Re: [tor-relays] (no subject)
On 2014-01-14 12:38, I wrote: Does anyone know how to get past this to get the exit running on Debian 6, please? Our clock is 6 hours, 48 minutes behind the time published in the consensus network status document (2014-01-14 11:00:00 UTC). apt-get install ntp would be a good start. Greets, Jeroen ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Tor listenes to UDP ports?
Complementing: tcpdump -w $udpport.cap port $udpport On Mon, Jan 13, 2014 at 9:17 PM, Drake Wilson dr...@dasyatidae.net wrote: Quoth Wollomatic wolloma...@posteo.eu, on 2014-01-14 00:29:39 +0100: Since I thought Tor only uses TCP may this be a security problem with my server? Since UDP is a connectionless datagram protocol, there is no distinguished listening state. It seems more likely that those are sockets for outgoing DNS requests. Have you monitored the traffic on those ports to see what it is? --- Drake Wilson ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Noilson Caio Teixeira de Araújo https://ncaio.wordpress http://ncaio.ithub.com.br.comhttp://ncaio.ithub.com.br https://br.linkedin.com/in/ncaio http://br.linkedin.com/in/ncaio https://twitter.com/noilsoncaio ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Bad experience with hetzner.de and Trusted Tor Traceroutes experiment
Hello there, We're running a Tor relay (not exit) on a virtual private server at Hetzner for about a year. On Wednesday January 8th, we decided to take part in the Trying Trusted Tor Traceroutes [1] research experiment. There have been various calls for participation on public mailing lists [2] [3]. The traceroutes were conducted using the scamper package, as suggested in README. We imposed no rate limiting to requests, just run the script with default values. Some hours later, Thursday 9th, we received an email from Hetzner stating that our server was taking part in attacks and they would suspend our instance if we didn't react within 8 hours. As soon as we got the warning we killed scamper conducting the traceroutes, and followed the procedure so as not to get our instance suspended. Hetzner also asked for some explanations about why we think our server was not taking part in the attack. We responded via email with a full explanation about the traceroutes from our server and the Trying Trusted Tor Traceroutes experiment from various researchers from University of Illinois [1]. We told Hetzner that our server was making harmless and legal traceroutes to various destinations on the Internet, thus they had no reason to suspend our instance. Twenty four hours later, Friday 10th, Hetzner blocked network access to the IP address of our server, did send us an email about blocking, but ignored our exlanations submitted the previous day. After the blockage of our IP we insisted on trying to resolve the case by sending one more email exlaining the situation and asking to unblock us, and then opening a ticket. Hetner's response to the last email (5 hours later) was that we should open a ticket, which we already had done. Alas, our ticket was marked as duplicate and closed(?). During this loophole support nightmare most responses from Hetzner's part actually seemed to be machine generated. At last Hetzner asked us via email to send them a signed document via fax(!) containing explanations about the incident. Now that was ridiculous, since we had submitted explanations already three times with the first submission only four hours after Hetzner's first warning on Thursday. Nevertheless, we did resend the explanation. After about 7 hours of downtime, Hetzner unblocked network access to our server. More than 36 hours later they sent an email Dear Mr. , your server is unlocked. Concluding, - Hetzner considers traceroutes to various internet destinations as attack. All relay operators with machines at Hetzner should be _careful_ when taking part in Trying Trusted Tor Traceroutes experiment. - Hetzner has awful customer support. Cheers, Alex [1] https://web.engr.illinois.edu/~das17/tor-traceroute_v1.html [2] https://lists.torproject.org/pipermail/tor-relays/2013-October/003113.html [3] https://lists.torproject.org/pipermail/tor-news/2014-January/27.html signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] System Time
Moritz and Jeroen, Thank you both. I tried both your ideas but the system is set to prevent the time being changed as you thought. Another plea to the VPS controllers and it was corrected. So the lesson there is presume it is the VPS set-up first and foremost. You both should know that the concise and clear advice like yours is what this list needs rather than mysterious jargon and code. Anyone finding the instructions you gave would also see the complete explanation with them. I don't know how but it would be good to facilitate the search for or extract such advice for keen newboys. The subject line isn't always the best label as I demonstrated. Robert ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] using Curve p25519 cryptography for type 2(Mixmaster) and type 3(mixminion) remailer blocks
On Tue, Jan 14, 2014 at 2:14 PM, gwen hastings g...@cypherpunks.to wrote: ... I am looking at resurrecting mixmaster, mixminion and nym.alias.net nymserver designs from the various code wastebaskets and retrofit them with some newer encryption technology based on curve25519 and poly-1305 libsodium based algorithms and routines. I believe there is sufficient demand to merit deployment of a good mix network. As well as perhaps web/other intake frontends due to the now prevalent a) dwindling free email b) demand by mail providers for phone authentication. As for operators, I'd reach out to the Tor, I2P, Bitcoin, etc operators. It's a shame that one of the hardest things to find these days is anonymous free speech in the simple form of the written word. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays