[tor-relays] tor middle node question

[Markus Koch]

hi,

as a good TOR support peon I got a dedicated server and set up TOR 3-4
weeks ago. Everything went great, I got my Guard, Fast and Stable etc.
Flag and my little server was busy & happy. After restarting the TOR
daemon I lost all my flags and even after 12 hours I only got Running
and Valid back. What went wrong?

My server is: 
https://torstatus.blutmagie.de/router_detail.php?FP=caf1eea0e8e8919dfc480a885b8bd1da00d0ffb7


Markus
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor middle node question

[Kurt Besig]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 1/26/2016 12:58 AM, Markus Koch wrote:
> hi,
> 
> as a good TOR support peon I got a dedicated server and set up TOR
> 3-4 weeks ago. Everything went great, I got my Guard, Fast and
> Stable etc. Flag and my little server was busy & happy. After
> restarting the TOR daemon I lost all my flags and even after 12
> hours I only got Running and Valid back. What went wrong?
> 
> My server is:
> https://torstatus.blutmagie.de/router_detail.php?FP=caf1eea0e8e8919dfc
480a885b8bd1da00d0ffb7
>
> 
> 
> Markus ___ tor-relays
> mailing list tor-relays@lists.torproject.org 
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> 
Typical behavior after a restart, be patient and all will be well
again. :-)
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBAgAGBQJWp2OOAAoJEJQqkaGlFNDPydgH/jE/8DlLL4l+jKUXe6rJAiAW
OOQYHSKDQeBDtwP3iDUBajKz2AUd9ipq499OHT+TgDUcSRbrOq7fGUHcjU8ZMh0L
4k0k0WdaMV5GQpqSirJUmYhXI8BqQ/2Mb+pd3d3Oqwd9PsIPgxmzqsUmKEYV+dCK
b3dLZXMLRtULCkVxtmuukk8RK2ZQKXXiRuvk98FVKxB6ARru323fjz3n7ue6HhKh
sXy1ZYQ19vEHAKAhO6wTmjiUAKl/T/xRsTMKrPt7TprfQapPm4zqWjBjchGrSRNc
WsPnb0RQina40LjPR3DZSdqQI5equQim02OrGmJKMaXYgvoKj5pAsopyLcz+cCo=
=4MS3
-END PGP SIGNATURE-
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Should Onionoo consider relays with the same ip# to be part of the same family?

[Virgil Griffith]

They are indeed configured in torrc.  The question is whether two relays on
the same IP# *should* be in the same family even if they aren't.

-V

On Wednesday, 27 January 2016, Tristan  wrote:

> Aren't family members configured in torrc?
> On Jan 26, 2016 11:01 PM, "Virgil Griffith"  > wrote:
>
>> For example, these two pairs of relays that came online yesterday:
>> *
>> https://atlas.torproject.org/#details/0ED2D734F295427E5A3719FA7B9985C335839123
>>
>> *
>> https://atlas.torproject.org/#details/667C297D3EC6E1281D68F7F4C8C9BE8324D132A3
>>
>> and
>>
>> *
>> https://atlas.torproject.org/#details/667C297D3EC6E1281D68F7F4C8C9BE8324D132A3
>> *
>> https://atlas.torproject.org/#details/2FF21F475C2E668C23DB7625A9D45B52591B30FD
>>
>> (Hat-tip to Sean Saito for pointing these out.)
>>
>> No wrong answer---just wondering what is the community's vibe on this
>> issue.  I can go either way.
>>
>> -V
>> ___
>> tor-relays mailing list
>> tor-relays@lists.torproject.org
>> 
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Webiron

[Nicholas Suan]

Looks like Webiron is spamming again, and this time they're including
a web bug in the mail to see if you've opened it:

https://www.webiron.com/images/misc/91.219.236.218/ab...@1d4.us/webiron-logo_abuse.png

https://www.webiron.com/abuse_feed/ab...@1d4.us
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Should Onionoo consider relays with the same ip# to be part of the same family?

[Virgil Griffith]

For example, these two pairs of relays that came online yesterday:
* https://atlas.torproject.org/#details/0ED2D734F295427E5A3719FA7B9985C335839123

* https://atlas.torproject.org/#details/667C297D3EC6E1281D68F7F4C8C9BE8324D132A3

and

* https://atlas.torproject.org/#details/667C297D3EC6E1281D68F7F4C8C9BE8324D132A3
* https://atlas.torproject.org/#details/2FF21F475C2E668C23DB7625A9D45B52591B30FD

(Hat-tip to Sean Saito for pointing these out.)

No wrong answer---just wondering what is the community's vibe on this
issue.  I can go either way.

-V
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Should Onionoo consider relays with the same ip# to be part of the same family?

[grarpamp]

On Wed, Jan 27, 2016 at 12:00 AM, Virgil Griffith  wrote:
> No wrong answer---just wondering what is the community's vibe on this
> issue.  I can go either way.

Same IP excepting NAT is same box, kind of pointless if
they're not the same entity [1], err to caution and call it family,
put them in touch or encourage one or both to move or shutdown.

[1] Same entity would make sense if it was that entities
chosen / available way of binding multiple cpu cores to
tor instances, at least as far as the daemons go without
considering overall utility to tor.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor middle node question

[Roman Mamedov]

On Tue, 26 Jan 2016 15:44:54 -0900
Jesse V  wrote:

> On 01/26/2016 03:16 AM, Kurt Besig wrote:
> >> My server is:
> >> > https://torstatus.blutmagie.de/router_detail.php?FP=caf1eea0e8e8919dfc
> > 480a885b8bd1da00d0ffb7
> 
> Just so you know, that website isn't maintained anymore.

That's terrible to hear, since when? I was communicating to its maintainer
just in November 2015, and he was making some nice changes to the website (and
a bugfix on my request).

> You might be interested in atlas.torproject.org or globe.torproject.org

Neither of those allow you to view the full list of Tor nodes in a nice
detailed sortable and filter-able list as we have on the main page of
https://torstatus.blutmagie.de/, they hide all the actual data from you and
want you to "Search" for it instead -- like everything these days. They can't
be considered nowhere near a complete replacement for torstatus.

> both are  far better than torstatus.blutmagie.de

Nope.

-- 
With respect,
Roman


signature.asc
Description: PGP signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor middle node question

[Operator AnonymizedIoExitCA1]

Question:

Is there a security reason behind the search. I really like torstatus 
for the list and I feel like the consensus is already public so tor node 
are already public.


Knowing that it is unmaintained at the moment, I'd be willing to host a 
mirror and continue development on that tool however the source repo 
listed at the end of the website does not work. Anybody know where/how 
the source code is available?


On 2016-01-27 12:15 AM, Roman Mamedov wrote:

On Tue, 26 Jan 2016 15:44:54 -0900
Jesse V  wrote:


On 01/26/2016 03:16 AM, Kurt Besig wrote:

My server is:

https://torstatus.blutmagie.de/router_detail.php?FP=caf1eea0e8e8919dfc

480a885b8bd1da00d0ffb7

Just so you know, that website isn't maintained anymore.

That's terrible to hear, since when? I was communicating to its maintainer
just in November 2015, and he was making some nice changes to the website (and
a bugfix on my request).


You might be interested in atlas.torproject.org or globe.torproject.org

Neither of those allow you to view the full list of Tor nodes in a nice
detailed sortable and filter-able list as we have on the main page of
https://torstatus.blutmagie.de/, they hide all the actual data from you and
want you to "Search" for it instead -- like everything these days. They can't
be considered nowhere near a complete replacement for torstatus.


both are  far better than torstatus.blutmagie.de

Nope.



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Should Onionoo consider relays with the same ip# to be part of the same family?

[Tristan]

Aren't family members configured in torrc?
On Jan 26, 2016 11:01 PM, "Virgil Griffith"  wrote:

> For example, these two pairs of relays that came online yesterday:
> *
> https://atlas.torproject.org/#details/0ED2D734F295427E5A3719FA7B9985C335839123
>
> *
> https://atlas.torproject.org/#details/667C297D3EC6E1281D68F7F4C8C9BE8324D132A3
>
> and
>
> *
> https://atlas.torproject.org/#details/667C297D3EC6E1281D68F7F4C8C9BE8324D132A3
> *
> https://atlas.torproject.org/#details/2FF21F475C2E668C23DB7625A9D45B52591B30FD
>
> (Hat-tip to Sean Saito for pointing these out.)
>
> No wrong answer---just wondering what is the community's vibe on this
> issue.  I can go either way.
>
> -V
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor middle node question

[Joost Rijneveld]

On 26 January 2016 at 13:53, Markus Koch  wrote:
> TIL: Do not touch anything on your server. :)

I believe that that is not really the takeaway message here. More
importantly, realize that flags inevitably come and go when you
restart your relay. This can and will happen when you run updates as
well, but should not discourage you from running updates (and the same
holds for maintaining uptime).

Joost
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] DDoS attack on relay

[Green Dream]

My hosting provider alerted me of a DDoS attack on one of my relays. It
started around 2016-01-26 12:42 UTC. They claim they tried "filtering,
routing, and network configuration changes" to mitigate the attack, but as
a last resort they temporarily disconnected the host from the network for 3
hours.

I know such attacks are not uncommon, but I'm curious if any other
operators experienced a DDoS around the same time?

I'm also curious to know more about the nature of such attacks -- what type
of attack was it, what is the general end goal of attacking a random Tor
(non-exit) relay, etc. My hosting provider is unable or unwilling to share
additional information.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DDoS attack on relay

[TorOp AnonymizedDotIo1]

I was hit with a DDoS attack > 1gbps on 2016-01-21 11:30 EST on the IP 
that host my tor exit node. My hosting provider began succesfully 
mitigating the attack and my service was unaffected besides a slight dip 
in network throughput.


They attacker quickly stopped the attack when they realized if was being 
blackholed as my IP was removed from automatic mitigation 15 minutes later.


They did not attack other IPs in that netblock or any other of my 
netblock that host my legitimate buisness.


DDoSing a medium-to-large exit node seems counterintuitive to me... 
unless you are a government.


Le 2016-01-26 14:32, Green Dream a écrit :
My hosting provider alerted me of a DDoS attack on one of my relays. 
It started around 2016-01-26 12:42 UTC. They claim they tried 
"filtering, routing, and network configuration changes" to mitigate 
the attack, but as a last resort they temporarily disconnected the 
host from the network for 3 hours.


I know such attacks are not uncommon, but I'm curious if any other 
operators experienced a DDoS around the same time?


I'm also curious to know more about the nature of such attacks -- what 
type of attack was it, what is the general end goal of attacking a 
random Tor (non-exit) relay, etc. My hosting provider is unable or 
unwilling to share additional information.



___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] DDoS attack on relay

[Markus Koch]

Not today, but it happens quite often 

I get nice abuse mails like this:

Direction IN
Internal 188.40.99.164
Threshold PacketsDiff 200.000 packets/s, Diff: 475.160 packets/s
Sum 142.643.000 packets/300s (475.476 packets/s), 5 flows/300s (0
flows/s), 198,002 GByte/300s (5.406 MBit/s)
External 185.21.xxx.xxx, 142.642.000 packets/300s (475.473 packets/s),
4 flows/300s (0 flows/s), 198,002 GByte/300s (5.406 MBit/s)

xxx out the attackers IP. :)



2016-01-26 20:32 GMT+01:00 Green Dream :
> My hosting provider alerted me of a DDoS attack on one of my relays. It
> started around 2016-01-26 12:42 UTC. They claim they tried "filtering,
> routing, and network configuration changes" to mitigate the attack, but as a
> last resort they temporarily disconnected the host from the network for 3
> hours.
>
> I know such attacks are not uncommon, but I'm curious if any other operators
> experienced a DDoS around the same time?
>
> I'm also curious to know more about the nature of such attacks -- what type
> of attack was it, what is the general end goal of attacking a random Tor
> (non-exit) relay, etc. My hosting provider is unable or unwilling to share
> additional information.
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor middle node question

[Jesse V]

On 01/26/2016 03:16 AM, Kurt Besig wrote:
>> My server is:
>> > https://torstatus.blutmagie.de/router_detail.php?FP=caf1eea0e8e8919dfc
> 480a885b8bd1da00d0ffb7

Just so you know, that website isn't maintained anymore. You might be
interested in atlas.torproject.org or globe.torproject.org. The choice
of Atlas or Globe is a personal preference. I prefer Globe, but both are
far better than torstatus.blutmagie.de

-- 
Jesse V



signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] Reload Config Without Restarting?

[Tristan]

Is it possible to reload torrc without restarting Tor? I'm running on a
Raspberry Pi compiled from source, so I can't use sudo service tor reload.
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Reload Config Without Restarting?

[Operator AnonymizedIoExitCA1]

kill -HUP ­­

or

killall -HUP tor

I know the kill command look scary but it can send other signals than 
sigkill, see kill -l for the list of signal. -HUP can be replaced with 
-1 as well.


On 2016-01-26 8:06 PM, Tristan wrote:


Is it possible to reload torrc without restarting Tor? I'm running on 
a Raspberry Pi compiled from source, so I can't use sudo service tor 
reload.




___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Reload Config Without Restarting?

[Damian Johnson]

Yup, no problem...

https://stem.torproject.org/faq.html#how-do-i-reload-my-torrc


On Tue, Jan 26, 2016 at 5:06 PM, Tristan  wrote:
> Is it possible to reload torrc without restarting Tor? I'm running on a
> Raspberry Pi compiled from source, so I can't use sudo service tor reload.
>
>
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Reload Config Without Restarting?

[Tristan]

Thanks for the info. :)
On Jan 26, 2016 7:13 PM, "Damian Johnson"  wrote:

> Yup, no problem...
>
> https://stem.torproject.org/faq.html#how-do-i-reload-my-torrc
>
>
> On Tue, Jan 26, 2016 at 5:06 PM, Tristan  wrote:
> > Is it possible to reload torrc without restarting Tor? I'm running on a
> > Raspberry Pi compiled from source, so I can't use sudo service tor
> reload.
> >
> >
> > ___
> > tor-relays mailing list
> > tor-relays@lists.torproject.org
> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> >
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor middle node question

[Markus Koch]

Thank you.

TIL: Do not touch anything on your server. :)


2016-01-26 13:16 GMT+01:00 Kurt Besig :
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 1/26/2016 12:58 AM, Markus Koch wrote:
>> hi,
>>
>> as a good TOR support peon I got a dedicated server and set up TOR
>> 3-4 weeks ago. Everything went great, I got my Guard, Fast and
>> Stable etc. Flag and my little server was busy & happy. After
>> restarting the TOR daemon I lost all my flags and even after 12
>> hours I only got Running and Valid back. What went wrong?
>>
>> My server is:
>> https://torstatus.blutmagie.de/router_detail.php?FP=caf1eea0e8e8919dfc
> 480a885b8bd1da00d0ffb7
>>
>>
>>
>> Markus ___ tor-relays
>> mailing list tor-relays@lists.torproject.org
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>
> Typical behavior after a restart, be patient and all will be well
> again. :-)
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v2.0.22 (MingW32)
>
> iQEcBAEBAgAGBQJWp2OOAAoJEJQqkaGlFNDPydgH/jE/8DlLL4l+jKUXe6rJAiAW
> OOQYHSKDQeBDtwP3iDUBajKz2AUd9ipq499OHT+TgDUcSRbrOq7fGUHcjU8ZMh0L
> 4k0k0WdaMV5GQpqSirJUmYhXI8BqQ/2Mb+pd3d3Oqwd9PsIPgxmzqsUmKEYV+dCK
> b3dLZXMLRtULCkVxtmuukk8RK2ZQKXXiRuvk98FVKxB6ARru323fjz3n7ue6HhKh
> sXy1ZYQ19vEHAKAhO6wTmjiUAKl/T/xRsTMKrPt7TprfQapPm4zqWjBjchGrSRNc
> WsPnb0RQina40LjPR3DZSdqQI5equQim02OrGmJKMaXYgvoKj5pAsopyLcz+cCo=
> =4MS3
> -END PGP SIGNATURE-
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays