Re: [tor-relays] Legal status of operating Tor exit in UK?
On Tue, Sep 8, 2015 at 9:04 PM, Jonathan Baker-Bates < jonat...@bakerbates.com> wrote: > So does anyone know of any reliable source of information on running Tor > exits in the UK? > No but I run several UK based Tor exits and have had little issue other than the usual abuse reports, that said the relays in question are operated by a separate legal entity that is it's own ISP (RIR allocation / ASN etc). What would happen if my ISP pressed me to monitor my traffic, and I refused > on legal grounds? I'm not suggesting I actually do that, or that there are > even any legal grounds to refuse. > IANAL but to elaborate on something that Thomas said there is also a consideration of the Regulation of Investigatory Powers Act, the Data Retention and Investigatory Powers Act and Counter Terrorism and Security Act. Starting with RIPA s1. > It shall be an offence for a person intentionally and without lawful > authority to intercept, at any place in the United Kingdom, any > communication in the course of its transmission by means of— > > (a)a public postal service; or > > (b)a public telecommunication system. > RIPA s2. defines interception; > (2)For the purposes of this Act, but subject to the following provisions > of this section, a person intercepts a communication in the course of its > transmission by means of a telecommunication system if, and only if, he— > > (a)so modifies or interferes with the system, or its operation, > > (b)so monitors transmissions made by means of the system, or > > (c)so monitors transmissions made by wireless telegraphy to or from > apparatus comprised in the system, > > as to make some or all of the contents of the communication available, > while being transmitted, to a person other than the sender or intended > recipient of the communication. > Finally an act is unlawful if it falls foul of s1 (5); > (5) Conduct has lawful authority for the purposes of this section if, and > only if— > > (a) it is authorised by or under section 3 or 4; > > (b) it takes place in accordance with a warrant under section 5 (“an > interception warrant”); or > > (c) it is in exercise, in relation to any stored communication, of any > statutory power that is exercised (apart from this section) for the purpose > of obtaining information or of taking possession of any document or other > property; > So it would seem that RIPA (which is due to be replaced in the next couple of months by the Investigatory Powers Bill) says that you are not allowed to intercept data. Moving on to the Data Retention and Investigatory Powers Act (and by extension the Counter Terrorism and Security Act) there is s1. of DRIPA which says; The Secretary of State may by notice (a “retention notice”) require a > public telecommunications operator to retain relevant communications data > if the Secretary of State considers that the requirement is necessary and > proportionate for one or more of the purposes falling within paragraphs (a) > to (h) of section 22(2) of the Regulation of Investigatory Powers Act 2000 > (purposes for which communications data may be obtained s2. defines a telecommunications operator; “public telecommunications operator” means a person who— > (a) controls or provides a public telecommunication system, or > (b) provides a public telecommunications service; > > “public telecommunications service” and “public telecommunication system” > have the meanings given by section 2(1) of the Regulation of Investigatory > Powers Act 2000; > Section 2(1) of RIPA has many definitions but this one closest applies to Tor; “telecommunication system” means any system (including the apparatus > comprised in it) which exists (whether wholly or partly in the United > Kingdom or elsewhere) for the purpose of facilitating the transmission of > communications by any means involving the use of electrical or > electro-magnetic energy. > So, the Secretary of State or the Police can serve you a retention notice or an interception warrant *allowing* you to intercept data, past that point you can probably point to RIPA and say it'd be illegal. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Experience hosting exit relay with Costa Rica Servers: crservers.com
On 09/08/2015 12:14 PM, Patrick O'Doherty wrote: > I received the following response from them: > >> We do not discriminate on the use of any protocol among our customers. >> Nevertheless, if we get complains or any type of pressure from public or >> private >> entities for illegal activity occurring in your server, we will have to >> suspend >> service. >> You will be immediately contacted about any issue that arises. This explanation is marvelously vague. > so it would appear that they're not too friendly about hosting exit > relays. I've asked if they can forward all abuse complains to be instead > of immediately terminating service, but I'm not too hopeful. My hunch is that they just don't want to deal with the complaints and legal & administrative overhead -it's more cost-effective just to cut you off. When I first set up Tor some years ago I briefly ran it as an exit node, having sent an explanatory e-mail to my ISP, but I very quickly learned that once they receive a DMCA notice they cut you off at the knees, whereupon you're dealing with "help" desk morons working from a very strict script. Best to run an exit node from a corporate set-up with the legal boilerplate already in place. 0xDD79757F.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Experience hosting exit relay with Costa Rica Servers: crservers.com
On 9 September 2015 at 01:28, I wrote: > " we will have to suspend service. You will be immediately contacted about > any issue that arises." > > Doesn't their statement say they will only suspend the exit to talk to you > about what to do? I think that matches "not too friendly", it would be much better if they talked before suspending rather than after... ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Experience hosting exit relay with Costa Rica Servers: crservers.com
" we will have to suspend service. You will be immediately contacted about any issue that arises." Doesn't their statement say they will only suspend the exit to talk to you about what to do? Robert ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Legal status of operating Tor exit in UK?
The server is theirs so they can say what happens on it. You only use it with their agreement.You don't have to agree to anything if you don't want to but the alternative is to stop using their server.As it would be against TOR's reason for living to monitor traffic the choice is obvious.When I have been in the same situation I have asked for more detail to thwart the problem because it is in both our interests to stop it. They then are told I have blocked ports which should stop that traffic and they are happy and leave me alone.I always say my effort is at my expense to help people in need of privacy and that I will do what is necessary to keep the exit going and they appreciate that - usually.Robert ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Legal status of operating Tor exit in UK?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sorry to respond to this late, but some advice I received from my legal team not long ago might help on this. I apologise in advance that I won't be able to disclose the whole letter of it but some of the stuff contained within it is legally privileged and very sensitive. - From the analysis of my solicitor, there is never a compulsion element as others have explained - no person other than a court of law may ever arbitrarily force anything upon you. However, of course some things do conflict with contractual agreements and whatnot which can jeopordise service. For example payment - nobody can force you to pay for a service but they can cease to uphold their end of an agreement and ask the court to order owed payments be made. The danger my legal team found from ISP level monitoring of this kind is that by retaining or "sniffing" traffic from a public service like Tor, you are putting yourself under the legislations of commercial enterprises such as the Data Protection Act and so forth, and it is an industry recommendation that in such cases you hold appropriate insurance and in some cases, require authorisation in advance from the ICO to do so since there would be a conflict with the article 8 rights in the EU Human Rights convention. Furthermore, to retain or otherwise collect possibly sensitive or personal information, there must be informed consent and the burden of proof would be on you to therefore prove you obtained consent to take such data. Thus there is no way within the Tor protocol to obtain such consent, therefore under UK and EU law you might be lining yourself up for very severe civil and criminal fallout by retaining the data. This may sound quite extreme, but the short answer from my legal team who investigated this quite extensively was do not ever retain the data unless you can prove you had consent, or you may one day find yourself at the sharp end of a very big legal stick. If your ISP wants you to retain data, it is probably worth asking if they can reimburse your insurance expenses and any further legal expense incurred when seeking independent (and qualified) legal advice. Lastly, I am not a legal professional, I am merely relaying information provided to me from my own legal team - so don't rely on this too much since there are too many factors that could be at play and not accounted for when I mention the above. That said, I hope it is a useful starting point for you. Tom On 08/09/2015 23:54, Jonathan Baker-Bates wrote: > The ISP is Jump Networks, with whom I have a co-location in their > Telehouse suite. I'd recommend them highly otherwise, but somewhat > unexpectedly, they're using the bad traffic report as an > opportunity to engage me in a rather philosophical debate about > Tor. It's interesting to hear their opinions on topics such as how > they think most Tor nodes are compromised to drop malware on > clients that use them; that there is probably little privacy to be > had using Tor because most exits are run by government agencies, > and that in their view anyone using Tor to anonymise their traffic > is being naive. But the main message I'm hearing is that they have > a problem with Tor, not necessarily anything to do with legal > issues in fact, come to think of it. > > So it's a delicate situation really. > > When you say ask for static IP, I have that - in fact the node runs > on a dedicated VM that's on the physical server, and has suitably > clear reverse DNS entry, etc. No SWIP though. > > I think I might just get back to them and see if they can clarify > their policy. I don't want to monitor traffic, if only because the > Tor project warns again it. The ISP may of course say their policy > is to shut down my exit, in which case, well ... I feel honoured to > have contributed to Tor for the last six years. > > Jonathan > > > On 8 September 2015 at 23:24, Billy Humphreys > mailto:pokeacer...@outlook.com>> wrote: > > Which ISP is it? I'm a fellow UK person, but I don't use a UK > VPS/ISP for this. Tell them that you are an advocate for > anonyminity, and that you refuse to monitor traffic. No ISP can > force you to do that (they have black boxes to do this shit anyway) > - You can use https://exonerator.torproject.org/ to prove that you > were an exit relay at the time. They want you to put Snort IDS on > it because it QoS'es your internet, and Tor may cause a > false-alarm. So you can tell them this, and ask if they'd consider > a static IP, SWIP, and all that stuff so that you deal with the > emails yourself, and you just send them the big template to stop > them. > > When I briefly ran one on my ISP network, we got no letters > complaining (I'm with British Telecom/BT), and they can't make you > do anything, remember this. --Billy > > On 08/09/2015 21:04, Jonathan Baker-Bates wrote: >> I run an exit node with an ISP who initially indicated they >> would not have a problem with Tor as long as I was tr
Re: [tor-relays] Legal status of operating Tor exit in UK?
The ISP is Jump Networks, with whom I have a co-location in their Telehouse suite. I'd recommend them highly otherwise, but somewhat unexpectedly, they're using the bad traffic report as an opportunity to engage me in a rather philosophical debate about Tor. It's interesting to hear their opinions on topics such as how they think most Tor nodes are compromised to drop malware on clients that use them; that there is probably little privacy to be had using Tor because most exits are run by government agencies, and that in their view anyone using Tor to anonymise their traffic is being naive. But the main message I'm hearing is that they have a problem with Tor, not necessarily anything to do with legal issues in fact, come to think of it. So it's a delicate situation really. When you say ask for static IP, I have that - in fact the node runs on a dedicated VM that's on the physical server, and has suitably clear reverse DNS entry, etc. No SWIP though. I think I might just get back to them and see if they can clarify their policy. I don't want to monitor traffic, if only because the Tor project warns again it. The ISP may of course say their policy is to shut down my exit, in which case, well ... I feel honoured to have contributed to Tor for the last six years. Jonathan On 8 September 2015 at 23:24, Billy Humphreys wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Which ISP is it? I'm a fellow UK person, but I don't use a UK VPS/ISP > for this. Tell them that you are an advocate for anonyminity, and that > you refuse to monitor traffic. No ISP can force you to do that (they > have black boxes to do this shit anyway) - You can use > https://exonerator.torproject.org/ to prove that you were an exit > relay at the time. > They want you to put Snort IDS on it because it QoS'es your internet, > and Tor may cause a false-alarm. So you can tell them this, and ask if > they'd consider a static IP, SWIP, and all that stuff so that you deal > with the emails yourself, and you just send them the big template to > stop them. > > When I briefly ran one on my ISP network, we got no letters > complaining (I'm with British Telecom/BT), and they can't make you do > anything, remember this. > - --Billy > > On 08/09/2015 21:04, Jonathan Baker-Bates wrote: > > I run an exit node with an ISP who initially indicated they would > > not have a problem with Tor as long as I was transparent about > > what I was doing, and ran a sufficiently reduced exit policy. > > > > They have now sent me evidence of malicious traffic coming from the > > exit. I don't think they've had any 3rd party complaints about this > > traffic, but they have expressed various misgivings about Tor in > > general. They now also want me to consider running Snort IDS on the > > outgoing traffic. > > > > I don't intend to monitor my traffic. But it occurs to me I don't > > know whether my ISP needs to be worried about it or not. The last > > one wasn't, so why them? > > > > I've asked the EFF about the legal situation in the UK, who passed > > me to the Open Rights Group. They've not replied to my enquiry as > > of three weeks ago. > > > > So does anyone know of any reliable source of information on > > running Tor exits in the UK? What would happen if my ISP pressed > > me to monitor my traffic, and I refused on legal grounds? I'm not > > suggesting I actually do that, or that there are even any legal > > grounds to refuse. In fact right now I'm resigned to closing down > > the node if my ISP turns up the heat. They probably have me by the > > balls. > > > > But I'm at least curious, and can't immediately find any > > information about things like public carrier status, or traffic > > monitoring conducted by people like me when it's done in the > > context of onion routing. > > > > Thanks in advance for any help. > > > > > > > > > > ___ tor-relays mailing > > list tor-relays@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > -BEGIN PGP SIGNATURE- > Version: GnuPG v2 > > iQIcBAEBCAAGBQJV72AGAAoJEHukJMVt72wmGSQP/0XXvO/rh4EI9I4mFe30xl3Z > R9ECRq0fi6ahW2enmo49+clt6FAtdX+jNIKlbbMynhbO5P/LFzPdmHeCHuEO9+kj > Ob0egon8NKYjlaIpPTUSJkgI6sZEGIsSfdKs3Q0m8KstTW9+QssDD2jKJPF0a/VD > ffXwuuHIeOEJcM52s1Wla2MEaV5910/iFLQ+GMG39p/0LsEXH4D9roe5dYn3nGBj > uII8eBVOuWtI67LcNothxzoffvgQiSV7A5HKbQ9TC6xEuU+Q4xVCVuJfbIqdDFFt > Udc4roM/LSkka/aAbjhn5+RKT4kopbZ9nAPWXT+Dpy+uDA5+Mw6AUIDMH9qtWx4l > KV29p5L1FKU4h1XCGcNzix/u0UNYXgdT/dULlCzj1Fasq3yINDFBhUAEJ0XmjJPw > Mu6UpCGqzGM0LKm6NYhU9BOoFNU1Qi1fxR1+AZ7qHycYKeOYP0iAUGdMeo3E6AuT > gwrSSrQL8wC47isQIvFbbsR0Vct7eOC8YHN+fKr5aPVcwgmttDlSUC8b152DVTyM > rRtgqulZ95yaI5Yn7sxV1WKLNtrsl7S+Ja12mzidFTc7mnCF28rE/7FEKo9y2OgG > hgwRj1dkUFAGgl7vQGRrephHyIVDqAvazn7qB3AoBlyWAWpag5dpPjIgoz9XRaSu > 8cg9obSLAOmVjoFvXVUF > =P4LP > -END PGP SIGNATURE- > ___ > tor-relays mailing list > tor-relays@lists.tor
Re: [tor-relays] Legal status of operating Tor exit in UK?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Which ISP is it? I'm a fellow UK person, but I don't use a UK VPS/ISP for this. Tell them that you are an advocate for anonyminity, and that you refuse to monitor traffic. No ISP can force you to do that (they have black boxes to do this shit anyway) - You can use https://exonerator.torproject.org/ to prove that you were an exit relay at the time. They want you to put Snort IDS on it because it QoS'es your internet, and Tor may cause a false-alarm. So you can tell them this, and ask if they'd consider a static IP, SWIP, and all that stuff so that you deal with the emails yourself, and you just send them the big template to stop them. When I briefly ran one on my ISP network, we got no letters complaining (I'm with British Telecom/BT), and they can't make you do anything, remember this. - --Billy On 08/09/2015 21:04, Jonathan Baker-Bates wrote: > I run an exit node with an ISP who initially indicated they would > not have a problem with Tor as long as I was transparent about > what I was doing, and ran a sufficiently reduced exit policy. > > They have now sent me evidence of malicious traffic coming from the > exit. I don't think they've had any 3rd party complaints about this > traffic, but they have expressed various misgivings about Tor in > general. They now also want me to consider running Snort IDS on the > outgoing traffic. > > I don't intend to monitor my traffic. But it occurs to me I don't > know whether my ISP needs to be worried about it or not. The last > one wasn't, so why them? > > I've asked the EFF about the legal situation in the UK, who passed > me to the Open Rights Group. They've not replied to my enquiry as > of three weeks ago. > > So does anyone know of any reliable source of information on > running Tor exits in the UK? What would happen if my ISP pressed > me to monitor my traffic, and I refused on legal grounds? I'm not > suggesting I actually do that, or that there are even any legal > grounds to refuse. In fact right now I'm resigned to closing down > the node if my ISP turns up the heat. They probably have me by the > balls. > > But I'm at least curious, and can't immediately find any > information about things like public carrier status, or traffic > monitoring conducted by people like me when it's done in the > context of onion routing. > > Thanks in advance for any help. > > > > > ___ tor-relays mailing > list tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJV72AGAAoJEHukJMVt72wmGSQP/0XXvO/rh4EI9I4mFe30xl3Z R9ECRq0fi6ahW2enmo49+clt6FAtdX+jNIKlbbMynhbO5P/LFzPdmHeCHuEO9+kj Ob0egon8NKYjlaIpPTUSJkgI6sZEGIsSfdKs3Q0m8KstTW9+QssDD2jKJPF0a/VD ffXwuuHIeOEJcM52s1Wla2MEaV5910/iFLQ+GMG39p/0LsEXH4D9roe5dYn3nGBj uII8eBVOuWtI67LcNothxzoffvgQiSV7A5HKbQ9TC6xEuU+Q4xVCVuJfbIqdDFFt Udc4roM/LSkka/aAbjhn5+RKT4kopbZ9nAPWXT+Dpy+uDA5+Mw6AUIDMH9qtWx4l KV29p5L1FKU4h1XCGcNzix/u0UNYXgdT/dULlCzj1Fasq3yINDFBhUAEJ0XmjJPw Mu6UpCGqzGM0LKm6NYhU9BOoFNU1Qi1fxR1+AZ7qHycYKeOYP0iAUGdMeo3E6AuT gwrSSrQL8wC47isQIvFbbsR0Vct7eOC8YHN+fKr5aPVcwgmttDlSUC8b152DVTyM rRtgqulZ95yaI5Yn7sxV1WKLNtrsl7S+Ja12mzidFTc7mnCF28rE/7FEKo9y2OgG hgwRj1dkUFAGgl7vQGRrephHyIVDqAvazn7qB3AoBlyWAWpag5dpPjIgoz9XRaSu 8cg9obSLAOmVjoFvXVUF =P4LP -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Legal status of operating Tor exit in UK?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hello, I am not from UK so I am also not familiar with the legislation there, but running an exit should be perfectly fine. Your ISP cannot "press" you to do anything! Only a govt. authority or law enforcement authority or judge can legally press you to do something ,and you really have to do it. The ISP doesn't have any power over you, regardless, worst case scenario they can suspend your service if they forbid Tor in their terms of usage and you have agreed to them when you subscribed. But that's all. The evidence of malicious traffic coming from your exit is a false positive, and you should explain that to them. Your server does not send any traffic of its own, unless not compromised, it just relays anonymous traffic for Tor users (kind of an open proxy) which you do not initiate, monitor or control therefor you cannot be held liable for it. On 9/8/2015 11:04 PM, Jonathan Baker-Bates wrote: > I run an exit node with an ISP who initially indicated they would > not have a problem with Tor as long as I was transparent about > what I was doing, and ran a sufficiently reduced exit policy. > > They have now sent me evidence of malicious traffic coming from the > exit. I don't think they've had any 3rd party complaints about this > traffic, but they have expressed various misgivings about Tor in > general. They now also want me to consider running Snort IDS on the > outgoing traffic. > > I don't intend to monitor my traffic. But it occurs to me I don't > know whether my ISP needs to be worried about it or not. The last > one wasn't, so why them? > > I've asked the EFF about the legal situation in the UK, who passed > me to the Open Rights Group. They've not replied to my enquiry as > of three weeks ago. > > So does anyone know of any reliable source of information on > running Tor exits in the UK? What would happen if my ISP pressed > me to monitor my traffic, and I refused on legal grounds? I'm not > suggesting I actually do that, or that there are even any legal > grounds to refuse. In fact right now I'm resigned to closing down > the node if my ISP turns up the heat. They probably have me by the > balls. > > But I'm at least curious, and can't immediately find any > information about things like public carrier status, or traffic > monitoring conducted by people like me when it's done in the > context of onion routing. > > Thanks in advance for any help. > -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJV71h7AAoJEIN/pSyBJlsR1i4H/29sfK9UjOkQXmNwkC+nUMRn AQBtmedG2pj0ZtBaDSeJrmcAzoTNrqOtWnW7X4zQMqdeudF0OC5f55Y6jv5qpX2w /kE6C1f6+sbvAbQDNlNPkt45LlkChiqawQOBzowtnBkjYkRQ315lO0ofwTlSfeBs OYG6CEURMofq1mRdT2lqe1QFPGI0aAUfxiB6eGVl7w5L3ldFq0OUJ7PzBqWuB0U8 vMjjoad5Phchn3k035UjefKoXfAho0NHr08NS4+3Gz8jTFbRUv4O3nfx8WQgi10y BzSvU6jmoBZmMDy81dcAti74UQ55hDH9h1NmFxviwi3PHQPVCa09RmrsJNh9ZRY= =2g/H -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Legal status of operating Tor exit in UK?
I run an exit node with an ISP who initially indicated they would not have a problem with Tor as long as I was transparent about what I was doing, and ran a sufficiently reduced exit policy. They have now sent me evidence of malicious traffic coming from the exit. I don't think they've had any 3rd party complaints about this traffic, but they have expressed various misgivings about Tor in general. They now also want me to consider running Snort IDS on the outgoing traffic. I don't intend to monitor my traffic. But it occurs to me I don't know whether my ISP needs to be worried about it or not. The last one wasn't, so why them? I've asked the EFF about the legal situation in the UK, who passed me to the Open Rights Group. They've not replied to my enquiry as of three weeks ago. So does anyone know of any reliable source of information on running Tor exits in the UK? What would happen if my ISP pressed me to monitor my traffic, and I refused on legal grounds? I'm not suggesting I actually do that, or that there are even any legal grounds to refuse. In fact right now I'm resigned to closing down the node if my ISP turns up the heat. They probably have me by the balls. But I'm at least curious, and can't immediately find any information about things like public carrier status, or traffic monitoring conducted by people like me when it's done in the context of onion routing. Thanks in advance for any help. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Vultr disallowing exit relays
I have just been informed by Vultr that they now do not tolerate exit relays. The wiki[0] suggested they were a good host for exits, and vultr's staff confirmed to me at the start of the year that exits are fine. They appear to have changed their mind. [0] https://trac.torproject.org/projects/tor/wiki/doc/ISPCorrespondence#Vultr -- Carlin ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Message from my relay
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Ok, good to hear you got it sorted! I suggest installing arm, as it can help with a lot. You could also access it locally, or set a password/cookie and use that instead. Best wishes on your Tor relay, Billy. On 08/09/2015 18:32, DARKNET.IT wrote: > Dear Billy, thanks for reply. The problem seems to be solved. My > relay is only root and I haven't installed arm. I have only debian > wheezy (server) and tor. Internet band is very good 100 Mb/s. I > have made a test and the net in my misuration was 160 Mb/s. The > server is a dual core with few ram 512 mega. I have more 400 mega > free. No more problem at this moment. This machine is only a router > (relay) server. I have read that more ram is necessary. At this > moment don't seems necessary. A big hug to all of you from Italy. > > Il 08/09/2015 17:36, Billy Humphreys ha scritto: >> Are you using an old version of Tor? You should be on 0.2.x Even >> if you're not using a RasPi, this may help: >> http://tor.stackexchange.com/questions/6134/tor-dying-on-raspberry-pi - -circuit-creation-storm-out-of-memory >> >> >> It seems that Tor kills itself due to memory issues... Or, you're >> getting attacked, maybe advertise it on 80 but bind to 9030? >> >> On 08/09/2015 13:09, DARKNET.IT wrote: >>> I need help to solve this message: possible syn flooding on >>> port 80. sending cookies. check snmp counters Port 80 is the >>> ORPort of the relay. Thanks for reply >>> >>> >>> >>> ___ tor-relays >>> mailing list tor-relays@lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >>> >> >>> ___ tor-relays mailing >> list tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > ___ tor-relays mailing > list tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJV7y8fAAoJEHukJMVt72wmCq0QAKI8R1qx3g+I4lfJNqJXGJNk T587YH8oSBbrnpAbSltVqx2ST/fLXnCV5GhDentnG07xa0H6iRRkXys6aiO6fRbl ZEHsb8+hGGBEP2RbITUD927Uj7ecGFZ72oZmkIR83/09e0HYhRETFPJStBQQtwJR LLWyJuHGEP8ctH0TjkR9KmwGMo4SHH1ASbtpKq4uPUS2YnLgOoFyQxMvrXSH+5q2 Ws6bUzMd6wd54IgpWTo5/oRndK9Z/OmZGi1CfpVgkAsyb6MVPVIUqMldCFf4vSZ1 CHWV1s31lMgnuK4OEbl1gdyMCU1exCePTXgHzn+nApXscFs93Xpb4PJdKejS3DHH R4OOFhyv5s5AIPHFuIl+73ELfH8Am9M73aF8S28Pndx8YEUCn7rAaQJqsnA17vJt LgkBAizk7l5Gonxm98v3wRi2Xw5h8gnfcKgg0oxFHm8McN1qr9jq5RAQADt6lga4 sCdS4LKqT7aztduwgQ5MjeBalnWP8uoYu7jL8mZ5cXE/2CQQXyTjRI6URm4oEnwS NgKQ+j4bnxO9vjWd04foXdRxn4TCRpBKLn27UP+HZMqif+phxDGiVvBda6GBFAQS 3QfQliCK7wecmJX4TH6tHZ7PA7WaDYX/sUTHz/gKAlA/2USLphzg/w5NjPevyeQv t8qld2EawmmgaYcsLI0a =Ifgw -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Experience hosting exit relay with Costa Rica Servers: crservers.com
I received the following response from them: > We do not discriminate on the use of any protocol among our customers. > Nevertheless, if we get complains or any type of pressure from public or > private > entities for illegal activity occurring in your server, we will have to > suspend > service. > You will be immediately contacted about any issue that arises. so it would appear that they're not too friendly about hosting exit relays. I've asked if they can forward all abuse complains to be instead of immediately terminating service, but I'm not too hopeful. p Patrick O'Doherty: > hey all, > > I'm looking to host an exit relay in a country with a low node count. I > came across crservers.com[0] via exotic VPS, and am considering using > them to host a small exit node to start out. > > A quick glance at their ToS for VPS services[1] indidicates that their > policies are pretty strict, but figured it'd be worth asking the list to > see if anyone had personal experience with them before I rule them out. > I've also contacted them about this. > > cheers, > > p > > [0] - https://crservers.com > [1] - https://www.crservers.com/downloads/SHARED-SERVER-CONTRACT.pdf > signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Message from my relay
Dear Billy, thanks for reply. The problem seems to be solved. My relay is only root and I haven't installed arm. I have only debian wheezy (server) and tor. Internet band is very good 100 Mb/s. I have made a test and the net in my misuration was 160 Mb/s. The server is a dual core with few ram 512 mega. I have more 400 mega free. No more problem at this moment. This machine is only a router (relay) server. I have read that more ram is necessary. At this moment don't seems necessary. A big hug to all of you from Italy. Il 08/09/2015 17:36, Billy Humphreys ha scritto: > Are you using an old version of Tor? You should be on 0.2.x Even if > you're not using a RasPi, this may help: > http://tor.stackexchange.com/questions/6134/tor-dying-on-raspberry-pi-circuit-creation-storm-out-of-memory > > It seems that Tor kills itself due to memory issues... Or, you're > getting attacked, maybe advertise it on 80 but bind to 9030? > > On 08/09/2015 13:09, DARKNET.IT wrote: >> I need help to solve this message: possible syn flooding on port >> 80. sending cookies. check snmp counters Port 80 is the ORPort of >> the relay. Thanks for reply >> >> >> >> ___ tor-relays >> mailing list tor-relays@lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> > ___ tor-relays mailing > list tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Relay Stats
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I've sent and received almost 10GB and I've only been up for 2 days. I was first a exit relay, then non-exit (so many blue outbounds!) now I'm a exit relay again. Here's my ARM message: Tor's uptime is 1 day 18:00 hours, with 31 circuits open. I've sent 9.69 GB and received 9.35 GB. -BEGIN PGP SIGNATURE- Version: GnuPG v2 iQIcBAEBCAAGBQJV7wGNAAoJEHukJMVt72wm83QP/RJpihJTntgCXAMJQZW48CDT oX7Z1SVFDQnfkzgW67JmZmoyOSVjgmuBLXdsdICB/kvI8+58HA5Hj0kJiCyN3m0K IeEMXiUaY+yajg6TggZ/lXVAbpp5T3Vd12RNsXQlwHna6rxKLwySxKSpdjR9HZgt ei4MotC7j6wor2hoIsMftuqKSmKicjrnnlfEt/H0dZ2+qCqZ4RUsLu+TC7m1EMwc uBL6d7GYgroaTQ6VH0QybYzJzhEAFPG4AaQzg4OVNPe3h+Af+FhKuvRpIoG0yZSl PfUP5K1lfKcGGh+KLMeCqVawQbUTZJXxcTtDpio6I6O+T0QdUas2ts0pE/cI0JxE eKITCq9Va13xj99/f3qV8R7gXhPTgNmwPVyRCk2dO1gUfKMkX94ScwTrNTxXb7Gy vD6ofnfmAh0OGA5rjfaKTCrsPWD9lFErAva1OeTVaxmxVZFap0tKykgNp2HeBIeS nQiHaujIEyJsu4WJTyFPQ370YuOVGuzEYo6AiQTVQFCesz7pnMLrG724HQljLQIp PdLXUsCy0QFvlScqWUr6IXzNWilt8wkH9UHjPp6LDsWiRdD6l0/gJomqoSJbNC5p Qzz9DOO6uEvBY7Tki2Kgo29mE00B7O0DP8cJBwkm1VCG8oj4u1ho+r4DX4DvGeyh GNoSM1mSWs6gMgid/2EQ =1rSF -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Message from my relay
Are you using an old version of Tor? You should be on 0.2.x Even if you're not using a RasPi, this may help: http://tor.stackexchange.com/questions/6134/tor-dying-on-raspberry-pi-circuit-creation-storm-out-of-memory It seems that Tor kills itself due to memory issues... Or, you're getting attacked, maybe advertise it on 80 but bind to 9030? On 08/09/2015 13:09, DARKNET.IT wrote: > I need help to solve this message: possible syn flooding on port 80. > sending cookies. check snmp counters > Port 80 is the ORPort of the relay. > Thanks for reply > > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Message from my relay
I need help to solve this message: possible syn flooding on port 80. sending cookies. check snmp counters Port 80 is the ORPort of the relay. Thanks for reply 0xA09044BC.asc Description: application/pgp-keys ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Bots, love 'em or hate 'em?
On Tue, 8 Sep 2015 02:03:07 -0400 Roger Dingledine wrote: > On Mon, Sep 07, 2015 at 10:30:38AM -0400, > starlight.201...@binnacle.cx wrote: > > This is curious: Appears a large number of Tor > > client-bots have set > > > > UseEntryGuards 0 > > > > From current relays that have never had the guard flag: > > > > extra-info moep DA8C1123CDB3ACD3B36CD7E7CEFBEA685DED2276 > > entry-ips > > us=360,de=296,fr=232,it=192,es=160,jp=104,ru=104,br=96,ir=96. . . > > These are likely clients using a version from before we introduced > directory guards. So they probably use entry guards like normal, and > they just choose relays at random to fetch their directory info. > > This is why relays report dirreq-v3-reqs lines (number of v3 consensus > requests) in their extra-info descriptors too, and not just total > connection counts. This does present us with an opportunity to gain an actual estimate for the number of botnet clients since there's a way to distinguish them from normal users. Not sure if we'd require actual metrics or if this is just a matter of analysis. Regards, -- Yawning Angel pgpuOm6rLPfw_.pgp Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays