Re: [tor-relays] Pool of IP Addresses

On Sat, 04 May 2019 23:41:19 +, Iain Learmonth wrote: ... > It is not uncommon that a login session is tied to an IP address, That is already broken, at least for mobile devices - switching between WiFi and mobile data, and T-Mobile Germany also has the habit of changing IPv6 addresses when mo

Re: [tor-relays] german plans on banning TOR

On Wed, 06 Mar 2019 21:19:23 +, niftybunny wrote: ... > Thats every ISP on the world. Every ISP on the world lets you connect to the > internet. No, that legislation is restricted to restricted-access sites, i.e. tor onion services, or technially i2p as well (but nobody cares about that). >

Re: [tor-relays] Torproject onion-repo down (sdscoq7snqtznauu.onion/torproject.org) ?

On Tue, 15 Jan 2019 14:52:37 +, petra...@protonmail.ch wrote: > Is it just me having issues - today, I couldn't reach the onion-repository of > torproject.org at sdscoq7snqtznauu.onion anymore. Works for me. It's probably your tor node. I have the experience that any given tor instance someti

Re: [tor-relays] Jerk spammers on tor-relays

On Fri, 21 Sep 2018 18:23:48 +, Ralph Seichter wrote: ... > I'm not sure what type of spam you are referring to, but when I post to > this mailing list I see spamming attempts that are directly targeting my > MX, without using the mailing list infrastructure. The list admins would > not be able

Re: [tor-relays] Jerk spammers on tor-relays

On Fri, 21 Sep 2018 16:57:29 +, Ralph Seichter wrote: ... > Imagine an address A subscribed to this mailing list in a read-only > fashion (a.k.a. "lurker"). A uses list posts as triggers to send spam > from address B, which does not even need to be subscribed. How would > the list admins ever b

Re: [tor-relays] Updating relay using killall -hup command

On Wed, 18 Jul 2018 15:01:36 +, Matt Traudt wrote: ... > No. You have to restart the process, thus the relay. (Can you update any > other program without restarting it entirely? Wasn't exactly a feature but under SunOS/Solaris when you ran a program from an NFS mount, and recompiled it, the co

Re: [tor-relays] Is it possible to run a Web server and tor ORPort on the same port?

On Wed, 21 Feb 2018 21:38:56 +, pikami wrote: ... > I was wondering if it's possible to run a Web server and tor ORPort on the > same port. Not without code changes inside tor. There can only be one instance who accepts the SSL connections. This would be reasonably be the tor process, which w

Re: [tor-relays] No graph update for my relay in ATLAS

On Fri, 26 Jan 2018 08:40:46 +, teor wrote: ... > > Clients address guards by their IP address, and they try hard > > to only talk to their selected guard. If that guards hops to > > another address, they have no chance of noticing that and > > need to select another one. > > When the client g

Re: [tor-relays] No graph update for my relay in ATLAS

On Thu, 25 Jan 2018 19:06:40 +, Peter Ott wrote: ... > release upgrade-. A change of the IP-adress seems to be handled fine by TOR. That is only true for the client side. > This change by the ISP occurs at least every 3 days or so). Clients address guards by their IP address, and they try ha

Re: [tor-relays] Marker branch for current tor release(s)

(Earlier reply has somehow vanished...) On Mon, 08 Jan 2018 00:49:16 +, teor wrote: ... > When there are multiple supported tor versions, which one should be stable? > At the moment, we support 0.2.5 and 0.2.9 as long-term support, and 0.3.0 and > 0.3.1 as regular releases. The newest/highest

Re: [tor-relays] collecting info on Wikipedia blocking non-exits

On Tue, 02 Jan 2018 15:13:16 +, Alison Macrina wrote: > Hi friends, > > I'd like to collect some anecdata about this issue regarding Wikipedia > blocking edits from Tor non-exit relays: > https://trac.torproject.org/projects/tor/ticket/24758  > > If you run a non-exit relay, would you be so k

[tor-relays] Marker branch for current tor release(s)

Hi everybody, https://www.torproject.org/download/download.html.en in the source code 'tab' states the current stable and alpha version of tor. Would it be possible to publish the current states as branches 'stable' and 'alpha' (or 'testing', or 'unstable') in the git repo? That would help us to

[tor-relays] git branch to run from?

Hi everybody, what is the proper git branch to build and run a relay from? So far I was on release-0.2.9 and just switched to release-0.3.2, but it seems that on either what I pick up there isn't actually a recommended version. - Andreas -- "Totally trivial. Famous last words." From: Linus Tor

Re: [tor-relays] About relay size

On Mon, 02 Oct 2017 13:19:59 +, Scott Bennett wrote: ... > Huh? What kind of ISP NATs its customers' connections? All kinds of ISPs that were too late to grab enough IPv4 space for their customer base. Here in germany these are mostly the cable companies. Also, generally mobile IP. And

Re: [tor-relays] Some Dir Authorities blocked

On Sun, 17 Sep 2017 08:13:43 +, Scott Bennett wrote: ... > connections to other relays somewhere, those of us using packet filters could > include the rest of the missing addresses in aid of the connectivity you want. I really don't see what the point is in this filtering. Any attacker can jus

Re: [tor-relays] Rate setting in tor

On Thu, 07 Sep 2017 22:56:17 +, r1610091651 wrote: > RelayBandwidthRate 2048 KBytes > RelayBandwidthBurst 2048 KBytes > > But using arm, I'm seeing that tor is not honoring these settings, with > bursts frequently exceeding the value. That's the point of the Burst - there is a bucket that is

Re: [tor-relays] blocking >1 connections per ip address onto Tor DirPort

On Tue, 15 Aug 2017 23:52:31 +, Toralf Förster wrote: ... > Does a particular Tor server/client will open more than 1 connection at a > time from to the DirPort ? Even if not per se, multiple (old) clients behind a common NAT may do so. Andreas -- "Totally trivial. Famous last words." From

Re: [tor-relays] Tor exit nodes attacking SSH?

On Wed, 09 Aug 2017 10:58:01 +, Roman Mamedov wrote: ... > Did you try ssh'ing into 8.8.8.8 (outside of Tor)? It does not run a public > SSH server at all (obviously). 8.8.8.8 is (pretty certainly) anycast, and might have different setups in different instances. But, being google, they probabl

Re: [tor-relays] Go home GeoIP, you're drunk.

On Mon, 07 Aug 2017 08:41:31 +, Alexander Nasonov wrote: ... > It sounds like a country should be set by an operator in torrc rather > than relying on GeoIP. NSA: There are people excluding US exits? Just let's set some of ours to india. (Where that is probably not their modus ... > Does Excl

Re: [tor-relays] What kind of hardware do I need for my relay

On Mon, 20 Mar 2017 22:49:53 +, Farid Joubbi wrote: > I do mean Megabits. > I have learned a long time ago that Tor traffic throughput can't be compared > with ssh. No, but it can be used to roughly judge what the hardware is capable of. It doesn't help to throw more hardware at a node when i

Re: [tor-relays] What kind of hardware do I need for my relay

On Mon, 20 Mar 2017 21:03:57 +, Farid Joubbi wrote: > I have tried a Banana Pi Pro 1,2 GHz Allwinner A20 -> 10 Mbit/s max (debian) You do mean Mbit/s and not Mbyte/s? Even my old raspi B (first gen) needs only 30% CPU to process 12MBit/s (ssh), and my bananas transfer data via scp at 6 MByte/s

Re: [tor-relays] What kind of hardware do I need for my relay

On Mon, 20 Mar 2017 22:27:59 +, Olaf Grimm wrote: ... > My personal usage drives the internet line to full power, but Tor as my > MIDDLE RELAY doesn't use the full internet line power. Which is a good thing, by the way. Tor traffic is bursty, so when your tor node actually saturating the link

Re: [tor-relays] How can we trust the guards?

On Tue, 03 Jan 2017 11:34:19 +, Aeris wrote: ... > And there is also an hardware bottleneck, because every components (mainly > ethernet & SD card here) are connected to the same physical USB controller > limited to 480Mbps for *overall* transfer (network + disk + others USB). Which isn't th

Re: [tor-relays] How can we trust the guards?

On Mon, 02 Jan 2017 08:28:52 +, Rana wrote: ... > That US agencies are actively working to destroy anonymity of (hopefully only > selected, but who knows?) Tor users is an undisputable fact. Your implicit > assumption that Russia is also attacking Tor is, however, unfounded. Now, what is the

Re: [tor-relays] How can we trust the guards?

On Sun, 01 Jan 2017 23:54:03 +, Rana wrote: ... > I do not see how Sybil attacks relate to my question. The adversary will > simply set up new nodes, without messing with attacking identities of > existing ones. It will not go quite unnoticed when the set of major relays changes substantiall

Re: [tor-relays] What's a "useful" relay?

On Sat, 24 Dec 2016 10:11:51 +, Rana wrote: > @balbea16 ... > I am even more confused than you. My 1300 connections relay has a consensus > weight > > of 38 (thirty eight). That???s less than 1% of your weight,

Re: [tor-relays] Unwarranted discrimination of relays with dynamic IP

On Thu, 22 Dec 2016 11:25:11 +, Rana wrote: ... > I realize there could be pros and contras. Among the contras there could be > (for example) many small relays overloading the dirauths. I would like to > hear more about the contras. A Pi running at its line speed isn't exactly a small relay.

Re: [tor-relays] Tor relay from home - end of experiment?

On Wed, 14 Dec 2016 21:43:28 +, teor wrote: ... > The bwauth calculations do take latency into account, and they should: > if CPU usage or bandwidth are near their limit, the latency through the > relay will be high. I stand corrected. I observed my relays (a few years ago) to often run into

Re: [tor-relays] Tor relay from home - end of experiment?

On Wed, 14 Dec 2016 12:46:58 +, Rana wrote: >... > I beg to differ. My experiment with two identical Pies in the same country > showed that the alleged volume that the relay can carry IS dependent on how > well it is connected to the specific DirAuths (which represent "particular > places in

Re: [tor-relays] Tor relay from home - end of experiment?

On Wed, 14 Dec 2016 10:47:12 +, Rana wrote: > I want to reiterate my opinion that Tor network is "mistreating" home-based > relays without good reason: I was just about to jump in and state that it is similar with lower-bandwidth regular relays, but I checked. I have two relays, one new

Re: [tor-relays] Smallest, cheapest, lightest computer for tor relay

On Mon, 17 Oct 2016 08:18:51 +, Neel Chauhan wrote: ... > The disadvantage of the PC approach is space and higher power > consumption, but the advantage is that you can use *BSD and Windows, At least NetBSD is available for raspberries, and bananapi as well. Andreas -- "Totally trivial. F

Re: [tor-relays] 'No space left on device' glitch causing log failure

On Mon, 10 Oct 2016 15:15:46 +, Geoff Down wrote: ... > Needless to say, the disk is not full and 'tor' can write to that > directory just fine now. Question is whether it was full (or out of quota) at the time of these messages. MacOS has/had a habit of throwing a few GB on the disk and then

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

On Wed, 05 Oct 2016 14:52:53 +, Mirimir wrote: ... > >> no? Why should "... ssh foo@w.x.y.z ... ssh bar@w.x.y.z ... ssh > >> baz@w.x.y.z ..." get through, if it destroys exits? Maybe someone could ... > > for i in subdir/*; do ssh host mkdir -p "$i"; done > > > > with an ssh-agent would look

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

On Wed, 05 Oct 2016 13:48:19 +, Mirimir wrote: ... > exits unpredictably unreliable. On the other hand, IPS that only blocked > automated crap would be a win for real users, relay operators and ISPs, > no? Why should "... ssh foo@w.x.y.z ... ssh bar@w.x.y.z ... ssh > baz@w.x.y.z ..." get throug

Re: [tor-relays] Intrusion Prevention System Software - Snort or Suricata

On Wed, 05 Oct 2016 15:40:49 +, Ralph Seichter wrote: ... > I can see what motivates you. Personally, I can't think of a scenario > where I would use automation to set outbound traffic policies (inbound > traffic is a different matter, fail2ban comes to mind). How this? Everything to the OR po

Re: [tor-relays] DigitalOcean pricing (Re: tomhek - the (new) biggest guard relay operator)

On Tue, 13 Sep 2016 15:26:05 +, Admin Kode-IT wrote: ... > It's like you're running a Rasperry Pi 1 with an SSD and a good Network for > 5$/month. A Raspberry doesn't do GBit. Also, you forget to mention the traffic; I pay somewhat more to have more traffic allowance at my hoster even though

Re: [tor-relays] Exit relay funding

On Wed, 03 Aug 2016 13:40:03 +, t...@as250.net wrote: ... > our support. Just to make it clear: "appreciate" in this context > doesn't mean funding. All those yearswe didn't get as much as a "thank > you!" from anyone. Operating tor nodes is - like operating any invisible infrastructure - inhe

Re: [tor-relays] Darknet Shenanigans [was: suspicious "Relay127001" relays]

On Wed, 06 Jul 2016 15:06:00 +, grarpamp wrote: ... > https://boingboing.net/2016/07/01/researchers-find-over-100-spyi.html Is there a way to make tor log connection attempts to any ports on an hidden service address, independent of whether the port actually has a HiddenServicePort? > All qui

Re: [tor-relays] suspicious "Relay127001" relays

On Wed, 06 Jul 2016 02:29:00 +, Ivan Markin wrote: ... > But you're still able to restrict connections with these nodes using > plain blocking at your firewall. So circuits through these relays are > not able to be built anymore. That will cause issues for everyone that happens to select your

Re: [tor-relays] Why are you using torproject's RPMs? (was: We need a new RPM maintainer)

On Thu, 16 Jun 2016 21:08:49 +, nusenu wrote: ... > are you using torproject's RPMs (instead of those provided by your > distro maintainer)? Neither. I build from tor (and openssl) sources myself. Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds Date: Fri, 22 Jan 2010

Re: [tor-relays] Bandwidth Fallen Off Drastically

On Mon, 14 Mar 2016 22:06:24 +, stea...@nym.mixmin.net wrote: ... > What concerns me is that while running arm in graph mode, I rarely > see the bandwidth rate steadily flow around 500kb/s. It would surprise me if it did. I've posted two graphs on http://blog.apk.li/2016/03/15/tor-relay-traffi

Re: [tor-relays] Bandwidth Fallen Off Drastically

On Mon, 14 Mar 2016 22:06:24 +, stea...@nym.mixmin.net wrote: > RelayBandwidthRate to 500kb/s and RelayBandwidthBurst to 700kb/s. > What concerns me is that while running arm in graph mode, I rarely > see the bandwidth rate steadily flow around 500kb/s. My faster relay currently sees somewhat

Re: [tor-relays] How to prevent netscan usage?

On Sat, 28 Nov 2015 15:12:00 +, Roland 'ValiDOM' Jungnickel wrote: ... > nice try ;) If that would be true, limiting an exit to certain ports > would also violate that? No. Firewalling creates a difference between what you announce to do, and what you actually do. Exit police does not. Andrea

Re: [tor-relays] Tor exit node companion

On Tue, 17 Nov 2015 13:29:30 +, Eran Sandler wrote: ... > > Would serving port 25 also require a MX record in DNS, or do webiron and > > others send mail direct to the relay regardless of MX records? > > > > It will require an MX record. Not as far as I know. When there is no MX record on myn

Re: [tor-relays] Delete keys on reboot

On Wed, 22 Apr 2015 22:56:31 +, CJ Barlow wrote: > If I run > > rm -f /var/lib/tor/keys/* 2>&1 >> /home/[me]/reboot.txt > > it doesn't error (as long as I run it with sudo) but it also doesn't do > anything, You might do (ls -lart /var/lib/tor/keys echo /var/lib/tor/keys/* rm -f /var/lib

Re: [tor-relays] Relay operators: help improve this hardening document?

On Fri, 06 Feb 2015 11:08:47 +, when2plus2...@riseup.net wrote: ... > Iptables is an advanced firewall. Iptables is a pain in the ass for new > users to expertly configure. Basic settings aren't difficult, but I > don't want basic. I'm (apparently) in the minority on this, but my tor nodes d

Re: [tor-relays] Reminder: exit nodes probably shouldn't be using Google's DNS servers

On Thu, 08 Jan 2015 18:20:42 +, eric gisse wrote: ... > forwarders => [ '2001:4860:4860::8844', > '2001:1608:10:25::1c04:b12f', '2600::1' ], What are these addresses? (Did I miss that upthread?) Esp. the 2600::1 looks nice, and suitable for a certain magazine. :-) (And t

Re: [tor-relays] List of Relays' Available SSH Auth Methods

On Tue, 18 Nov 2014 10:09:37 +, Libertas wrote: > -BEGIN PGP SIGNED MESSAGE- ... > https://gist.githubusercontent.com/plsql/27e80e6dab421f8cba6c/raw/8bb0c7aa9d22b8c959834e9db8c80b6511bdf093/gistfile1.txt Ouch. You might run that in a few days and post the diff. :-) Andreas -- "Total

Re: [tor-relays] List of Relays' Available SSH Auth Methods

On Tue, 18 Nov 2014 18:10:02 +, Dan Rogers wrote: > > > IMO there could occasionally be reasons not to use key logins (although > I do normally disable pwd login). E.g. if I have a key, I then have > evidence somewhere (USB/HD), "Oh, that ssh key? That is for accessing my home server on DS

Re: [tor-relays] Port-Based Best-Fit Circuit Selection

On Wed, 17 Sep 2014 19:40:02 +, Paritesh Boyeyoko wrote: ... > The actual connection is fast enough to not suffer real latency issues, it's > just the relay doing the throttling > - do you think throttling to 0.5Mbit/s or 1Mbit/s will create issues of high > latency? I've set the advertized

Re: [tor-relays] Speed of my relay not correct on global list

On Mon, 21 Jul 2014 17:28:42 +, Josh wrote: ... > There are exploits that do not require any interaction from the user. > The sentiment that the rest of the list is trying to impress on you is > that by running a Tor nod on XP you are potential putting the entire Tor > network at risk to a mali

Re: [tor-relays] VPS for tor exit nodes

On Wed, 04 Jun 2014 05:19:30 +, I wrote: ... > > The meaning of 'can't have Tor' in their eyes is any form of Tor at all > absolutely. They don't want to think about it whatsoever. I tend to intentionally misread 'no tor' as 'no tor exit nodes', as this is what they would write, had they any

Re: [tor-relays] VPS for tor exit nodes

On Tue, 03 Jun 2014 14:56:10 +, I wrote: ... > Since some have said yes to exits when I paid but a week later 'introduced a > new policy' I wonder if it is worth being open. If you know what can be done > with fifteen VPSs for the next nine months which can't have Tor please tell > me. 'Can

Re: [tor-relays] NHS UK blocking Tor?

On Mon, 14 Apr 2014 23:37:35 +, Chris Whittleston wrote: ... > Access DeniedYou don't have permission to access "http://www.nhs.uk/"; on > this server. I could access them this morning via tor (unfortunately I can't tell which exit was used). May well be just not-yet-blacklisted. Andreas --

Re: [tor-relays] Relays vulnerable to OpenSSL bug: Please upgrade

On Tue, 08 Apr 2014 17:01:18 +, Moritz Bartl wrote: ... > immediately, especially larger relays. But don't worry too much, you'll > get your flags back eventually. :) But my name only very eventually? Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds Date: Fri, 22 Jan 2

Re: [tor-relays] is comcast throttling relays?

On Wed, 26 Feb 2014 07:47:31 +, Martin Kepplinger wrote: > Am 26.02.2014 06:09 schrieb Andreas Krey: ... > >Do you have 4Mbit/s uplink? That would be > >the 250k which is kBytes/s, not kBit/s. > > That's 2Mbit/s i'd say. Correct. I chalk that up to my cold. :-

Re: [tor-relays] is comcast throttling relays?

On Tue, 25 Feb 2014 19:43:02 +, Steve Rich wrote: > Hey, > I am running the following relay, and never see traffic going more than 250k. > Is Comcast throttling non-exit tor proxies? Do you have 4Mbit/s uplink? That would be the 250k which is kBytes/s, not kBit/s. > https://atlas.torproject.

Re: [tor-relays] [WARN] Your system clock just jumped 100 seconds forward; assuming established circuits no longer work.

On Tue, 18 Feb 2014 22:02:21 +, Zenaan Harkness wrote: > My tor logs (running on Debian) are showing this warning: > [WARN] Your system clock just jumped 100 seconds forward; assuming > established circuits no longer work. It may just be that your machine completely hangs for a while occasiona

Re: [tor-relays] Relay bandwidth

On Sat, 08 Feb 2014 11:56:23 +, Tora Tora Tora wrote: ... > On a similar subject, is there a way to limit Tor's "per connection" > speed, i.e., not total speed. No. > Assuming that a single connection carries > only one "conversation" between two parties at a time, wouldn't limiting > a singl

Re: [tor-relays] Understanding bandwidth rate

On Wed, 11 Dec 2013 04:14:41 +, BugZ wrote: ... > If the amount of data is not measured relative to time, how is it relevant? > > the internal variable is Relay_*Bandwidth*_Burst > > Doesn't "bandwidth" infer rate? You'd think, but it doesn't here. The algorithm is as follows: There is a var

Re: [tor-relays] Proper bandwidth units [was: Exit nodes on Gandi]

On Sat, 23 Nov 2013 02:50:03 +, grarpamp wrote: > > Why not just accept KB/sec, KiB/sec, GB/mo, GiB/mo in the config file? > > Because KB/sec would be rejected as not conforming to > either SI or IEC prefix specs. Why so? The SI prefix spec only specifies that K means 1000, it does not limit

Re: [tor-relays] Proper bandwidth units [was: Exit nodes on Gandi]

On Mon, 18 Nov 2013 13:33:05 +, grarpamp wrote: > >> People, can we please mind using the proper units. > > > > How is 'bytes' improper when that is the basic transfer unit of TCP/IP, > > and half of the underlying protocols? The only ones who really don't > > care about bytes are the layer 1 g

Re: [tor-relays] Proper bandwidth units [was: Exit nodes on Gandi]

On Mon, 18 Nov 2013 00:14:15 +, grarpamp wrote: ... > People, can we please mind using the proper units. How is 'bytes' improper when that is the basic transfer unit of TCP/IP, and half of the underlying protocols? The only ones who really don't care about bytes are the layer 1 guys. > I know

Re: [tor-relays] Proper bandwidth units [was: Exit nodes on Gandi]

On Mon, 18 Nov 2013 00:26:32 +, Roger Dingledine wrote: ... > I understand your perspective, but Tor is an overlay application just > like bittorrent. Tor moves bytes around. It happens that it moves the > bytes over the network, Is there anything nowadays that does move data on networks in fi

Re: [tor-relays] Checking a bridge

On Wed, 13 Nov 2013 12:12:35 +, and...@torproject.is wrote: ... > The bridge operator cannot find out to which pool you belong. ('you' meaning the 'bridge operator'?) You (as the operator) can find out the pool you're in; there is an API somewhere that tells you all the bridges, just without t

Re: [tor-relays] Traffic in port 9050 in a relay (denial of service attack?)

On Tue, 05 Nov 2013 14:09:40 +, Thomas Hand wrote: ... > Also, use iptables! If it is a dedicated VPS then drop anything you dont > recognize, What for? The ports that you want to block are rejected by the kernel anyway, as there is no one listening. (The minor added protection that malware ne

Re: [tor-relays] Amazon abuse report

On Thu, 31 Oct 2013 10:43:41 +, Paritesh Boyeyoko wrote: ... > This is something which has always confused/annoyed me. How can a Tor node > (unless it's exposing its SOCKS interface to the whole world) be classed as > an > "open proxy"? The 'open proxy' is simply a tag on the IP address; i

Re: [tor-relays] node list or moral discussion forum

On Mon, 02 Sep 2013 21:39:35 +, Yoriz wrote: > That Guy wrote: > > to remove this soap opera from a technical mailing list. > > > "Soap opera"? Apparently you are missing the point. The soap opera was the part where someone tried to filter tor traffic on moral grounds which is obviously not

Re: [tor-relays] A bit more evidence on circuit creation storms

On Thu, 29 Aug 2013 19:35:37 +, Gordon Morehouse wrote: ... > Aug 29 18:19:14.000 [notice] Your network connection speed appears to > have changed. Resetting timeout to 60s after 18 timeouts and 172 > buildtimes. Random data point: I had these yesterday on a VPS-based relay. > My main questio

Re: [tor-relays] new relays

On Tue, 27 Aug 2013 23:12:01 +, Tor Exit wrote: >GET /index.php?file=../../../../../../../etc/passwd > > Why not employ similar techniques on a Tor exit? We can be 100% sure about > the malicious intent. No, you can't be sure. That request could quite well be totally legitimate; you are

Re: [tor-relays] new relays

On Tue, 27 Aug 2013 11:08:34 +, Jon Gardner wrote: ... > Then why have exit policies? To keep spammers at bay (or getting your exit blacklisted); to keep traffic at bay (bittorrent), to keep law harrassment at bay (again bittorrent, others as well). > Exit nodes regularly block "unwelcome" tr

Re: [tor-relays] Config Tor Exit Node

On Wed, 21 Aug 2013 18:04:53 +, var wrote: ... > The exit node is directly plugged in to the gateway. Its an DIR-655 > which just have to run our internet > traffic + the tor exit node. Does the exit node get a public IP address there? ... > Problem is that wh

Re: [tor-relays] Home broadband - worth running a relay?

On Tue, 30 Jul 2013 19:48:22 +, Gordon Morehouse wrote: ... > True. And veering OT, but have you tried mosh yet? It's ideal for some > situations over Tor, or where the client changes connections often. No, I built something for that situation myself around the same time and am just rewritin

Re: [tor-relays] Home broadband - worth running a relay?

On Tue, 30 Jul 2013 16:48:13 +, Roger Dingledine wrote: ... > Relays that don't have sufficient mean-time-between-failure don't get the > Stable flag, and streams whose destination ports are in the LongLivedPorts > list avoid relays that don't have the Stable flag. Sorry, I should really have

Re: [tor-relays] Home broadband - worth running a relay?

On Tue, 30 Jul 2013 08:03:58 +, Gordon Morehouse wrote: > It'd be nice if dynamic DNS could solve this somehow, but it can't with > the current implementation. :/ Even if - it wouldn't help those users that have an open connection through the bridge (or relay) while it does change IP address.

Re: [tor-relays] relay uptime

On Mon, 22 Jul 2013 10:40:59 +, l3thal wrote: > Hi, > > I recently edited my torrc and accidentally did restart instead of reload > so my uptime was reset. > Will this negatively impact the 60 days to get a tshirt? If you're really into it for the tshirt you can have mine in the interim (whic

Re: [tor-relays] Checking my Tor bridge and adventage of dynamic ip addresses

On Fri, 19 Jul 2013 09:05:15 +, nobleeightfoldp...@lavabit.com wrote: ... > How can I check my bridge is really working? Take a tor browser bundle and set it up to use only your bridge, and run it on another internet connection. (That does not check whether it is in the bridge database.) > An

Re: [tor-relays] Bandwidth Spike

On Fri, 19 Jul 2013 00:20:20 +, Bryan Carey wrote: > I'm a fairly new Tor relay operator and noticed something peculiar with my > bandwidth for the relay recently. It seems to have jumped WAY up and just > plateaued at what I have the peak bandwidth limit set at. Someone is doing a big downloa

Re: [tor-relays] [tor-talk] Theft of Tor relay private keys?

On Tue, 02 Jul 2013 12:33:10 +, Mike Perry wrote: ... > But I got distracted by more pressing issues before I could finish the > scripts.. Also, many of those encrypted+authenticated Tor container > things probably don't make much sense without Secure Boot to > authenticate the boot process up

Re: [tor-relays] Is TOR using more than just OrPort and DirPort?

On Sun, 12 May 2013 17:08:20 +, Daniel Wu wrote: > Is there any way to configure which range of ports Tor uses for outgoing > relay traffic? Doesn't look like. I didn't find a config option for that. Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds Date: Fri, 22 Jan 20

Re: [tor-relays] Is TOR using more than just OrPort and DirPort?

On Sun, 12 May 2013 13:45:03 +, Daniel Wu wrote: > I just started a relay (non-exit node, not running a client myself), on > Windows, using the latest Vidalia Relay Bundle. Looks like from the > configuration, given that I'm running in relay mode, there should be only > two ports used by Tor (

Re: [tor-relays] A call to arms for obfuscated bridges

On Sun, 21 Apr 2013 10:23:06 +, Moritz Bartl wrote: > On 19.04.2013 20:59, Andreas Krey wrote: > > And a long download later I learned that the obfsproxy bundle > > doesn't work on this old XP (just the obfsproxy plugin, actually, > > the browser itself does).

Re: [tor-relays] What is "regular" traffic on an obfuscated bridge

On Fri, 19 Apr 2013 12:34:39 +, Torry Torah wrote: ... > My question is: is it a "normal" amount of traffic on an obf bridge? I'd say 'yes'. What is 'normal' depends on how many and what kind of users get to pick your bridge. > I've set up the 2 obf bridges 8 hours ago, give or take, maybe is

Re: [tor-relays] A call to arms for obfuscated bridges

On Fri, 19 Apr 2013 20:07:43 +, Andreas Krey wrote: ... > > So, one more obfs3 bridge (apparently, no client at hand yet) up. And a long download later I learned that the obfsproxy bundle doesn't work on this old XP (just the obfsproxy plugin, actually, the browser itself does).

Re: [tor-relays] A call to arms for obfuscated bridges

On Fri, 19 Apr 2013 19:49:12 +, Martin Weinelt wrote: ... > A missing Python.h is probably contained in your python2.6-dev > package. Ah, thanks. Now caching 'Python.h => python-dev' relation. So, one more obfs3 bridge (apparently, no client at hand yet) up. Andreas -- "Totally trivial. Fa

Re: [tor-relays] A call to arms for obfuscated bridges

On Fri, 19 Apr 2013 13:50:48 +, Lunar wrote: > Drake Wilson: > > - bypass declared installation requirements, use 2.6.6, and blindly > > hope that it won't result in some awful subtle bug; > > obfsproxy works on Debian Squeeze which bears 2.6.6. I had to patch the Mind to provide any mo

Re: [tor-relays] big spike in cpu usage

On Mon, 08 Apr 2013 08:47:56 +, Sebastian Hahn wrote: > ... > Now, it's entirely possible I'm missing something big here; or that the > code changed and now does something different; or that it used to do > something different, etc. Andreas, can you please explain more? At least the original

Re: [tor-relays] big spike in cpu usage

On Sun, 07 Apr 2013 19:42:25 +, Moritz Bartl wrote: ... > 1000 MB (per second!) is not a useful setting. No, its not 'per second'. It is the amount of allowed traffic that can be saved up while not hitting the BandwidthRate to be used up when the BandwidthRate is exceeded. Using up that saving

Re: [tor-relays] big spike in cpu usage

On Sun, 07 Apr 2013 12:47:05 +, Mi??osz Gaczkowski wrote: > On 07/04/2013 08:12, N Owen Gunden wrote: > >Does tor traffic generally fluctuate a lot with time of day? > > I'm pretty new to tor, but in my experience it does fluctuate quite a > lot. With my settings of: > > RelayBandwidthRate 1

Re: [tor-relays] On the way to more diversity

On Wed, 03 Apr 2013 09:47:06 +, Moritz Bartl wrote: ... > The next step is to also professionalize bridges hosting. It is quite a > shame that we only have a few hundred bridges in total. The situation > got worse now that regular bridges are blocked in several countries, and > in China only ob

Re: [tor-relays] Newbie question

On Fri, 01 Feb 2013 15:56:48 +, Chuck Bevitt wrote: > I'm running an exit node using my home ISP (yes, I've read the warnings). My > question is: what happens when my ISP changes my IPAddress? Will existing > connections to my node be lost and will the node reestablish itself? When your addr

Re: [tor-relays] MaxAdvertisedBandwidth advice please

On Fri, 04 Jan 2013 13:36:20 +, mick wrote: ... > But this morning I noticed that the new server had stopped and tor > says in it's log "Your computer is too slow to handle this many circuit > creation requests! Please consider using the MaxAdvertisedBandwidth > config option or choosing a m or

Re: [tor-relays] setting up a Tor exit node

On Thu, 29 Nov 2012 11:16:35 +, Julian Yon wrote: ... > Well, no. You could add some code to drop any connections you don't > like (i.e. those you can't snoop). Yes, but that would make you stand out detectably, wouldn't it? Andreas -- "Totally trivial. Famous last words." From: Linus Torva

Re: [tor-relays] setting up a Tor exit node

On Thu, 29 Nov 2012 11:50:13 +, esolve esolve wrote: ... > You mean I can't make it only function as an exit node using TBB? > or it is no way to make it function only as an exit node except that I > modify the source codes? Path selection is done on the originating tor node; if you announce y

Re: [tor-relays] DFRI is running two sponsored exits

On Mon, 26 Nov 2012 01:27:39 +, Linus Nordberg wrote: ... > We could technically run bridges too but we would have to discuss this > internally some more first. Do we really want to take money for running > entry _and_ exit relays? Isn't that exactly how you'd attack Tor users > if you had the

Re: [tor-relays] How to diagnose lack of traffic on bridge?

On Thu, 25 Oct 2012 16:33:03 +, Steve Snyder wrote: ... > How can I diagnose the failure of my bridge to garner any traffic? I assume you didn't set 'PublishServerDescriptor 0' in the tor.rc. Then the next step would be to check which pool the bridge ended up in, like (replace 'name' with you

Re: [tor-relays] Permissible traffic volume log density

On Tue, 23 Oct 2012 20:32:25 +, admin wrote: ... > > I do similar, but I run a simple cronjob around ifconfig. :-) Also for > > seeing the total traffic consumption on my relays (and my home DSL). > > I then feed that into gnuplot for some graphs for me to see; and > > the interplay of R

[tor-relays] Permissible traffic volume log density (was: Announcing the Walla Walla Project)

On Thu, 18 Oct 2012 13:29:46 +, admin wrote: ... > Reading your response, I guess that I totally misunderstood Jacob's actual > question As far as I understood Jacob asked you how many traffic data point you log, and I asked him how many are acceptable. (And pointed out that the given screen,

Re: [tor-relays] Announcing the Walla Walla Project

On Thu, 18 Oct 2012 00:21:57 +, Jacob Appelbaum wrote: ... > Could you confirm that you do not keep finger grain logs than the > following vnstat? What is the acceptable granularity here? > http://198.100.153.205/vnstat_m.png That looks like by month, but the question is rather how often the

Re: [tor-relays] Min. Bandwidth for Bridge Relay?

On Thu, 20 Sep 2012 08:28:46 +, Jon wrote: > Why not run an exit relay from home? I have done it for 4 yrs, Depending on your jurisdiction and what people happen to do via your exit this may earn you a police search of your home and confiscation of all computers there. If you don't mind that r

  1   2   >