Re: [tor-relays] I have an Alleged family member

[Arisbe]

  
  
Thank you T.  I forgot to out the # beginning the line.  I'm
  stupid!


On 2/28/2017 12:36 PM, teor wrote:


  

  
On 1 Mar 2017, at 07:31, Arisbe  wrote:

If you look at [0] on atlas, the fingerprint is listed under Properties as it should be.  But if you look down to Family Members, it lists the same fingerprint as Alleged Family members. Strange!

  
  
I think you are looking at the wrong Atlas page.

As Pascal said, on [1], I see:

Family Members
Effective family members:
(none)
Alleged family members:
(none)

Unless you specify the same family on
04C095E0DAB8C28BC433677C4AE8F65CB7D7083C, it will appear as an "Alleged
family member" everywhere else.

[1]: https://atlas.torproject.org/#details/04C095E0DAB8C28BC433677C4AE8F65CB7D7083C

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org





  
  
  
  ___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays



  

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] I have an Alleged family member

[teor]

> On 1 Mar 2017, at 07:31, Arisbe  wrote:
> 
> If you look at [0] on atlas, the fingerprint is listed under Properties as it 
> should be.  But if you look down to Family Members, it lists the same 
> fingerprint as Alleged Family members. Strange!

I think you are looking at the wrong Atlas page.

As Pascal said, on [1], I see:

Family Members
Effective family members:
(none)
Alleged family members:
(none)

Unless you specify the same family on
04C095E0DAB8C28BC433677C4AE8F65CB7D7083C, it will appear as an "Alleged
family member" everywhere else.

[1]: 
https://atlas.torproject.org/#details/04C095E0DAB8C28BC433677C4AE8F65CB7D7083C

T

--
Tim Wilson-Brown (teor)

teor2345 at gmail dot com
PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B
ricochet:ekmygaiu4rzgsk6n
xmpp: teor at torproject dot org






signature.asc
Description: Message signed with OpenPGP
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] I have an Alleged family member

[Arisbe]

If you look at [0] on atlas, the fingerprint is listed under Properties 
as it should be.  But if you look down to Family Members, it lists the 
same fingerprint as Alleged Family members. Strange!


Several months ago, as I was growing my Tor relay inventory, I picked up 
on someone's post here  that I should just keep a file of fingerprints 
that I can paste into each node as my count grew. I found it to save 
time, so each of my nodes' torrc also contain their own fingerprint.  
Only [0] reacts this way.




On 2/28/2017 10:26 AM, Pascal Terjan wrote:

On 28 February 2017 at 17:32, Arisbe  wrote:

Hello all,
I run a variety of Tor relays--most on VPS hosts.  I recently added a small
relay and updated my family members.  Strangely, this last relay is tagged
as an "alleged family member," even on itself [0]. It has been like this for
over a month.  I can't detect a typo.
Any suggestions?


What do you mean "even on itself"?

https://atlas.torproject.org/#details/04C095E0DAB8C28BC433677C4AE8F65CB7D7083C
doesn't list any family member, alleged or not

Did you set MyFamily on it (and reload if you did so after starting it)?


[0]  04C095E0DAB8C28BC433677C4AE8F65CB7D7083C
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] I have an Alleged family member

[Pascal Terjan]

On 28 February 2017 at 17:32, Arisbe  wrote:
> Hello all,
> I run a variety of Tor relays--most on VPS hosts.  I recently added a small
> relay and updated my family members.  Strangely, this last relay is tagged
> as an "alleged family member," even on itself [0]. It has been like this for
> over a month.  I can't detect a typo.
> Any suggestions?
>

What do you mean "even on itself"?

https://atlas.torproject.org/#details/04C095E0DAB8C28BC433677C4AE8F65CB7D7083C
doesn't list any family member, alleged or not

Did you set MyFamily on it (and reload if you did so after starting it)?

> [0]  04C095E0DAB8C28BC433677C4AE8F65CB7D7083C
> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] I have an Alleged family member

[Dakota Hourie]

On Tue, Feb 28, 2017 at 10:32 AM, Arisbe  wrote:
> 04C095E0DAB8C28BC433677C4AE8F65CB7D7083C


Both relays will need to specify each other as family members.
Otherwise they appear as alleged family members when only one lists
the other.
-- Dakota Hourie --
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

[tor-relays] I have an Alleged family member

[Arisbe]

Hello all,
I run a variety of Tor relays--most on VPS hosts.  I recently added a 
small relay and updated my family members.  Strangely, this last relay 
is tagged as an "alleged family member," even on itself [0]. It has been 
like this for over a month.  I can't detect a typo.

Any suggestions?

[0]  04C095E0DAB8C28BC433677C4AE8F65CB7D7083C
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] The 9001-9051-v0.2.8.9 Gang: 57 relays and counting...

[David Goulet]

On 28 Feb (02:09:00), nusenu wrote:
> 
> 
> Donncha O'Cearbhaill:
> > nusenu:
> >> This group is still growing.
> >>
> >> Note that the following table is _not_ sorted by FP.
> >>
> >> The FP links these relays even across ISP, and given the FP column
> >> pattern it might be obvious what they are after.
> >>
> >> They do not have the hsdir flag yet.
> >>
> >> https://raw.githubusercontent.com/nusenu/tor-network-observations/master/2017-02-24_9001-9051-v0.2.8.9.txt
> >>
> > 
> > Nusenu, thank you for reporting these relay. They are now in the process
> > of being removed from the network.
> 
> Thanks for letting us know.
> 
> It would be nice if you could share:

Hello!

I'll try to help out as much as I can here.

> - if you reached out to the operator (via abuse contacts)

We do that if a valid contact address is present. In this case, we had only
one I believe and still no response. Email was sent yesterday ~afternoon EST.

> - removal reason

Proximity of fingerprint indicates a clear attempt at insertion in the
hashring for an (some) onion address. We are *always* better safe than sorry
with bad relays so even without a 100% confirmation, we go ahead.

> - what was removed

That, we don't disclose for obvious reasons that if the attackers can see what
we removed and when, it makes it easier for them to just adapt in time. Only
subscribers to bad-relays@ can know this.

However, those reject/badexit entries at the directory authority level expire
after a time period and when they do, they become public here in this DocTor
script that monitors any relay that we've expired and will be there for a 6
months period:

https://gitweb.torproject.org/doctor.git/tree/data/tracked_relays.cfg

After that 6 months, you can find commit like this that removes a bunch of
them:

https://gitweb.torproject.org/doctor.git/commit/data?id=f89e3dca452a0d776eed5d32136f8a474f892cac

> - method (by FP, IP, IP-range, ...)

We always reject both FP and IP. Sometimes, it can be a full network range.
Depends on the attack.

> - how long they will be blacklisted

The standard time period is 90 days *but* it's still a human that does that so
it goes beyond that time period sometimes. *HUGE* network block though, we are
more careful at not extending too much the reject time.

> - time of removal

We don't disclose that for now. Only subscribers to bad-relays@ can know this.

There has been *MANY* discussions about having this reject list public and
everything in the open. I believe it wasn't full agreement in the end but for
now it went towards keeping it close.

Thanks!
David

> 
> thanks,
> nusenu
> 




> ___
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays


-- 
F7k4dGBiwJmiegoPb+2QbzdAVSSAfb5AitHDxdxsEV8=


signature.asc
Description: PGP signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] descriptor-id calc tool?

[Ivan Markin]

On Tue, Feb 28, 2017 at 02:09:00AM +, nusenu wrote:
> >> Is there a tool out there that tells me which HSDir is/will probably be
> >> responsible for a given onion address (and at what time)?
> > 
> > There's no tool, unless you can reverse SHA1.
> > (Or brute-force a set of popular onion addresses.)
> 
> I probably was not very clear in my question. I'm not aiming for the
> reverse path, just the normal calculation a tor client does given an
> onion address but instead of just calculating the current descriptor-id,
> print descriptor-ids for the future N days for onion address M (for the
> pre-prop224 world).

FYI https://gist.github.com/nogoegst/895dde228496e04f409fc6d160a5de5a

$ go run onion-desc-advance.go -time 1488288001 yrcfcqhja2ide7yh

prints descriptor IDs for the given time for replica #1 and #2.

HTH
--
Ivan Markin
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays