Re: [tor-relays] OS diversity of tor relays (was Re: Relay uptime versus outdated Tor version)

> Learning these OS can have other, peripheral benefits Very true. For reference, Solaris has been more or less dead ever since Oracle killed Sun and re-closed it. Now it's officially dead beyond "support" contracts, subject only to any benevolent and heroic zombie efforts, which are extremely

Re: [tor-relays] About relay size

On Mon, Oct 2, 2017 at 3:53 AM, Santiago wrote: >> And you can only have 2 tor instances per public IPv4 address. > > Why? Is there any place where I can find this kind of info? Read the archives of this list linked at the bottom of every message. As an operator you'll

Re: [tor-relays] Feedback wanted: letter to my university's library

If for library regarding preserving knowledge, and other sales tactics You might be able to present for supporting an anonymous encrypted storage platform... such as Tahoe-LAFS, MaidSafe, IPFS, Bitcoin full nodes, Zensystem.io, a Wiki, NNTP, there are many more such "store of data /

Re: [tor-relays] IP Forwarding ON - on the host with tor relay - any risk ?

On Tue, Aug 8, 2017 at 8:26 AM, Muppet96 wrote: > IP Forwarding > Is there any security risk if this feature will be enabled on the tor-relay > host ? Security is more than a config toggle and depends on your setup and goals, neither of which we know, or are really

Re: [tor-relays] Any IP allocations available out there?

On Sat, Aug 26, 2017 at 6:38 AM, Paul Templeton wrote: >> If you're interested in becoming your own ISP (obtaining your own ASN, >> IPv6 and IPv4 scopes), you'll need to apply via APNIC, as I did in the >> US with ARIN. > > Would if I could - but here in AU you have to log all

Re: [tor-relays] Any IP allocations available out there?

These days, layer 3 IP is nothing other than handy identifier for layer 2 and below traffic characterization and probing. So long as everyone continues whining about bandwidth, which can perhaps be mostly free at link layer, or are being anti-mix, as starter defenses... they'll get no solution.

[tor-relays] Detecting Network Attack [re: exit synflooded]

On Fri, Nov 24, 2017 at 6:23 PM, wrote: > Was anyone else's exit being synflooded yesterday and today? There could be a combined monitoring array deployed among all nodes that might start to answer these questions. And further alert on all sorts of interesting network attacks

Re: [tor-relays] Detecting Network Attack [re: exit synflooded]

On Sat, Nov 25, 2017 at 5:15 PM, teor wrote: > need a privacy-preserving aggregation scheme > (Otherwise, anyone who can remotely trigger a rare protocol > violation can find out which relays a client or onion service is using.) The above don't necessarily lead to each

Re: [tor-relays] Detecting Network Attack [re: exit synflooded]

> kernel: nf_conntrack: table full, dropping packet If rules are dropping exit traffic based on other than traffic content, it's very hard to say other users are not adversly affected with the same, likely quite unsophisticated, hammer. And doing it based on content usually comes with major legal

Re: [tor-relays] Detecting Network Attack [re: exit synflooded]

The subject of this new thread is detecting network attack upon tor network / relays itself. You report is users using tor's exits / exit traffic from relays, which would be excluded from such monitoring, most absolutely in any identifiable manner. If the exit traffic bothers you, exitpolicy

Re: [tor-relays] Exit from Different IP from OR Port

>> The trouble now >> is too many are sites apply blanket bans on Tor exits. > Starting with tor 0.3.0.x if your exit relay has multiple public IP > addresses you can use one of them for exiting only without the need of > an additional VPN (which degrades performance) Depending on setup,

Re: [tor-relays] Fwd: someone is livestreaming a bad exit

> This guy does not seem to understand why his “experimentation” was dangerous. What's more dangerous than some youtube stunt would be foolishly failing to understand that perhaps half the nodes out there could easily be secret experiments, even mass sybil operations, dangerous to the users and

Re: [tor-relays] my IP got blocked

>> dnsbl.info used to provide two tor-related lists: (1) all nodes and (2) >> exits. >> Some webmasters could use the first one by mistake. > > https://www.dan.me.uk/dnsbl still does, and some webmasters do use the first > one. Link related to this thread characterizing some blocking...

Re: [tor-relays] [tor-dev] Detecting multi-homed exit relays (was: Onion auto-redirects using Alt-Svc HTTP header)

>> Detecting exit nodes is error prone, as you point out. Some exit nodes >> have their traffic exit a different address than their listening >> port. Hey does Exonerator handle these? > > Right. It's not trivial for tor to figure out what exit relays are > multi-homed -- at least not without

Re: [tor-relays] Testers needed for Nyx beta release

>> > $ sudo -u _tor ./run_nyx -i 127.0.0.1: >> > nyx: environment corrupt; missing value for >> > File "/usr/home/ryan/nyx/stem/util/conf.py", line 289, in wrapped >> > return func(*args, config = config, **kwargs) >> > File "/usr/home/ryan/nyx/nyx/starter.py", line 90, in main >> >

Re: [tor-relays] Exit Node Checking

>> Does anyone have a script for periodically updating strick exit nodes lists >> after running an inspection as per >> https://tc.gtisc.gatech.edu/bss/2014/r/spoiled-onions-slides.pdf or similar? >> Looking to help protect against crypto transaction sender redirect attacks. > > Trying to

Re: [tor-relays] Testers needed for Nyx beta release

>> It's probably worth looking into why that's happening if you are able; >> whether nyx/stem/python is somehow causing that, or if it's something >> wrong/weird with your machine. > > Looks like the same bug (or a very similar one) has been found before: >

Re: [tor-relays] DoS attacks on multiple relays

Furthermore, nodes that think they're being smart and protecting their nodes and the network by filtering out who can access their OR ports... aren't... because - A real attack from clearnet will wipe out significant numbers of the rest of the network leaving their OR's with far fewer left

Re: [tor-relays] ISP is aking me to send a selfie holding my identity card

> Sent them their stuff they demanded and 2 days later my > account was restored and they are “fine” with abuse. Because doing KYC and Gestapo on operators over "bad" traffic that you're already not responsible for somehow magically turns it into "good" traffic that you are responsible for. Lol,

Re: [tor-relays] DoS attacks on multiple relays

> [tor project regularly publishes exit addresses] ... Which thankfully not all blockers (censors) use, and equally some relay operators then leverage their anti censorship philosophy into those holes. > I call attention to the fact that the tor project has already decided > against Exit node

Re: [tor-relays] DoS attacks on multiple relays

The advantages for tor users against censorship, of operators making some fraction of all exit nodes exit from different addresses than those addresses present in consensus, have been explained many times on this list. It's also been noted that in at least one instance, some exit operators

Re: [tor-relays] DoS attacks on multiple relays

> Outbound addresses aren't secret, because they are used for connections. > > Roger has claimed here that some of them are indeed secret in the sense > that their owners do *not* want them to be published > > Then maybe you should respect their wishes? Exactly. Just like bridges that want to

Re: [tor-relays] Strange BGP activity with my node

ted by our own NOC team and reverted. > > I hope you can accept our sincere apologies for this issue, we have taken > steps to ensure that any similar mistake will not have such impact in > future. > *snip* > > On Wed, May 9, 2018 at 11:54 AM, grarpamp <grarp...@gmail.com

Re: [tor-relays] Strange BGP activity with my node

On Wed, May 9, 2018 at 2:06 PM, Trevor Ellermann wrote: > I just a notification from my data center that someone is trying to hijack > the IP of my exit node. Seems like the sort of thing someone might do when > trying to attack Tor. I'm in a very remote area with limited

Re: [tor-relays] DigitalOcean bandwidth billing changes

> Have a look at https://lowendtalk.com/categories/offers they usually have good > offers in various locations. Operators can also post there and webhostingtalk colotalk dslreports and some network operator groups, etc... seeking services. Many have roots and would like to help the various

Re: [tor-relays] lets stop using central big DNS resolvers (Google, Level3, OpenDNS, Quad9, Cloudflare)

On Sun, May 13, 2018 at 9:34 AM, Paul wrote: > How do i protect against overwriting best in FreeBSD (maybe there could be a > hint on > https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#DNSonExitRelays ) > as well? On FreeBSD, the simple default answer to the OP

Re: [tor-relays] Why adding more Nodes won't help?

Paths are driven by the client and unchecked, it's not hard to do. However first you're better off taking a serious look at your threat model, which you've not mentioned at all for anyone to help you qualify it and any potential solutions therein, before turning random knobs in whatever anonymous

Re: [tor-relays] VPNGate Project Exit Node Volunteers / I2P

On Tue, May 22, 2018 at 10:13 AM, Paul wrote: >> For those relay operators who may have extra >> non tor listed IP addresses and want to help >> a related projects / userbase. >> https://geti2p.net/ >> I2P also has an exit proxy function. > > Why is it important to have a "non tor

Re: [tor-relays] Spam Emails Received From This Mailing List

There's no point in overhead of repeatedly trolling and processing out stale archives when you can get valuable live bodies delivered instantly to your parsers for far less cost and work. There are probably spam subs in Colin's list too, he didn't say which list, what exactly "closed" means, what

Re: [tor-relays] Fwd: Tor Guard Relay

> Yes, it is extremely strange, it arouses my suspicion. Why would they > specifically choose the tor server operator’s list which isn’t going to have > large amounts of people for them to meet to begin with? I am concerned this > might be an attempted attack against the network trying to lure in

Re: [tor-relays] decrease in traffic

On topic of relays is. Endeavouring to exchange information succinctly among parties without undue what guessing. As is if we have operators or readers where 'straight' belief would be both incorrect and operationally significant... such as getting slammed with unexpected overage bill based on 2%

Re: [tor-relays] decrease in traffic

> 50 Mbps > 25-30 Mbps > 350 KBps > yes, I'm keeping the units straight No not really. Crossing down away from megabits while still within reasonable single megabit range is awkward. And 'K' is not a valid prefix so no one knows whether you meant 1000 'k' or 1024 'Ki'. And '(B)ytes' is RAM and

Re: [tor-relays] decrease in traffic

> 1GB RAM Similarly, this literally translates to ~0.932GiB, while you may in reality have exactly 1GiB installed. Or if not, please donate that box with 1GB chip to the museum as it must be quite rare machine architecture ;) ___ tor-relays mailing list

Re: [tor-relays] [tor-dev] Relay diversity master thesis

On Sun, Jan 7, 2018 at 8:29 AM, teor wrote: >> On 22 Dec 2017, at 11:23, Robin Descamps wrote: >> May I ask you advices/feedback about this master thesis plan? >> The master thesis plan: >>

Re: [tor-relays] Combined relay and hidden service, good idea or not?

>> So assuming I just want to run SSH on some port on an .onion on the >> relay, what is the downside there? Just wondering if for that usecase, >> SSH to login remotely on to the relay would still have any disadvantages >> that I missed to consider The relay is on clearnet in consensus, thus

[tor-relays] How to post to this list

1) DO NOT Top Post, backwards it's because that's, reply below what you're replying to. 2) DO NOT Bulk Quote, trim what you're replying to down to the minimum size needed to convey the relavant context. 3) DO NOT Block Reply, piecewise interleave your replies below each piece of context to which

Re: [tor-relays] How to post to this list

5) WRAP your lines at around 72 characters long, or set your mailer to do this. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] MyFamily and ContactInfo fields are required for operators running multiple tor instances

On Wed, Jan 31, 2018 at 3:08 PM, Vinícius Zavam wrote: > what about those using *only* > PGP key fingerprints as ContactInfo? valid keys, publicly available (with > working email address, and personal info from the admin). > > will these relays be removed from the network,

Re: [tor-relays] Experimental DoS mitigation is in tor master

> Applications that use a lot of resources will have to rate-limit themselves. > Otherwise, relays will rate-limit them. It's possible if relays figure that stuff by #2 might not be an attack per se, but could be user activities... that relays might push back on that one by... - Seeking

Re: [tor-relays] Experimental DoS mitigation is in tor master

Has #2 been eval regarding onion indexing engines, oniontorrent, etc? They use a lot of resources for agnostic purposes. Censoring them as collateral damage would be bad. ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] High number of simultaneous connections from a single host

Re all the threads on this 'DoS' issue... Netflow analysis is often better for many this type of toplists than netstat / ss and other tools shipped with any given base OS. Even a proper tcpdump / packet filter log can be better. ___ tor-relays mailing

Re: [tor-relays] How to post to this list

Courier 10pt typeface on A4 letter, or 80x25 displays marginspace etc all common concepts all need hard line wrapping with contextual wrapping and layout in plaintext, as well as few MUA actually soft wrap for display but instead hard wrapping, let alone many webmail mangle beyond 70, many even

Re: [tor-relays] FreeBSD 11.1 ZFS Tor Image

On Sun, Feb 25, 2018 at 4:05 PM, George wrote: > However, I'd be wary of an image that I didn't build myself, personally. Yes, especially of image without source [script] (not to diminish such work). FreeBSD is largely reproducible these days, OpenBSD maybe not yet (you'd

Re: [tor-relays] FreeBSD 11.1 ZFS Tor Image

On Mon, Feb 26, 2018 at 12:21 AM, Conrad Rockenhaus wrote: > I'm more than willing to offer source :D, but I'm just going to make it a > script only project instead based on what seems to be the consensus opinion. > I'm just going to clean up some small things now that

Re: [tor-relays] whonix tor-relay - help needed

> it does not make > sense to run a Tor relay in a vm. The value of a limited environment is in case the tor daemon gets exploited. A full vm needed, tor's not an OS, so perhaps not. A static tor in an equivalent of lighter BSD jail, probably a fair balance. A dynamic tor in full access OS [root]

Re: [tor-relays] NTP and tor

> if you can, setup a stratum 1, but... regarding openntpd@freebsd; > https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-openntpd-on-freebsd-10-2 The stratum isn't much relavant to tor relay nodes since they're tolerant by design of more offset than any sane sync would

Re: [tor-relays] NTP and tor

ntpd runs fine without listener or with it blocked https://www.ntpsec.org/ http://openntpd.org/ https://wikipedia.org/wiki/Ntpd https://github.com/ioerror/tlsdate/ You can get serviceable time from many sources besides just ntp. Be creative. ___

Re: [tor-relays] Bridge relay setup (was: Re: AS awareness)

>> https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#Bridge > > On that page they have "Fast exit relays (>=100 MBit/s)" and "MBit/s (Mbps)". > MB means megabytes I would think. bits are not capitalized. It is Mbit/s or more simply Mbps. And tor is primarily a network tool interfacing

Re: [tor-relays] Congrats to Nullvoid

On 8/26/18, nusenu wrote: > Conrad Rockenhaus: >> I just wanted to say congratulations to Nullvoid, who is currently running >> the second fastest exit in France in my colo in Europe. > allowing port 25 on purpose or accidentally? Either way, up to the operator, some do it for the lols. >>

Re: [tor-relays] Individual Operator Exit Probability Threshold

> Yes, there are compiled tor relay packages for BSD, they exist in packages - > for FreeBSD is pkg install tor and for OpenBSD it’s pkg_add tor. https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ https://www.openbsd.org/faq/index.html > For FreeBSD, you’ll want to switch packages from

Re: [tor-relays] Congrats to Nullvoid

>> devcpu-data > Luckily, the instances aren’t running on shared boxes, each user runs on > their own XenServer HVM instance, so they have dedicated control of their > own instance. Seem to recall, as with most re Spectre Meltdown FPU Etc, the Xen fixes require pairing of microcode and kernel

Re: [tor-relays] 4 of Conrad Rockenhaus trial servers are in the top ten exit relays for Canada

One might worry more what Mega and Gigacorps are doing, secret partner friendly endeavours with Govts against you, than what some tiny ISP or whoever is doing with a few boxes. And was posted here many times about creating additional trust models and layers for relays, audits metrics and choices

Re: [tor-relays] Cloudflare Onions Beta and Network Stability

On Mon, Aug 20, 2018 at 7:19 PM, Alec Muffett wrote: > Even if Cloudflare onionified a bazillion domain names, there are still only > a few million people who use Tor who could generate the load to connect to > them. And none of those who could, will, because cloudflare will google recaptcha

Re: [tor-relays] Question regarding ethical torrent blocking

If operators are taking flak from their upstream, and they want to carry the traffic for reasons, before giving in and deploying exit policy, see what options are available to SWIP the address space to you and thus eat a lot of the complaints from the internet yourself.

[tor-relays] Exit in Turkey blocking torproject (komm EA93C), BadExit, Node Subscription Services, Censorship

This particular case receiving mentions for at least a few months... D1E99DE1E29E05D79F0EF9E083D18229867EA93C kommissarov 185.125.33.114 The relay won't [likely] be badexited because neither it nor its upstream is shown to be doing anything malicious. Simple censorship isn't enough. And except

Re: [tor-relays] Abuse Complaints

> Is Irdeto harassing you with DMCAs or just the hacking / forum spam > complaints? >> I am thankful that I have my own AS and IP space. I would even think >> about running mass relays like I do. >> I am running the reduced exit policy on all 50 of my relays and still get >> tons of automated

Re: [tor-relays] DSL interruption

5.7 Mbps (power of ten bps is proper network context) and N number of open connections (which you don't show) is enough traffic to lockup incapable hardware like some DSL and other cheap routers and intermediate devices. You first need to determine if the DSL link itself is truly down and for how

Re: [tor-relays] FreeBSD 11.1 ZFS Tor Image

On Wed, Feb 28, 2018 at 10:43 AM, mick <m...@rlogin.net> wrote: > On Tue, 27 Feb 2018 14:47:06 -0500 > grarpamp <grarp...@gmail.com> allegedly wrote: > >> If ovh vps gives root, bypass the fee with: md(4) vnode > geli > >> mount. >> >> Then

Re: [tor-relays] FreeBSD 11.1 ZFS Tor Image

> I can tell you on OVH, a basic level VPS (one for $5.00/mo) is not encrypted. > If a customer is willing to spend $7.00/mo more for an additional partition, > they will be able to have storage to encrypt the the Tor relay information at > rest. If ovh vps gives root, bypass the fee with: md(4)

Re: [tor-relays] Tor program

media.torproject.org youtube library freedom project I2P, Gnunet, IPFS, GPG, blockchain, lots of other networks have relavant philosophy material. ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] Tor program

> I2P, Gnunet, IPFS, GPG, blockchain, > lots of other networks have relavant > philosophy material. Many of which could make up list of new software packages such places could install as part of such program. Just as they might have libreoffice on windows, or even some easy / volunteer admin,

Re: [tor-relays] Hidden service error in log

On Wed, Mar 14, 2018 at 8:51 AM, Gary wrote: > 4l53ozkhv*** Whether tor or you *''d it, 45 bits is insufficient to prevent association in posts, and being v2, can be discovered in full, further, onions can be deanon'd to IP address in time by motivated

Re: [tor-relays] Running relays in universities? Exit nodes, perhaps? Please share your experience!

On Tue, Apr 17, 2018 at 1:36 PM, Gunnar Wolf wrote: > > Any help and pointers are welcome! https://lists.torproject.org/pipermail/tor-relays-universities/ https://lists.torproject.org/pipermail/tor-relays/ https://libraryfreedomproject.org/

Re: [tor-relays] VPNGate Project Exit Node Volunteers / I2P

hly applicable to them. If you're still confused, search and read their websites and try their apps. On 3/31/18, Quintin <tor-admin@portaltodark.world> wrote: > On Wed, Mar 28, 2018 at 11:53 PM grarpamp <grarp...@gmail.com> wrote: > >> http://www.vpngate.net/ >> >

[tor-relays] VPNGate Project Exit Node Volunteers / I2P

http://www.vpngate.net/ For those relay operators who may have extra non tor listed IP addresses and want to help a related projects / userbase. https://geti2p.net/ I2P also has an exit proxy function. " VPNGate: Free Access to World Knowledge Beyond Government's Firewall. VPN Gate Academic

Re: [tor-relays] Estimation of bridge traffic / Bridge or relay needed?

> https://www.torproject.org/docs/faq#RelayOrBridge > > "If you have lots of bandwidth, you should definitely run a normal relay. > If you're willing to be an exit, you should definitely run a normal > relay, since we need more exits. If you can't be an exit and only have a > little bit of

Re: [tor-relays] Estimation of bridge traffic / Bridge or relay needed?

> https://www.torproject.org/docs/faq#RelayOrBridge In context of the entire wider section beyond the former quote, where 'normal' is implied to be 'non-exit', I'd change one entry... > a normal relay, since we need more exits. to 'an exit relay, since...'

Re: [tor-relays] How helpful is it to run your own DNS server?

On Fri, Mar 16, 2018 at 12:54 PM, wrote: > I have seen mentions on this list of people using pi-hole and unbound DNS > servers in their setups, and I wondered if others had considered opinions as > to the usefulness of doing this. https://pi-hole.net/

Re: [tor-relays] No exit at home !!!

> Use ISP's only for exits. Or you want "fun". Some run exits from home because they have prepared in advance for, and do not mind, or simply enjoy, such free[dom] "fun", and wish to make a point and or cases. They could be considered activists. If not prepared, or in jurisdictions that do not

[tor-relays] FreeBSD Solution Comparable to VyOS (BGP IPv4+6 FW) in Tor Intensive Environments

On 10/11/18, Conrad Rockenhaus wrote: > Hello, > > I’m researching for a new colo, and in order to bring it online until I can > consolidate some hardware, I would like to temporarily run a VyOS Router as > the main router so I can start getting things online sooner than later. This > VyOS Router

Re: [tor-relays] List purpose and moderation

Sorry but if a Tor friendly commercial, non profit, volunteer, or whatever other type of vendor / provider wants to come here and announce [or solicit mutual development of more amenable custom] hosting solutions and services for tor relays... that's valuable and fine. In no small part because...

[tor-relays] Bittorrent Legal Noise, Advocacy [re: Explaining Tor to worried parent]

> Yeah, one of the complete bullshit things. I get around 200 emails per day > like this one: > > Protocol: BITTORRENT This should tend to diminish when you begin creating and showing people how to use filesharing and distributed storage protocols operating entirely within the various encrypted

[tor-relays] NTP and tor

Further NTP client variations... https://chrony.tuxfamily.org/ https://github.com/bsdphk/Ntimed https://leaf.dragonflybsd.org/cgi/web-man?command=dntpd=8 http://cr.yp.to/clockspeed.html ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] Fast search for underutilized ASN space?

One could assume say over half of all AS or their downstream do provide some form of hosting service, thus look them all up and spam their admin contact with both boilerplate tor promotional and include a request to their sales / down team for proposal / quote or referral for same.

Re: [tor-relays] "Safe" ports for exit node that won't attract LEA?

>> exit node in my home > I also allow 993/995 (IMAP/POP3 over SSL). Sadly, I don't allow 465, > SMTP over SSL, though I've pondered enabling it. If you're trying to help standalone MUA users send email... 465 - this is smtp over TLS, you don't / rarely want this legacy mashup thing 567 - this

Re: [tor-relays] Onion v2 HSDir Support (ref: v3 prop224) [was: fishy fingerprint patterns]

On 1/4/19, V wrote: > "crypto" "security" "sofware dev" "support" fud re v2 "Hey, here's v2, it uses older crypto and mechanics that are not as robust etc as v3... However v2 offers useful features for many users, and those features are not yet available in a newer design (volunteers to create

[tor-relays] Onion v2 HSDir Support (ref: v3 prop224) [was: fishy fingerprint patterns]

> relays have a rather distinct signup and fingerprint pattern > usually seen for onion attacks. > ... > a) If you are an .onion operator I'd like to encourage you to switch to onion > services version 3 > ... > so we can start > ... > b) dropping onion version 2 services eventually. These are

Re: [tor-relays] Is the public information for relays trustable?

It's not clear what you're asking. What "information" exactly. Etc. Please put each question in one paragraph or line dedicated to that question. If reaching the DA's is the only blockage, you should be able to setup your host's routing table and packet filters to send the DA's ip traffic to them

Re: [tor-relays] Is the public information for relays trustable?

If asking if what you see on metrics about MX or any other country is correct, yes it generally is. Though if you discover errors, you can file a metrics ticket with the suspected data in error and technical data proof that shows suggests metrics is wrong. "Hearing that some ISPs block, thus no

Re: [tor-relays] community team highlights: Relay Advocacy

>> communicating with OVH regarding relays without contactinfo > Is it *really* a good idea to poke OVH over this? > in their ToS > I feel this can backfire in a bad way > is easier to ban all this "Tor" entirely? Though there can be some context, in general harassing and busywork for ISP is

Re: [tor-relays] 300mbps FreeBSD Tor relay on HPE MicroServer Gen10 (AMD X3421)

FreeBSD jails are light, effective, fast, and detailed chroots... not bloated VM / HW / Hyper or emulation instances that eat RAM and CPU. > sort out a bare minimum jail for a Tor node. minimum = static tor (1 file) + devfs (kernel managed fs) > company kept getting their site hacked, so he had

Re: [tor-relays] Onion v2 HSDir Support (ref: v3 prop224) [was: fishy fingerprint patterns]

On 1/4/19, teor wrote: >> Node operators (tor-relays) would continue offering >> v2 HSDir support module until such time as the reasons >> for choosing v2 by those above are supported in v3 or vN. > > It's not just about feature parity. Right. Feature parity is nice and excellent goal, till

[tor-relays] Exit friendly ISPs

On 9/17/18, niftybunny wrote: > [cost, cost, cost] >> freedom is a profitable business model. We charge double and up rates to ignore and manage everything, short of legal process served, with you on point in role until you're not. Exits, torrents, gaming, IRC, shells, free speech, social nets,

Re: [tor-relays] Exit friendly ISPs in Australia

> I have also contacted RIMU Hosting, which has servers in Australia, and they > said "As an account holder under our terms of use, you would be directly > responsible for all content in and out of your server. In general that is > not possible to do with a tor exist node, so we are not a good fit

Re: [tor-relays] Extreme Exit Policy

>> Another more surprising impact for you is that your ssh connections would, >> counterintuitively, die more often. >> >> That's because Tor has a LongLivedPorts option, where streams for those >> destination ports use circuits with all Stable-flagged relays, and 22 >> is in the list but 443 is

Re: [tor-relays] Emerald Onion's new relays

On 4/4/19, Conrad Rockenhaus wrote: >> when ISPs are ordered to BGP blackhole some exit IP addresses > I've been assigning a second set of IP addresses to my servers in case > I want to run another instance of Tor. Would it be more prudent to use > that second set of IP addresses as an

[tor-relays] Representing Megabits correctly (ex: Slow Relay)

>> 97Mb >> speeds at 11Mb/sec. >> couple of meg > be careful with > Megabit (Mb) vs. MegaByte (MB). > Here is the part with the important information: > With this option, and in other options that take arguments in bytes, > KBytes, and so on, other formats are also supported. Notably, "KBytes" >

Re: [tor-relays] High Speed Exit Relay or just a plain Relay?

On 4/4/19, Conrad Rockenhaus wrote: > I have a FreeBSD box on a 1 Gbit/s connection. I'm trying to determine > if we need more high speed relays or high speed exit relays. The AS > it's on has no plain relays, just exit relays. That's what has me > wondering what to do.

Re: [tor-relays] [tor-exit] good node providers

On 2/17/19, dns1...@riseup.net wrote: > It wasn't clear to me if those operating systems > would install any kind of firmware automatically. Firmware / Microcode / BIOS blobs are related to the specific hardware you have installed... if the hw requires having the blob loaded into it after each

Re: [tor-relays] Tor Exit Relay CPU Usage Running at 100% for 1 MB/s on FreeBSD

On 3/11/19, Neel Chauhan wrote: > I have set up two exit relays on a FreeBSD 12.0 dedicated server: > Looking at my top stats, I get CPU usage of 100% most of the time > (meaning 95% of the time) on both instances pushing around ~1 MB/s with > both instances. > HP Blade single Intel Xeon L5520

Re: [tor-relays] plans to require ContactInfo to be non-empty

On 2/5/19, Roman Mamedov wrote: >> Nicknames are required to be non-empty, did that stop any abuse? > Correction: Nicknames default to "Unnamed" when unset. > However did any of the recent abuse or suspected-malicious relays actually > use "Unnamed"? The consensus contains quite some fraction

Re: [tor-relays] [tor-exit] good node providers

On 2/15/19, dns1...@riseup.net wrote: > As regards Linux box I would say one thing: if you are worried about NSA > etc.. how you could use operating systems that are not enterly free > software? If your > operating system contains binary blob That can be avoided with some OS, typically stringent

Re: [tor-relays] [tor-exit] good node providers

On 2/16/19, dns1...@riseup.net wrote: > As far as I know, those distributions include non free firmwares, which, > potentially or maybe not, could contain some backdoors. > > I don't want to preach no one, but for me is a ethical, moral question. I > want to avoid operating systems that haven't a

[tor-relays] Overlay Networks: Research Improvements and Attacks [was: planetlab butterfly relays]

On 1/23/19, nusenu wrote: > thanks for adding tor relays. > If you are using them for research purposes please ensure > you follow the safety guidelines: > https://research.torproject.org/safetyboard.html > https://medium.com/@nusenu/some-tor-relays-you-might-want-to-avoid-5901597ad821 >

Re: [tor-relays] Tor RAM usage (DoS or memory leaks?) - Flood of circuits

A week or two ago someone was scanning entire 80-bit onion space in big parallel. They later said they stopped upon advisement of the futility. But you never know. ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] [tor-talk] Anyone interested in running FreeBSD or Linux Exit Relays on AS19624?

On 4/17/19, Seby wrote: > Here we go again... Not really different than all the quasi or non profit tor node groups posting their news now and then. Nos onions, torservers, emerald onions, noisebridge, etc. Hey look at me, join us, give us money, we're doing stuff, etc. So long as it supports

[tor-relays] VPNs and Ports

>> On May 23, 2019, at 4:39 AM, Wallichii wrote: >> >> On Thu, 23 May 2019 04:15:36 -0500 >> Conrad Rockenhaus wrote: >> >>> I’ll be starting a free VPN service soon to allow users that are >>> blocked from using Tor at their location to access Tor. To prevent >>> abuse of the service, I plan on

[tor-relays] Solving World's Tor Users Being Blocked by Websites (was: Tor exit bridges)

On 5/7/19, nusenu wrote: > > juanjo: >> Tor relays are public and easily blocked by IP. To connect to Tor >> network users where Tor is censored have to use bridges and even PTs. >> But, what happens on the exit? Many websites block Tor IPs so using >> it to access "clearweb" is not possible.

Re: [tor-relays] 10 Years Torservers.net: Death or Future?

On 5/7/19, Tyler Durden wrote: > It has been a hell of a ride Yes :) Many of us remember day of torservers beginning days, and or have taken part creating, running, supporting, aligning with it over time. Those sorts of big projects are no small undertaking. Especially setting up of legal and

Re: [tor-relays] unique .onion addresses decreasing a lot

On 5/5/19, nusenu wrote: > https://metrics.torproject.org/hidserv-dir-onions-seen.html?start=2019-02-04=2019-05-05 > > Is this a measurement issue or did some major application migrate to v3 > onion services? Or some botnet got shutdown. ___ tor-relays

<    1   2   3   4   >