Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)
Hi. On 08/09/2015 07:44 AM, Sharif Olorin wrote: I would expect most US universities to be logging netflow in the very least. Even if the Tor operator isn't keeping logs, it seems safe to assume the network operator is. I'd be surprised if it was different for non-US universities - I'd expect this to be the case for every university with its own AS, and probably most without. It's not specific to universities either; it would be a rare ISP that doesn't retain netflow for traffic accounting purposes. Perhaps we're entering a time when universities need to be producing transparency reports... It also seems that since there is significant incentive to run exits in order to gain traffic visibility, we need some sort of competing incentive. I don't know what that is, however. Or perhaps extensive logging at exits need to be part of a more honest overview of Tor. hope everyone is well tim -- Tim Sammut ~ @t1msammut ~ t...@teamsammut.com Ford-Mozilla Fellow at Amnesty International ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] I.P. being Blocked?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov? Over the past month I've noticed regardless of which browser, machine on my LAN, and wired or wireless connection utilized it's become impossible to connect to any ca.gov site. I've researched my router, cable modem, and firewall settings, all appear to be fine. Spoke with my ISP, for whatever worth that might have, and was assured no blocking or filters were in place that would keep me from reaching these services and my settings looked fine from what they could see from their end. I'm able to connect to ca.gov sites using my phones 4G network or through Tor, however for some reason my home network and associated I.P. is poison. Any experiences/input would be appreciated. Thanks -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJVx4UrAAoJEJQqkaGlFNDPILMIALq/zYHqdm/QpThUI/vbr74L Q5lzLiVJBbxOxC3nWX/fuJL35FyS2FwOY4K+piI0EcDpY+wZ/m2hZh7wJLzwh9ok z0j0Dcp7GL3N2c64UP/7XFCrlaNtMm/0ke1xsxUkd0NahZNDCqv7BOkR9IX5yAfx lK5qOw9fpjyzVIdLd1LM1VArWGoEI6dR8PI3rmmGmzP6m9OGC8MxqW2rx+g1p0C5 0F+wDgnmM9rUa2VcgGXf7F4lJkEpUOtjwrsrasclLE8WbwBVv47a84eSSCLKCnUm rD5fUjFBgcaJtrVRgrwydWBcCuIujfxyiCz+Ku8+jtazB5cMdeiZjZN1pgRgKS8= =z1cc -END PGP SIGNATURE- --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
On Mon, 10 Aug 2015, at 05:19 AM, Roman Mamedov wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 9 Aug 2015 13:02:14 -0400 Zack Weinberg za...@cmu.edu wrote: several this IP is a source of spam blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. Now this is just unnecessarily FUDish, at http://bgp.he.net/ one can check their IPs against 49 RBLs, I checked several of my long-running relays' IPs, and they are on none of the 49. Try MX Toolbox's blacklist check[0], it searches over 90 blacklists and you'll find at the very least you're on one of the Tor-specific lists. [0] https://mxtoolbox.com/blacklists.aspx -- Carlin ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 08/09/2015 12:52 PM, Kurt Besig wrote: Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov? Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several this IP is a source of spam blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government website maintainers are probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as more comprehensive than others). zw -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVx4cSAAoJEJH8wytnaapk/i0QALmPyz3Rmz2SUtyO5vSIKObP DoazDoWJDYHzz35XHRL0QeamzJD0W+6JbB3vdmwK/i5DXIDabP+4VSgZlTqIqSvN eoj8qv0E7TDJ8VQmDz9LAih4XC427geGuuwJFG29cBYT4wlTuJk/kJBHTAdpOh7V 8lV6UEVniLx6MIIMq94hiDVjBmU6qKbDx7yaiKQvcDfbs0t7Kuf2InUIOhevdat7 0RI8xAvu/KBoTpAvAplofaudHcf9KMt7NB8fYh2HN6xvPghLuMbY5mT0jxHOPaKE aJK6oKgOioXP2isH5BeWVpy8+YtMJKyYt470TyDt+3vMFbrc+JWlkYN493T+SIWq fXD5mnOvp3ruZ6xWD6dIOOTTp3I9zz4mmYUXEIWtiFNEFJXGMHPl4ltPwPm+4W8K inIjUF4WnMTvYaZ3MCNopPeq7CrBTPXT/WYN06W0zHSiWbNGBHQ6LHhxeUjpuOtT 2sc9hGTfkvs7jmLghT1wVBT7V7QomhKEFXnI60vjsSsiI94c29kY6gKCEn+COjVX eczdaOBW62pOwPXIAPcLyQMkAc/ACLtGE+dO+zSaMVIofoLcM8g2R4dYhcpdeNWP BwPk0ENOQzy9b2FFFYLciBrx3W7YfAAPw1infabI819e5/HKqYxBiHl2mH6Z5ab5 /A8CjOEk0Jm3beKhxcAq =QJXS -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Sun, 9 Aug 2015 13:02:14 -0400 Zack Weinberg za...@cmu.edu wrote: several this IP is a source of spam blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. Now this is just unnecessarily FUDish, at http://bgp.he.net/ one can check their IPs against 49 RBLs, I checked several of my long-running relays' IPs, and they are on none of the 49. The blocking issue however has came up in the past, back then it was related to the Akamai CDN blocking all relays, as a result people running them couldn't access e.g. www.healthcare.gov from the same IP. Right now healthcare.gov still uses Akamai, but is accessible just fine from relays, so this has been solved. As for the particular hostnames specified in the original post, I believe they might have some DNS-related issue at the moment. Here's what I get from an IP which has never run a Tor relay: = $ host www.CA.DMV.gov Host www.CA.DMV.gov not found: 3(NXDOMAIN) $ host www.CA.SDI.gov Host www.CA.SDI.gov not found: 3(NXDOMAIN) $ host www.CA.DMV.gov 4.2.2.3 Using domain server: Name: 4.2.2.3 Address: 4.2.2.3#53 Aliases: www.CA.DMV.gov has address 198.105.244.11 www.CA.DMV.gov has address 198.105.254.11 Host www.CA.DMV.gov not found: 3(NXDOMAIN) $ host www.CA.SDI.gov 4.2.2.3 Using domain server: Name: 4.2.2.3 Address: 4.2.2.3#53 Aliases: www.CA.SDI.gov has address 198.105.244.11 www.CA.SDI.gov has address 198.105.254.11 Host www.CA.SDI.gov not found: 3(NXDOMAIN) = (without www they are NXDOMAIN no matter what). - -- With respect, Roman -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlXHi50ACgkQTLKSvz+PZwhNHgCgk7Yrl7OlQ76NYcbKNwK4d74K ZX8AnA8lvrvRQ165n5y8FsQRWJ0M9con =dCnr -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 8/9/2015 10:00 AM, Zack Weinberg wrote: On 08/09/2015 12:52 PM, Kurt Besig wrote: Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov? Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several this IP is a source of spam blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government website maintainers are probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as more comprehensive than others). zw Yes this is a middle relay, on a home network, I've been running for approximately 1.5 years with no issues. Since this is a middle relay and find I have no reason to hide my intentions there hasn't been an issue in my mind regarding running a relay on my home network. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBAgAGBQJVx4xYAAoJEJQqkaGlFNDP6j4H/1MTp8vS5BtiTAyhfrXfaCe/ t1YBihtJnK/haZ1zDQ8lPp8zjHYWE/0B8/VoTWVh2jEY7aq8UC27zpdiDHzADPqD BOelZyK5Ig1+HAdcwSRaRz5nJ891Icmyj8aURdWz6103IK8yMc2bw5s2dcEUq3TG qLGJ9dKBu7Pl6FIdlrJfs/M104RQuCKhrz1LRMWQFmsUC19AHHHONnguNwv18/nR wzM4C49s+7BwXlQkvptAlyzF8b5lHhtMin8YBtVMXLKlbFNFwd5Ii8etFMIam9ai 3J2A+C3LS34DAsA19JS1pA2Ekj8P/OU6cel0MsDph2jXNTDU2z85Bn4JDa/1w70= =fx4x -END PGP SIGNATURE- --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
I checked the lists; all my ipv4 relays are there. At the same time, I haven't noticed any issues with network access from any of the addresses, in 5+ years of observations. Doesn't mean that nothing is blocked, just that ppl on my network never attempt to go to places behind the lists. Wondering if someone could be held liable for blocking public access to government resources with no good reason. What happens if you decide to prevent people from accessing an BM SS office, for example? 2015-08-09 12:57 GMT-06:00 Roman Mamedov r...@romanrm.net: On Mon, 10 Aug 2015 06:39:45 +1200 Carlin Bingham c...@viennan.net wrote: Try MX Toolbox's blacklist check[0], it searches over 90 blacklists and you'll find at the very least you're on one of the Tor-specific lists. [0] https://mxtoolbox.com/blacklists.aspx Yeah on precisely one: DAN TOR This DNS blacklist contains ALL tor nodes (both entry and exit nodes) - The tor nodelist is updated every hour automatically from the live tor network. There is no complaint procedure to have an IP address removed from this list as it will be automatically removed once the tor node ceases to run (with a maximum of 1 hour delay). More information about DAN TOR can be found at their website: https://www.dan.me.uk/dnsbl So not several, and not a this IP is a source of spam list, that one is not even a blacklist per se, and those using it as one are incompetent and wrong. In fact I would also categorize the person so helpfully running it as such, since there is no reason whatsoever to track non-exit relays in any kind of a publicly offered blacklist, unless you just want to inflict harm onto the relay operators and get them unfairly blocked from various services. -- With respect, Roman ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- /felis ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
Or just search Google for your relay's IP. You'll find several blacklists that contain it and all the other relays. It's not FUD. Here are some more examples: https://www.dan.me.uk/torlist/ https://github.com/ktsaou/blocklist-ipsets/blob/master/dm_tor.ipset https://github.com/ktsaou/blocklist-ipsets/blob/master/et_tor.ipset https://panwdbl.appspot.com/lists/ettor.txt ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
On Mon, 10 Aug 2015 06:39:45 +1200 Carlin Bingham c...@viennan.net wrote: Try MX Toolbox's blacklist check[0], it searches over 90 blacklists and you'll find at the very least you're on one of the Tor-specific lists. [0] https://mxtoolbox.com/blacklists.aspx Yeah on precisely one: DAN TOR This DNS blacklist contains ALL tor nodes (both entry and exit nodes) - The tor nodelist is updated every hour automatically from the live tor network. There is no complaint procedure to have an IP address removed from this list as it will be automatically removed once the tor node ceases to run (with a maximum of 1 hour delay). More information about DAN TOR can be found at their website: https://www.dan.me.uk/dnsbl So not several, and not a this IP is a source of spam list, that one is not even a blacklist per se, and those using it as one are incompetent and wrong. In fact I would also categorize the person so helpfully running it as such, since there is no reason whatsoever to track non-exit relays in any kind of a publicly offered blacklist, unless you just want to inflict harm onto the relay operators and get them unfairly blocked from various services. -- With respect, Roman signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard flag flapping
So we now have the bandwidth, IP, and dirport of the fastest exits. With this list in hand, I just needed to form a proper URL, wget each one, and grep out the transfer speed: http://37.130.227.133:80/tor/server/all 1.17 MB/s http://176.126.252.11:443/tor/server/all 4.54 MB/s http://176.126.252.12:21/tor/server/all 666 KB/s http://77.247.181.164:80/tor/server/all 111 KB/s http://77.247.181.166:80/tor/server/all 330 KB/s http://195.154.56.44:80/tor/server/all 3.65 MB/s http://77.109.141.138:80/tor/server/all 2.20 MB/s http://96.44.189.100:80/tor/server/all 13.4 MB/s http://197.231.221.211:1080/tor/server/all 347 KB/s http://89.234.157.254:80/tor/server/all 295 KB/s I'm not seeing anything immediately, although I need to run it on a larger set. There's no smoking gun so far though. Some of the speeds are a bit slow, but nothing low enough to explain the extremely low measured bandwidth these relays are getting. The current BW auth measurement results are around 1.0MBit/s for greendream848. I had a couple of measurements in the 300-500KBit/s range. So, if the auths heavily weight towards low individual measurements, things might make sense. Maybe one of the BW auth guys can comment on how the total measurement result is cooked up!? ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard flag flapping
On Sun, Aug 09, 2015 at 12:52:21PM -0700, Green Dream wrote: Some of the speeds are a bit slow, but nothing low enough to explain the extremely low measured bandwidth these relays are getting. Note that the bandwidth weights in the consensus are unitless: they are simply weights, and they only matter relative to the other weights. Thinking of them as an attempt at an estimate of the bandwidth of your relay will lead to confusion and unhappiness. :) I think I'll clean this up a bit, put it into an actual script Great! --Roger ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)
++ 09/08/15 06:44 + - Sharif Olorin: I'd be curious to know if anyone is running a relay that's not logged at all within its own AS; it seems like it'd be out of the reach of most operators, unless they have a friendly employer. Up until now, my host didn't do anything like netflow - but I am pretty sure that will change sooner or later (but even then I don't expect that data to be retained for any more than seconds). -- Rejo Zenger E r...@zenger.nl | P +31(0)639642738 | W https://rejo.zenger.nl T @rejozenger | J r...@zenger.nl OpenPGP 1FBF 7B37 6537 68B1 2532 A4CB 0994 0946 21DB EFD4 XMPP OTR 271A 9186 AFBC 8124 18CF 4BE2 E000 E708 F811 5ACF Signal0507 A41B F4D6 5DB4 937D E8A1 29B6 AAA6 524F B68B 93D4 4C6E 8BAB 7C9E 17C9 FB28 03 signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard flag flapping
A simple test you could run on your server is fetching directory info
from nodes that have directory functionality enabled.
Thanks for the idea. blutmagie offers a CSV list of its current result set,
so this ended up being quite easy to automate.
I fetched a copy of the CSV to the server:
wget https://torstatus.blutmagie.de/query_export.php/Tor_query_EXPORT.csv
Then I picked out the columns I cared about, included only Exits with a
Dirport, then sorted by the bandwidth column, and grabbed the fastest 50:
awk -F \, '{if ($10 == 1 $8 != None) print $3, $5, $8}'
Tor_query_EXPORT.csv | sort -nr | head -50 top-50-exits-with-dirport.txt
That file now looks like:
34994 37.130.227.133 80
33134 176.126.252.11 443
30736 176.126.252.12 21
30720 77.247.181.164 80
26958 77.247.181.166 80
snip
So we now have the bandwidth, IP, and dirport of the fastest exits. With
this list in hand, I just needed to form a proper URL, wget each one, and
grep out the transfer speed:
for URL in $(awk '{print http://; $2 : $3 /tor/server/all}'
top-50-exits-with-dirport.txt); do printf $URL wget $URL -O /dev/null
21 | grep -o [0-9.]\+ [KM]*B/s; done
The output ends up looking like this (only displaying the first 10 for
brevity):
http://37.130.227.133:80/tor/server/all 1.17 MB/s
http://176.126.252.11:443/tor/server/all 4.54 MB/s
http://176.126.252.12:21/tor/server/all 666 KB/s
http://77.247.181.164:80/tor/server/all 111 KB/s
http://77.247.181.166:80/tor/server/all 330 KB/s
http://195.154.56.44:80/tor/server/all 3.65 MB/s
http://77.109.141.138:80/tor/server/all 2.20 MB/s
http://96.44.189.100:80/tor/server/all 13.4 MB/s
http://197.231.221.211:1080/tor/server/all 347 KB/s
http://89.234.157.254:80/tor/server/all 295 KB/s
I'm not seeing anything immediately, although I need to run it on a larger
set. There's no smoking gun so far though. Some of the speeds are a bit
slow, but nothing low enough to explain the extremely low measured
bandwidth these relays are getting. I think I'll clean this up a bit, put
it into an actual script, and try running it on another server on a
different AS for comparison.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
On 10 Aug 2015, at 04:57 , Roman Mamedov r...@romanrm.net wrote: On Mon, 10 Aug 2015 06:39:45 +1200 Carlin Bingham c...@viennan.net wrote: Try MX Toolbox's blacklist check[0], it searches over 90 blacklists and you'll find at the very least you're on one of the Tor-specific lists. [0] https://mxtoolbox.com/blacklists.aspx Yeah on precisely one: DAN TOR This DNS blacklist contains ALL tor nodes (both entry and exit nodes) - The tor nodelist is updated every hour automatically from the live tor network. There is no complaint procedure to have an IP address removed from this list as it will be automatically removed once the tor node ceases to run (with a maximum of 1 hour delay). More information about DAN TOR can be found at their website: https://www.dan.me.uk/dnsbl So not several, and not a this IP is a source of spam list, that one is not even a blacklist per se, and those using it as one are incompetent and wrong. In fact I would also categorize the person so helpfully running it as such, since there is no reason whatsoever to track non-exit relays in any kind of a publicly offered blacklist, unless you just want to inflict harm onto the relay operators and get them unfairly blocked from various services. I just asked the operator of the DAN TOR blocklists to make it easier for people to use the exit-only blocklist, and link to the relevant Tor FAQs so they can make an informed decision. I'll let you know if he responds. Begin forwarded message: From: teor teor2...@gmail.com Subject: Tor Blocklist Confusion Date: 10 August 2015 13:42:26 AEST To: m...@dan.me.uk Hi Dan, It appears that a number of website operators are using the .tor.dan.me.uk blocklist to block website access from the entire Tor network. It appears that they are doing this by mistake, because they are confusing the .tor.dan.me.uk and .torexit.dan.me.uk blocklists (or don't know which one to choose). Could you make some changes to the blocklist page to avoid this happening in future? [I have personally experienced the Apple Support Forums and various other sites blocking non-exit relay IPs. Other Tor relay operators complain about this regularly on the tor-relays mailing list. (One operator even questions why the full Tor network blocklist exists in the first place.) See the thread https://lists.torproject.org/pipermail/tor-relays/2015-August/007595.html ] If you are willing, the following changes could make it easier for website operators to choose the appropriate list: 1. Place the .torexit.dan.me.uk blocklist at the top of the page, above the .tor.dan.me.uk blocklist. 2. Explain that by blocking Tor exits, you will block normal people who use Tor to protect their privacy https://www.torproject.org/about/torusers.html.en 3. Provide a link to the Tor Project's FAQ about blocking Tor nodes at https://www.torproject.org/docs/faq-abuse.html.en#Bans 4. Explain that using the .tor.dan.me.uk blocklist will block Tor nodes that don't allow outbound connections (non-Exit nodes), and that there is typically no reason to do this, and direct users to the .torexit.dan.me.uk blocklist instead. (The current think carefully doesn't provide enough information for people to make an informed decision, particularly if they aren't familiar with Tor.) 5. Link to the Tor Project FAQ on Exit Policies at https://www.torproject.org/docs/faq.html.en#ExitPolicies (A more radical change could be to rename or remove the .tor.dan.me.uk blocklist. This would help avoid confusion and misuse, but would break current setups - so I can't imagine this being an option for you.) Thank you for considering my request Tim (teor) Tim Wilson-Brown (teor) teor2345 at gmail dot com pgp ABFED1AC https://gist.github.com/teor2345/d033b8ce0a99adbc89c5 teor at blah dot im OTR D5BE4EC2 255D7585 F3874930 DB130265 7C9EBBC7 signature.asc Description: Message signed with OpenPGP using GPGMail ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] clarification on what Utah State University exit relays store (360 gigs of log files)
I would expect most US universities to be logging netflow in the very least. Even if the Tor operator isn't keeping logs, it seems safe to assume the network operator is. I'd be surprised if it was different for non-US universities - I'd expect this to be the case for every university with its own AS, and probably most without. It's not specific to universities either; it would be a rare ISP that doesn't retain netflow for traffic accounting purposes. It's often somewhat aggregated, but to varying degrees - the last such system I worked on was designed to retain indefinitely at sub-minute granularity for training/crossvalidation of network anomaly detection. I'd be curious to know if anyone is running a relay that's not logged at all within its own AS; it seems like it'd be out of the reach of most operators, unless they have a friendly employer. Sharif -- OpenPGP: 6FB7 ED25 BFCF 3E22 72AE 6E8C 47D4 CE7F 6B9F DF57 signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Guard flag flapping
Thanks for running the tests. Which exit nodes led to poor performance? I would like to try to reproduce any performance problems. I did not record the nodes (they were in Europe). A simple test you could run on your server is fetching directory info from nodes that have directory functionality enabled. wget http://relay IP:dir port/tor/server/all e.g.: wget http://176.126.252.11:443/tor/server/all You can get a bandwidth-sorted list of nodes at: https://torstatus.blutmagie.de/ There is a column that has the directory port. How would you measure performance between my node and a given exit without being influenced by the properties of the middle relay? You can only set me as an entrynode, and you can't pick a specific middle, You are wrong. :-) You can build arbitrary circuits by hand. There are libraries like Stem, Txtorcon, TorCtl and there is a text based, SMTP-like protocol that you can use directly: https://gitweb.torproject.org/torspec.git/tree/control-spec.txt so how would you know that the low performance was my node and not the random middle relay? Your node would be a non-random middle relay. The bandwidth auths probably downrate the measurement results of your server severely because of those slow connections. Probably? How can we investigate further? AFAIK, the raw bandwidth auth measurements are not published, only the total result. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] I.P. being Blocked?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 [Sorry about that - that message was supposed to be *signed*, not encrypted.] On 08/09/2015 12:52 PM, Kurt Besig wrote: Without going into any detail at this point I'm wondering if others, running a simple middle relay, have encountered any governmental harassment as a direct result of running a relay. The blocking of state agencies e.g, CA.SDI.gov, CA.DMV.gov? Are you running a relay on your home network connection? That is discouraged for a whole bunch of reasons, one of which is that several this IP is a source of spam blacklists indiscriminately list _all_ Tor relays, whether or not they are exit nodes. This in turn causes random websites to block non-Tor access from the same address. California's government services' IT department is probably subscribing to one of those blacklists, and that's probably out of ignorance rather than malice (the blacklists in question bill themselves as more comprehensive than others). zw -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJVx4eNAAoJEJH8wytnaapkBmwQAJWN7NvxaaFGfeweVq3211zY +r28jqBodkUFCBNK2kVICC82CEVTdocgkLFuksNy1JXPPbpDG3QH/TZGQ6nd1oDf 8dlPnhltjAHbMfsK8ryH+tlqHZ/G8MsQhH9uZ2EYw0BoDzfEhzYSJf2QM3qq8+e8 3kl9tOa3smDD1KENkn7kEPYlz6RZAuxKFhYieabrJXXV7FP/miMsQroZ8+Vws8JX s80uzRyrnMSUdRRSCWLtW9HADA8xNV4eSFaQ1WzlygWkp010tvXpd3hpaJYxsS0w uLqOl0SIJYLEa/9nc63iO8huI1kYS0BndeqF4+cf077bKrSKQ1waNkyHlygsfVmV BCHLfid1UPknLdkF7WFDBoL9puzvJN+m8nl7x93vXELM5WSPSzGt2MWy/Gnh/YGT rHwx9QSWKJH54xVLaLjsruICsL+eOQ//M1SWdzcWze4hdmtRQAN3SjOPLA2eH0TX gv17YkkTJejh6rh3tIf79Dhn/3igyOfID4pa1cQWWL5JwS6xIbZGYNFAwEu14Ill oZXXNpND48M4X9ISSDDM7ab+8oWf5H1S3yi92QCPxlksZqG6lCUBoGzDImjF+q0G RDecVt2GZiykOWPttdfZYPdCaNWlPQB+gcuCV8XfBq0i34zHUHzHaeaZrhQeEeXO 0QjewKTaKB511efCSia0 =EScV -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
