Re: [tor-relays] Limiting open port RST response from N to M packets/sec (FreeBSD)
I've got pf installed but it's not doing anything other than helping SSHGuard block ssh attempts. I've got five of those lines within the same minute starting at Aug 28 07:25:29. --mkb > On Aug 29, 2018, at 3:27 PM, nusenu wrote: > > Hi, > > I'm curious as to how frequent FreeBSD relay operators that do not make use of > any packet filter get something like the following line in their logs: > > kernel: Limiting **open** port RST response from ... to 200 packets/sec > > > > > -- > https://twitter.com/nusenu_ > https://mastodon.social/@nusenu > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Limiting open port RST response from N to M packets/sec (FreeBSD)
Hi, I'm curious as to how frequent FreeBSD relay operators that do not make use of any packet filter get something like the following line in their logs: kernel: Limiting **open** port RST response from ... to 200 packets/sec -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Cloudflare Onions Beta - slides
nusenu: > (unfortunately we never saw the slides if anyone did, please share) slides: https://perfectoid.space/ -- https://twitter.com/nusenu_ https://mastodon.social/@nusenu signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Abuse Complaints
What if we kept a (central) score of all complaints received, the type and the responses to our sensible explanations? If we were responding with that to the VPS business they might see that it is rare for complaints to be serious. Rob ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Test bed in MyFamily?
Hi, On 29/08/18 13:16, Totor be wrote: > This 4th relay will be fully operational, but will only be started from > time to time, when updates are available > After the updates are installed, I plan to leave it running for half a > day or so until it appears in Tor Metrics > Question: should I include this test bed relay in MyFamily or leave it > completely stand alone? > What would you recommend? Yes, please include family for all of your relays. Thanks, Iain. signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Abuse Complaints
> Is Irdeto harassing you with DMCAs or just the hacking / forum spam > complaints? >> I am thankful that I have my own AS and IP space. I would even think >> about running mass relays like I do. >> I am running the reduced exit policy on all 50 of my relays and still get >> tons of automated stuff like you spoke about. >> >> Now, If you leave all ports open like Conrad and I do on most of our >> relays, a copyright enforcement company called Irdeto USA (the same >> replies, and contact upstreams directly rather than the contact on the >> SWIP >> Record - be rich and get your own ASN to get around this. Now, Irdeto's >> business strategy is a simple one they need only to flood your ISP's >> abuse >> department with as many automated DMCA Emails as possible until they get >> too many to ever hope to respond to and then try to get them to terminate >> your account. Depending on the ISP it'll work. Own AS helps as with SWIP... you look like a biz / isp... the upper tiers are less likely to cut your connection unless bill unpaid, though you're hardly likely to actually be peering with them, so you're still somewhat subject to the smaller ISP FUD game. ISP meetups in every city, make friends. Automated? Waste of time, filter into archive and ignore. Copied to upstream? Same unless relationship says otherwise. Handwritten? Stuff with a hello back and a Here's Tor template. Get cracked? Say thank you. For the most part, it's all a game... bluster, corp i-dot t-cross fud, and whack a mole. Rarely to court in jurisdiction, which will happen or not no matter how you process mail. Simple incorporation filing solves that, fold in civil and reboot, unless jurisdiction is insane, for which you'd be insane to risk criminal jail to operate there non structured / defended / anon. Book counsel and plan before deploying. Or fight, isp rarely lose speech / proxy anyway. Irdeto bittorrent and all others can go spin... https://www.techspot.com/news/76190-us-court-appeals-ip-address-isnt-enough-identify.html http://cdn.ca9.uscourts.gov/datastore/opinions/2018/08/27/17-35041.pdf Generally, automatia is noise to cancel, bluster back at fud threats with well collated set of links / info / education, maybe they end up converting using overlays and crypto lol, thank the occaisional helpful human, etc. No best answer. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Abuse Complaints
On Wed, Aug 29, 2018 at 9:32 AM Nathaniel Suchy wrote: > > Almost never if you use the reduced exit policy or the browser only policy > (only allowing 80,443,53). I only run one exit relay, but this is also my experience. I use the reduced exit policy and also blacklist port 22 (SSH) and I haven't had any complaints in some time. However, the last time I tried opening up SSH, I _immediately_ got a half-dozen complaints about port-scanning. It's too bad; SSH is something people have good reasons to want to use over Tor. But I don't have time to respond to multiple complaints per day, so. zw ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Abuse Complaints
Almost never if you use the reduced exit policy or the browser only policy (only allowing 80,443,53). Now, If you leave all ports open like Conrad and I do on most of our relays, a copyright enforcement company called Irdeto USA (the same people behind Denuvo Game DRM) will send you threats and harassment, ignore your replies, and contact upstreams directly rather than the contact on the SWIP Record - be rich and get your own ASN to get around this. Now, Irdeto's business strategy is a simple one they need only to flood your ISP's abuse department with as many automated DMCA Emails as possible until they get too many to ever hope to respond to and then try to get them to terminate your account. Depending on the ISP it'll work. Cordially, Nathaniel Suchy On Wed, Aug 29, 2018 at 8:49 AM Ralph Seichter wrote: > On 29.08.2018 12:48, John Ricketts wrote: > > > For the non-automated emails I reply each time. > > Same here. At one time I had written a generator script that fills in > details of the complaining party, like IP addresses, and adds general > descriptions about what Tor is, with links to facilitate further > reading. Only very rarely the generated reply was not enough to satisfy > or at least placate the complaining party. Unfortunately I can't seem > find my script any more. > > Automated complaints are a different matter. I don't feel the need to > converse with Fail2ban or WebIron bots. > > -Ralph > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Abuse Complaints
On 29.08.2018 12:48, John Ricketts wrote: > For the non-automated emails I reply each time. Same here. At one time I had written a generator script that fills in details of the complaining party, like IP addresses, and adds general descriptions about what Tor is, with links to facilitate further reading. Only very rarely the generated reply was not enough to satisfy or at least placate the complaining party. Unfortunately I can't seem find my script any more. Automated complaints are a different matter. I don't feel the need to converse with Fail2ban or WebIron bots. -Ralph ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Test bed in MyFamily?
Sorry for late. Whats up...? here is my : alexflores866@yahoo.comtlak to here... Sent from my iPhone On Wednesday, August 29, 2018 5:17 AM, Totor be wrote: Hi list, Just a quick question about families: I'm in the process of setting up a 4th relay as test bed VM in order to validate the Linux and Tor updates before updating my 3 live relays (none of these are exits) This 4th relay will be fully operational, but will only be started from time to time, when updates are available After the updates are installed, I plan to leave it running for half a day or so until it appears in Tor Metrics Question: should I include this test bed relay in MyFamily or leave it completely stand alone?What would you recommend? Thanks! Patrick ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Test bed in MyFamily?
Hi list, Just a quick question about families: I'm in the process of setting up a 4th relay as test bed VM in order to validate the Linux and Tor updates before updating my 3 live relays (none of these are exits) This 4th relay will be fully operational, but will only be started from time to time, when updates are available After the updates are installed, I plan to leave it running for half a day or so until it appears in Tor Metrics Question: should I include this test bed relay in MyFamily or leave it completely stand alone? What would you recommend? Thanks! Patrick ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Abuse Complaints
Rob, For the non-automated emails I reply each time. John > On Aug 29, 2018, at 05:47, I wrote: > > John > > Do you do anything in reply? > > Rob > > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Abuse Complaints
John Do you do anything in reply? Rob ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Abuse Complaints
Paul, On an average day I receive 50 or so automated complaints. Once a week I will get a real human emailing me, even more rare do I get a subpoena. John > On Aug 28, 2018, at 23:38, Paul Templeton wrote: > > Question: are exit operators seeing many abuse complaints now days? I have > only had one in the last two months from 5 exits. I used to see a lot now > nothing really. > > I just find it weird. > > Paul > > 137CF322859E400455E457DB920F65FFDD222CDF > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays