I seek for an appropriate response to not get banned. Does someone experienced a similar scenario and succeeded to educate the sys admins ? Here's the complain: /"It is running a Tor Exit, hence producing a false positive." is not a valid reason.// //You are the one responsible for the traffic generated on/trough your server, so you should make sure that no similar traffic will appear in future. Illegal actions are strictly prohibited in our network/servers.// //Please take immediate actions to stop this kind of activity./ I am almost sure that trying to argument that I am not responsible for the traffic generated through my Exit is not the right angle with such guy. Any ideas ? Best, Florentin Rochet [0] https://atlas.torproject.org/#details/171696AFDB589CA2C4978EED2C6A91153D2B993B ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays