Re: [tor-relays] Website no longer available from Tor
the web server is not mine, so I do not have much opportunity to execute commands. I also increased the level of debugging on my TBB client and find the IP of the exit node is, this time, 93.180.156.84. But the problem persists with dozens of other exit node. I also tried to set up an exit node on my pc and let out the traffic only through my IP but after I could not get out (probably for some configuration issue). 2014-11-22 4:17 GMT+01:00 Andy Isaacson a...@hexapodia.org: On Fri, Nov 21, 2014 at 12:50:39PM -0500, grarpamp wrote: In your opinion why is not it more accessible? You asked four times. We can't see your systems or your exits so we don't know. Indeed! You can increase the Tor client debugging level on the machine you're trying to TBB from, find out what exit you used to try to connect, and then try tcptraceroute and other debugging tools from your server to see if you can debug the connectivity failure. -andy ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
I would happily chip in to a node like that. One thing, though, about USA is their fickleness when shown a legal letter. I increased VPSs to more than ten paid a year in advance with GreenValueHost because they were so helpful they even reinstalled Tor and sorted some Linux problems for me. Then they banned Tor. I can only imagine that their spines collapsed at a threat. So USA can be fast and cheap but beware when they agree Tor is acceptable because there are poor trade practices laws to get refunds and rights. Robert I also share the thought that more US exit power is welcomed in the Tor network. . Depending on your budget, Voxility has a datacenter in the US. Unfortunately they provide only enterprise class servers with prices directly proportional to the class. Maybe we can manage to pool $ in order to create a bigger node with this provider if we find enough people. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
On Sat, 22 Nov 2014 16:35:18 -0800, I beatthebasta...@inbox.com wrote: So USA can be fast and cheap but beware when they agree Tor is acceptable because there are poor trade practices laws to get refunds and rights. FWIW I spun up a Tor exit node on VULTR. I pro-actively informed them I was doing so by creating a support ticket with this text: Just giving you guys a heads up that I've setup a new Tor exit node. It's using the ReducedExitPolicy detailed here: https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy The reduced exit policy has been successful in eliminating the vast majority of DMCA complains according to this Tor blog post: https://blog.torproject.org/running-exit-node If there are any complaints about traffic from this node, please alert me immediately so I can deal with them. I have a dedicated email setup for this purpose at t...@sysfu.com. Regards, Seth The response was a simple Thank you for the updateso they seem pretty cool about it. If you look at https://torstatus.rueckgr.at/ you'll see a half dozen other nodes running on VULTR. The starter $5/mo size gets you 1000GB of bandwidth per month, can't beat that with a stick. Another thing I like about VULTR is that you can install your own custom OS via an ISO or iPXE script. Also none of that fixed kernel nonsense I dealt with at Digital Ocean. And they accept Bitcoin. That fact that thousands of average joe sysadmins can now spin up a powerful Tor relay or exit node, on the operating system of their choice, for $5/mo payable in Bitcoin...I think that's a big deal. -- Seth I 3 nicely trimmed email replies ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Just checked them now, that is great if they will allow you to run Tor exit nodes on such cheap virtual machines. 5$ for 1000GB is a good deal for US traffic, and bitcoin accepted is an important pro. But I am concerned if they will sustain Tor exits on the long term. If the Tor relay will consume more bandwidth they might start shouting about it since more virtual machines share a network port, and they will want to maximize how many VMs they can assign to a port in order to maximize profit. Not to mention if the relay will be under DDoS attack. I saw many cheap cloud providers which claimed to support Tor, yet after little time just when the relay was becoming popular and known in the consensus, service terminated. Hope VULTR will not follow this way. On 11/23/2014 2:56 AM, Seth wrote: On Sat, 22 Nov 2014 16:35:18 -0800, I beatthebasta...@inbox.com wrote: So USA can be fast and cheap but beware when they agree Tor is acceptable because there are poor trade practices laws to get refunds and rights. FWIW I spun up a Tor exit node on VULTR. I pro-actively informed them I was doing so by creating a support ticket with this text: Just giving you guys a heads up that I've setup a new Tor exit node. It's using the ReducedExitPolicy detailed here: https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy The reduced exit policy has been successful in eliminating the vast majority of DMCA complains according to this Tor blog post: https://blog.torproject.org/running-exit-node If there are any complaints about traffic from this node, please alert me immediately so I can deal with them. I have a dedicated email setup for this purpose at t...@sysfu.com. Regards, Seth The response was a simple Thank you for the updateso they seem pretty cool about it. If you look at https://torstatus.rueckgr.at/ you'll see a half dozen other nodes running on VULTR. The starter $5/mo size gets you 1000GB of bandwidth per month, can't beat that with a stick. Another thing I like about VULTR is that you can install your own custom OS via an ISO or iPXE script. Also none of that fixed kernel nonsense I dealt with at Digital Ocean. And they accept Bitcoin. That fact that thousands of average joe sysadmins can now spin up a powerful Tor relay or exit node, on the operating system of their choice, for $5/mo payable in Bitcoin...I think that's a big deal. -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJUcTLxAAoJEIN/pSyBJlsRiZoH/3mCS4OPT/Si47+fmyI2IkdW ggEhv9S5csBCZRCl/374Gu5Kv4Ru/2W3mBAZvflxTAN9Mef0msiVHl8pC9NlW3Y6 E7f4DEvb8NTiuoCEpYPUe6GJfmTrP+dZDoWarUPGiBzYxCXw2mSwdmnC1r7ei3X5 X6bALW88w9O8eG3r29CuCqx7OAm4o4SfqI7ConkkLtzQ4XDQ+oOiWVld3M/RrKMm oJAu+ALecrUtopcIlyz5feql0467pddAIl579YYj62BRpUpAWM5CAyOvmXdNHNJD 2SaxzUS/F5BFPdmCOU5QzOIzRDFEnLud9LTFn8KeyR053ARDekHLoTC3nMSM4dA= =OYdd -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
On 11/22/2014 05:56 PM, Seth wrote: On Sat, 22 Nov 2014 16:35:18 -0800, I beatthebasta...@inbox.com wrote: So USA can be fast and cheap but beware when they agree Tor is acceptable because there are poor trade practices laws to get refunds and rights. FWIW I spun up a Tor exit node on VULTR. I pro-actively informed them I was doing so by creating a support ticket with this text: Just giving you guys a heads up that I've setup a new Tor exit node. SNIP Do you mind if I steal/paraphrase your letter? They might find it odd. Any thoughts on that? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
If you are looking for good solution, I'm testing right now http://roundabove.com, running one exit node with exit rules provided from https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy. Tor's uptime is 11 days 12:00 hours, with 194 circuits open. I've sent 182.16 GB and received 178.18 GB. Only what you need to do on your system is to set new hostnames in /etc/rc.local. I use servernames without logging from this this list http://wiki.opennicproject.org/Tier2 (France). -BEGIN PGP SIGNATURE- Version: OpenPGP.js v0.7.2 Comment: http://openpgpjs.org wsFcBAEBCAAQBQJUcUZVCRDHWR777fxuEQAAA6QP/jvqWdTKTH0mOJ3Nc2Fz AwkT1lmRFf1/TOUl1DAK4JNIXloK33LAJ7sOnessSJ4g6tVqZL552nwMIAHK dJ3UQntKWR+fmPb8rpgvAwFcTY6Yk3oKqZv8xRZTveFgvhpUsbhialDwBdSq dB6/47IogkCekQVX8pbUus4uAUSsE83KFACTIWeStFWZ0ltpM5eQheW6kPjm kp3MuQwawHYj5XCwj/l/ZaceOyzEoSAbAI9v/IMw1cuZvCX1jzShU7K4Tlgs /I0Mk+vYNuI/eDvg/NFMJUza/YWRMDx5WxlNYJqZ6mNdYZXyZIakEpWAihoX 5GDl5UluFmBZwn5k+lI1lr9nl67hcR3YFfF1EXaZZq4WuOyrpy3vh0mzTpf/ 6FtFjqC9275NfR7OmaNyd5vFJh9aUsvlr+2oq8hDG+4raTX0OFFiYSuePPxW pEhb7UD6ngIJK2zK/m5mdiWWdU1pH3Kr4NdBTlDN6yvg7JT03dS1mIaYcioT btQNZCJ5sr1FAHQpOScx0tJtqIROA35bZINnqpLvc5eoSyBQGhTiggstgAcL qxmOBvvYTaWaWknpTRbekKlTaZzTH6pJRKoK2Lj2htbCusAM7NWnUi9TdtBh rDgBkEmfqV+zy9u7sa40CtGnNxZ0Q4i0y8vNtREK3xI+VTZY6zssq6fOZ2A8 9i0X =cD5N -END PGP SIGNATURE- On 23 November 2014 at 02:58, Seth l...@sysfu.com wrote: On Sat, 22 Nov 2014 17:05:53 -0800, s7r s...@sky-ip.org wrote: I am concerned if they will sustain Tor exits on the long term. If the Tor relay will consume more bandwidth they might start shouting about it since more virtual machines share a network port, and they will want to maximize how many VMs they can assign to a port in order to maximize profit. Not to mention if the relay will be under DDoS attack. I share all these concerns and s'pose we'll find out eventually. The Choopa (VULTR parent company) network infrastructure is fairly robust from what I gathered reading many many posts about the service on lowendtalk.com. I saw many cheap cloud providers which claimed to support Tor, yet after little time just when the relay was becoming popular and known in the consensus, service terminated. Hope VULTR will not follow this way. I think the VPS providers are more likely to fold in the face of pressure. Too big and they're likely gutless and/or compromised. There's probably a sweet spot that's willing to Throw down for freedom somewhere in the middle. (Sonic.net for example) I should have also mentioned in my previous post I put the following in /etc/tor/torrc # Bandwidth and data caps AccountingStart day 19:45 # calculate once a day at 7:45pm AccountingMax 33 GBytes # 33GB X 30 days = 10GB shy of 1000GB/mo. RelayBandwidthRate 3000 KBytes RelayBandwidthBurst 3750 KBytes # allow higher bursts but maintain average ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- http://www.backbox.org http://www.pentester.iz.rs ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
On Sat, 22 Nov 2014 18:46:18 -0800, ZEROF secur...@netmajstor.com wrote: I use servernames without logging from this this list http://wiki.opennicproject.org/Tier2 (France). Great resource of logless DNS servers, I'm a big fan of OpenNIC. Have you bothered to encrypt DNS traffic by setting up dnscrypt-proxy or the like? These days it's something I include as standard.___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
Date: Sat, 22 Nov 2014 17:58:37 -0800 From: Seth l...@sysfu.com ... I should have also mentioned in my previous post I put the following in /etc/tor/torrc # Bandwidth and data caps AccountingStart day 19:45 # calculate once a day at 7:45pm AccountingMax 33 GBytes # 33GB X 30 days = 10GB shy of 1000GB/mo. RelayBandwidthRate 3000 KBytes RelayBandwidthBurst 3750 KBytes # allow higher bursts but maintain average There are 7/12 months that have 31 days, where your 33GB per day will result in a (potential) 23GB overuse. (And that's not including non-tor traffic like OS updates.) Why not use 32GB x 31 days = 992GB, or 31GB x 31 days = 961GB ? teor pgp 0xABFED1AC hkp://pgp.mit.edu/ https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 http://0bin.net/paste/Mu92kPyphK0bqmbA#Zvt3gzMrSCAwDN6GKsUk7Q8G-eG+Y+BLpe7wtmU66Mx signature.asc Description: Message signed with OpenPGP using GPGMail ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] AccountingMax and RelayBandwidthRate
teor said: Date: Sat, 22 Nov 2014 17:58:37 -0800 From: Seth l...@sysfu.com I should have also mentioned in my previous post I put the following in /etc/tor/torrc # Bandwidth and data caps AccountingStart day 19:45 # calculate once a day at 7:45pm AccountingMax 33 GBytes # 33GB X 30 days = 10GB shy of 1000GB/mo. RelayBandwidthRate 3000 KBytes RelayBandwidthBurst 3750 KBytes # allow higher bursts but maintain average There are 7/12 months that have 31 days, where your 33GB per day will result in a (potential) 23GB overuse. (And that's not including non-tor traffic like OS updates.) Why not use 32GB x 31 days = 992GB, or 31GB x 31 days = 961GB ? The number for the RelayBandwidthRate seems on the high side as well. One thing I have noticed since I changed my configuration is I keep maxing out the 32GB and my node doesn't seem to be flagged as a Guard node. The main reason I chose port 80 is to make it available to some users that are otherwise blocked, but if the node doesn't obtain a Guard flag it seems kind of pointless to use port 80. So what is better in terms of health of the Tor Network? Current config: iptables redirects port 80 to 9001. ORPort 198.211.99.146:80 IPv4Only NoListen ORPort 198.211.99.146:9001 IPv4Only NoAdvertise AccountingMax 32 GB AccountingStart day 05:00 Proposed config change: ORPort 198.211.99.146:80 IPv4Only NoListen ORPort 198.211.99.146:9001 IPv4Only NoAdvertise AccountingMax 32 GB AccountingStart day 05:00 RelayBandwidthRate 1000 KBytes RelayBandwidthBurst 3000 KBytes Note I should actually calculate the RelayBandwidthRate for 1TB transfer, but given the stats from the past week, I think it is a reasonable rough approximation. Chuck ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Fast Exit Node Operators - ISP in US
On 11/22/2014 06:58 PM, Seth wrote: SNIP I should have also mentioned in my previous post I put the following in /etc/tor/torrc # Bandwidth and data caps AccountingStart day 19:45 # calculate once a day at 7:45pm AccountingMax 33 GBytes # 33GB X 30 days = 10GB shy of 1000GB/mo. RelayBandwidthRate 3000 KBytes RelayBandwidthBurst 3750 KBytes # allow higher bursts but maintain average How much throughput do you get with your VPS, 1000 GB/mo or 2000 GB/mo? As I read comments in torrc, AccountingMax applies separately to sent and received bytes, not to their sum, and so setting '4 GB' may allow up to 8 GB total before hibernating. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
