-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Reading [1] I do wonder about that.
Why do Tor exit relay operators avoid installing a local resolver - or at least
simple a cache as shown in [2] ?
Adding different nameserver= lines to /etc/resolv.conf than 8.8.8.8 shouldn't
be a big thing, or ?
Why doesn't Tor just link with a dns recursor, instead of relying on the
user to get the configuration right?
Tom
Op 16/10/16 om 12:52 schreef Toralf Förster:
> Reading [1] I do wonder about that.
> Why do Tor exit relay operators avoid installing a local resolver - or at
> least simple a cache
It's not technically required when setting up Tor, so I think a lot of
people just forget about it. When I set up an exit relay, I knew I was
supposed to run a local DNS server, but I completely forgot to install it
until about a month later when the topic appeared in this list.
The other problem
On 16.10.16 14:33, Tom van der Woerdt wrote:
> Why doesn't Tor just link with a dns recursor, instead of relying on
> the user to get the configuration right?
It is not Tor's job to meddle with resolving DNS entries, and the notion
of "getting it right" varies. Asking Tor operators to think about
Op 16/10/16 om 14:50 schreef Ralph Seichter:
> On 16.10.16 14:33, Tom van der Woerdt wrote:
>
>> Why doesn't Tor just link with a dns recursor, instead of relying on
>> the user to get the configuration right?
>
> It is not Tor's job to meddle with resolving DNS entries, and the notion
> of "gett
On 16.10.16 14:52, Tom van der Woerdt wrote:
> If it affects the anonymity of users, it's Tor's job, no?
Tor cannot know what the "correct" resolver configuration is, because
this depends on requirements/limitations of local infrastructure. Using
public resolvers like 8.8.8.8 might be plain lazin
Maybe Tor could at least warn you when you're not using a local resolver?
On Oct 16, 2016 7:50 AM, "Ralph Seichter" wrote:
> On 16.10.16 14:33, Tom van der Woerdt wrote:
>
> > Why doesn't Tor just link with a dns recursor, instead of relying on
> > the user to get the configuration right?
>
> It
Do people have an an opinion on running postfix on an exit node? I was
thinking if I set up a .forward, I might be able to intercept a few
abuse complaints before my provider sees them.
Thoughts?
Cheers,
K.
___
tor-relays mailing list
tor-relays@list
On 16.10.16 16:56, k...@kenbaker.co.uk wrote:
> Do people have an an opinion on running postfix on an exit node?
I prefer not to expose any ports beyond what is required for Tor.
> I was thinking if I set up a .forward, I might be able to intercept a
> few abuse complaints before my provider see
I've got a few family members across the country who have broadband they
are not using for more than email and social. I wanted to go about setting
up a relay at each house can can be run with minimum amount of power and
attention. I was considering something like RaspPi or Compute Stick.
Main que
Humm, I've not checked on the torproject website, tuto how to build a
relay/exit...
It can be nice to link a tutorial : how to set up quickly and easily a
DNS resolver to increase privacy ?
May be exit operators can understand it's not really a big job to
apt-get install unbound (an example)
and u
The Raspberry Pi 2 runs Tor just fine, but I have no idea what speeds you
can expect since my upload is only 1Mbps. I was using Raspbian Jessie with
the official Tor repos. Once everything was installed and set up, the
system could literally just sit on a shelf with power and ethernet and be
comple
Unbound does cache DNS entries, but there was also serious discussion about
whether or not the cache is a privacy risk/anonymity leak, but I feel it's
worth the trade-off since public DNS servers do the same thing.
On Sun, Oct 16, 2016 at 2:23 PM, Petrusko wrote:
> Humm, I've not checked on the
Is there a way to know "who" has made this DNS query by reading the cache ?
May be you can know there are 30 people have looked for google.com
during the last 5 minutes, but "who" has made those DNS queries looks
like difficult ? (I'm not an expert on hacking :p )
16/10/2016 21:28, Tristan :
> Un
TL;DR, if I understand how Tor relays work, Unbound (or any local DNS
server) should see a request for example.com coming from localhost or
127.0.0.1. It answers the request, stores it in cache just in case, rinse
and repeat. The machine running the exit relay is the one that makes the
DNS request,
Hi!
Thanks for this info.
The good thing is 'onionoorcazzotwa' now provides almost current (status time is 2016-10-16 07:00:00 - which is 12hrs behind onionoo.torproject.org) data again.
The bad thing is that there's a huge gap in the data (ranging from 29.09. until 14.10.)... which makes it
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 16/10/16 22:05, Ralph Wetzel wrote:
> Hi! Thanks for this info. The good thing is 'onionoorcazzotwa' now
> provides almost current (status time is 2016-10-16 07:00:00 - which
> is 12hrs behind onionoo.torproject.org) data again. The bad thing
> is
* Karsten Loesing schrieb am 2016-10-16 um 22:11 Uhr:
> On 16/10/16 22:05, Ralph Wetzel wrote:
> > Hi! Thanks for this info. The good thing is 'onionoorcazzotwa' now
> > provides almost current (status time is 2016-10-16 07:00:00 - which
> > is 12hrs behind onionoo.torproject.org) data again. The b
Hi!
Very good. This one is accurate and 'gap-less'.
Thanks for your help!
Ralph
Gesendet: Sonntag, 16. Oktober 2016 um 22:13 Uhr
Von: "Jens Kubieziel"
An: tor-relays@lists.torproject.org
Betreff: Re: [tor-relays] OffTopic: onionoo.torproject.org as HS?
* Karsten Loesing schrieb am 20
A raspberry will do fine as long as you do not expect huge speeds.
The CPU is not capable of pushing data very fast.
Expect somewhere around 0,5 Mbyte/s (4 Mbit/s).
If you go smaller and cheaper you will not reach even that speed.
So it depends on what kind of speeds you are after.
A relay d
Thx for this share.
But I'm not sure how Unbound is "speaking" with the roots DNS servers...
Somewhere I've read that DNS queries can be forwarded by a "man in the
middle", and the server operator can't be sure about this :s
An ISP is able to do it with your "private server" hosted behind your
ISP
I do run a exit node on a raspberry today.
And a raspberry pi 3 can handle 50Mbit/sec (~5Mb/sec both directions.) without
any problems.
So I would say go for it. The pi are excellent to use as a Tor node.
/Fredrik
On sö, 16 okt 2016 22:37:51 +0200Farid Joubbi
The RPi is good to use as relay with your requirement. You can expect a
total transfer rate of 11 MBytes (100 Mbits/sec). If you use Raspberry
Pi 1 Model B+ you cannot use the official Tor repository, but the
Raspbian repos (armel) do it as well. The Pi 1 has a significant lower
power consumption w
I believe the 2 and 3 are the same price as the 1 though. At any rate, you
should probably compile the latest Tor from source if you can't use the
official repository.
On Oct 16, 2016 5:12 PM, "diffusae" wrote:
> The RPi is good to use as relay with your requirement. You can expect a
> total tra
Yes, you are right. That doesn't make a real big difference. To compile
from the source on RPi 1 would take several hours. It's better to use
some kind of cross compiling. On a RPi 2 or 3 you also could disable the
HDMI port and some other unused parts such as WiFi or Bluetooth, that
would also red
On Mon, 17 Oct 2016 01:01:06 +0200
diffusae wrote:
> Yes, you are right. That doesn't make a real big difference.
Yes it does make a real big difference. Get the Pi 3, the 1st Pi is an order
of magnitude slower.
> The RPi is good to use as relay with your requirement. You can expect a
> total t
On 10/16/2016 04:54 PM, Petrusko wrote:
> Thx for this share.
>
> But I'm not sure how Unbound is "speaking" with the roots DNS servers...
> Somewhere I've read that DNS queries can be forwarded by a "man in the
> middle", and the server operator can't be sure about this :s
> An ISP is able to do
> On 17 Oct 2016, at 13:37, Jesse V wrote:
>
> On 10/16/2016 04:54 PM, Petrusko wrote:
>> Thx for this share.
>>
>> But I'm not sure how Unbound is "speaking" with the roots DNS servers...
>> Somewhere I've read that DNS queries can be forwarded by a "man in the
>> middle", and the server opera
Earlier today I installed my relay and thought everything was good. Now
looking at the arm I no longer think so.
(1) Events (TOR/ARM NOTICE - ERR):
x 23:07:41 [ARM_NOTICE] Unable to prepopulate bandwidth information
(insuffic-
x ient uptime)
x 23:07:41 [ARM_WARN] The torrc differs from what t
> On 17 Oct 2016, at 15:31, Tamara West wrote:
>
> Earlier today I installed my relay and thought everything was good. Now
> looking at the arm I no longer think so.
>
> (1) Events (TOR/ARM NOTICE - ERR):
> x 23:07:41 [ARM_NOTICE] Unable to prepopulate bandwidth information
> (insuffic-
> x
On Mon, Oct 17, 2016 at 12:31:06AM -0400, Tamara West wrote:
> x 23:13:17 [WARN] Your server (207.172.253.216:80) has not managed to confirm
> x that its DirPort is reachable. Relays do not publish descriptors until
> x their ORPort and DirPort are reachable. Please check your firewalls,
>
SocksPort 0
RunAsDaemon 1
ORPort 443
Nickname saverig
ContactInfo sinister(dot)hama(at)googlemail(dot)com [tor-relay.co]
DirPort 80
ExitPolicy reject *:*
DisableDebuggerAttachment 0
ControlPort 9051
CookieAuthentication 1
There is no IP listed unless I located the incorrect file. /etc/tor/torrc
2
32 matches
Mail list logo