Jesse Victors:
I've been running some exit nodes for some time now, and they're doing
well. They've burned through many terabytes of bandwidth, and thanks
to Tor's recommended reduced exit policy, complaints have been
minimal. Clearly the vast majority of the Tor traffic is not
malicious, but
Hi Greg,
Thanks for running a relay! You do not need to firewall outbound traffic.
On 07/11/2014 05:30 AM, Roman Mamedov wrote:
You do need to have all ports open outbound.
The reason is, your relay needs to be able to connect to all other relays, and
people run their relays on all sorts of
On Fri, 11 Jul 2014 11:02:00 +0200
Moritz Bartl mor...@torservers.net wrote:
However one thing to consider would be to restrict outbound port 22 and
port 53
outbound to not get into trouble with your provider due to suspicions of SSH
bruteforcing / DNS reflection attacks. This will break
On Friday 11 July 2014 11:02:00 Moritz Bartl wrote:
Correct. Your relay in any case needs to be able to connect to all
relays.
Unfortunately the assumption that every relay is able to connect to any other
relay does not hold. See https://trac.torproject.org/projects/tor/ticket/12131
If you
On 07/10/2014 07:23 PM, Jesse Victors wrote:
My ISP now tells me that they could reduce
the reports even further by routing the exits through a
next-generation firewall which apparently can detect an obvious
clearnet attack and drop that connection a few milliseconds after the
attack occurs.
On 07/11/2014 11:33 AM, Roman Mamedov wrote:
Agreed, but my point was that only a small minority of relays use port 22
(checked, 27 of them - more than I expected) or port 53 (just three relays),
so it may be a sacrifice that's worth making, in order to avoid losing the
ability to run Tor
On Fri, Jul 11, 2014, at 09:41 AM, Moritz Bartl wrote:
On 07/11/2014 11:33 AM, Roman Mamedov wrote:
Agreed, but my point was that only a small minority of relays use port 22
(checked, 27 of them - more than I expected) or port 53 (just three relays),
so it may be a sacrifice that's worth
Ryan Getz schreef op 11/07/14 16:19:
On Fri, Jul 11, 2014, at 09:41 AM, Moritz Bartl wrote:
On 07/11/2014 11:33 AM, Roman Mamedov wrote:
Agreed, but my point was that only a small minority of relays use port 22
(checked, 27 of them - more than I expected) or port 53 (just three relays),
so it
Alright - traffic is picking up a little after 24 hour. Netfow is showing a
bunch of outbound SSH connections but for some reason cant see it in the
syslog going out. Added ACL for outbound SSH and will watch. Not sure WTF
all the SSH traffic is all about.
gm
-Original Message-
From:
