Re: Very low performance in CriptolabTORRelays*
El 01/12/10 12:03, Jim escribió: Daniel Franganillo wrote: Hi, still no luck with our bandwidth problems. I even tried to set up a tor relay under windows (to discard a linux problem) and it does not work. Also, if I setup an https server at 9001 or 9030 and download a file from there it works fine. Can you help me to gather some clues on how our School is filtering Tor? I need that information so i can fill a request to stop Tor filtering. Thanks. PD: Will it help if I pastebin a debug log? Hi Daniel, I am surprised that nobody on this list that is more knowledgeable than I has responded to your request. I am certainly no expert here, but based both on what has been posted on this list previously and the TLS entries that ended up in your debug log, I would have to wonder if your problem doesn't have to do with an incompatibilty between the version of Tor you are using and the version of SSL you are using rather than being a problem with your school's filtering Tor. I did not respond sooner in part because, based on my (admittedly limited) understanding of these issues, I did not see a conflict between what you posted you were using, based on recent other posts about this. Still there have been recent (say the last 6 months or so) issues between Tor and SSL. I can only hope that either you can research this some yourself or somebody else with more knowledge about this will post. Good luck! Jim *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ Its verly unlikely that the issue comes from an incompatible version of OpenSSL and Tor because it fails in windows too :/ Any help is welcomed, we were donating more than 1MB on bandwidht and now nothing... Thanks. -- --- Daniel Franganillo Corrales --- e-mail: dani...@dilmun.ls.fi.upm.es --- CriptoLab. Despacho 6305. Facultad de Informática. Campus de Montegancedo S/N Universidad Politécnica de Madrid. Boadilla del Monte. Madrid (Spain) Teléfono - 91 336 (3673) --- smime.p7s Description: S/MIME Cryptographic Signature
Tor-node failed
Last time my tor-node regularry fails. How can I debug causes of it? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Very low performance in CriptolabTORRelays*
Thus spake Daniel Franganillo (dani...@dilmun.ls.fi.upm.es): El 29/11/10 16:27, Daniel Franganillo escribió: Hi, I'm the admin of CriptoLabTorRelays[1][2][3][4] As you can see at [1][2][3][4] our relays are having almost no transfer rate (3KB or so) It started on Monday 14 of November and after some testing we came to a conclusion... Our Univeristy (our workplace) somehow filtered Tor without us noticing. I think no one is answering your mail because of this statement. If the Tor network is blocked by your ISP, you can't exactly expect to run a relay... Did you confirm the block? Did you try connecting to some of the other public tor relays? A simple way to do this is to just use Firefox and type in https://random.tor.node.ip and see if you get a cert warning or not. Another way to do this is to try to use Tor as a client. Does that work? How about using a client with bridges. Do they work? https://www.sesawe.net/Using-Tor-with-Bridges.html -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpFqlH8oZYMa.pgp Description: PGP signature
Re: Active Attacks - Already in Progress?
Thus spake Theodore Bagwell (torus...@imap.cc): On Sun, 28 Nov 2010 17:54 -0800, Mike Perry mikepe...@fscked.org wrote: Rather than cripple the network by forcing more clients to use slower nodes more often, we have opted to try to document the process of running a high capacity Tor exit node: http://archives.seul.org/tor/relays/Aug-2010/msg00034.html In my research (posted earlier to this list), I did not find an issue with exit relays. The relays which were reliably chosen as part of my circuit were often the first or second relay in my circuit - not the exit relay. In this case, you are experiencing your guard nodes. This is a protective measure where the Tor client remembers a set of 3 live nodes and tries to use them for up to 2 months for its 1st hop... This is done to protect against a wide variety of traffic analysis attacks. -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpyfEcctkRwv.pgp Description: PGP signature
Re: Arm Release 1.4.0
The lsof command issued by arm [1] is: lsof -nPi | grep process\s*pid.*(ESTABLISHED) I'd be happy to work with you to provide a fix, if you'd like. Once upon a time I tried to use VMs to troubleshoot FreeBSD and Gentoo issues (thus far they're the only platforms to give arm any trouble). However, either VirtualBox, those OSes, or the combination of the two made this a colossal pain in the ass. Trying to wrangle even the most basic functionality out of those systems chewed up dozens of hours so that's definitely *not* a road I'm going down again. What I'll need from you is the following: - A command that, when executed as the tor user, produces connection results filtered to tor's connections. - Example output. - Be available to test a potential fix. If you're up for that then I'm glad to have the help! Lets take further discussion of this off the list. I don't think this is generally of interest to the rest of the tor community. -Damian [1] https://svn.torproject.org/svn/arm/trunk/src/util/connections.py On Wed, Dec 1, 2010 at 10:34 PM, John Case c...@sdf.lonestar.org wrote: On Wed, 1 Dec 2010, Damian Johnson wrote: Arm should work just fine under BSD with the exception of the connection listing. The problem there is that FreeBSD's netstat lacks the flag to list the pids associated with connections (so I can't narrow the list to tor connections), ss is a completely different program (a spreadsheet application instead of connection resolver), and lsof either had similar issues, though I don't recall exactly what. If you know a method of getting the connections for a given process under FreeBSD then I'm all ears. :) Right - I've been familiar with the limitation, and the reason for the limitation, for the lifetime of your project. I run Arm very well on FreeBSD, but I'd really love to have the connection listing ... Can you use this: http://lists.freebsd.org/pipermail/freebsd-questions/2007-November/162970.html to cross reference, and get what you need ? *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talk in the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor-node failed
On Fri, 03 Dec 2010 00:29:58 + Orionjur Tor-admin tor-ad...@orionjurinform.com wrote: Last time my tor-node regularry fails. How can I debug causes of it? https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#MyTorkeepscrashing. The text at that url is a fine start. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor 0.2.2.19-alpha is out
On Tue, 30 Nov 2010 16:25:25 + Matthew pump...@cotse.net wrote: In System / Administration / Software Sources / Authentication there is an deb.torproject.org archive signing key dated 2009-09-04 with the value 886DDD89. This is correct. Am I correct to think that this key sufficient to verify updates when using sources.list. This is correct. Also, who exactly owns 886DDD89? Is it a specific person or for torproject.org as a whole? If you gpg --list-sigs 0x886DDD89 You can see who signed the key. It is a role key that the packagers use to sign the builds, rather than using their own personal keys. It is up to you if you trust the key and those who signed it implying validity. -- Andrew pgp 0x74ED336B *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Very low performance in CriptolabTORRelays*
El 03/12/10 01:55, Mike Perry escribió: Thus spake Daniel Franganillo (dani...@dilmun.ls.fi.upm.es): El 29/11/10 16:27, Daniel Franganillo escribió: Hi, I'm the admin of CriptoLabTorRelays[1][2][3][4] As you can see at [1][2][3][4] our relays are having almost no transfer rate (3KB or so) It started on Monday 14 of November and after some testing we came to a conclusion... Our Univeristy (our workplace) somehow filtered Tor without us noticing. I think no one is answering your mail because of this statement. If the Tor network is blocked by your ISP, you can't exactly expect to run a relay... Well, im not asking for help to run a Tor relay, I did it for more than a year without problems. Im asking for help to gather intel so I can make an statement to our ISP (I work at a Dept. in a univeristy) to unblock Tor. Did you confirm the block? Did you try connecting to some of the other public tor relays? A simple way to do this is to just use Firefox and type in https://random.tor.node.ip and see if you get a cert warning or not. Our ISP wont say nothing about their filters (It seems to be a Top Secret issue :P). As I said before there's no problem reported at debug.log except for the frequent: [debug] TLS error: unexpected close while reading (SSL_ST_OK) Another way to do this is to try to use Tor as a client. Does that work? Nope. How about using a client with bridges. Do they work? https://www.sesawe.net/Using-Tor-with-Bridges.html Nope. Transfer rates are equally ridiculous. Tried in windows, same. Thanks. -- --- Daniel Franganillo Corrales --- e-mail: dani...@dilmun.ls.fi.upm.es --- CriptoLab. Despacho 6305. Facultad de Informática. Campus de Montegancedo S/N Universidad Politécnica de Madrid. Boadilla del Monte. Madrid (Spain) Teléfono - 91 336 (3673) --- smime.p7s Description: S/MIME Cryptographic Signature
