[tor-relays] Improving Relay IPv6 - RIPE Grant
Dear relay operators, I just wanted to let you know that RIPE has announced funding for The Tor Project to improve IPv6 support on relays. (RIPE is the European internet infrastructure organisation.) https://www.ripe.net/support/cpf/funding-recipients-2019 We'll have more details early in 2020, when we've worked out an implementation plan and a start time. Thanks for your patience with our current IPv6 support. And thanks to all those volunteer coders who have worked hard to get us this far. T -- teor -- signature.asc Description: Message signed with OpenPGP ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Thinking of running bridge through Ubuntu Windows app and port question
Hi all, So currently I am running an OBFS4 bridge through the Tor Expert Bundle, however saw this app on Windows Store: https://www.microsoft.com/en-us/p/ubuntu/9nblggh4msv6#activetab=pivot:overviewtab I am wondering, as this app allows to run Linux Terminal commands through it’s interface. Would it be possible to install tor through this app and transfer my bridge keys over to it, as well as automatics upgrades? Was just wondering if anybody here had used this app. I also wanted to ask, if I wanted my bridge to be reachable to on more than one port, such as configuring in torrc ORPort: oneportnumber, anotherportnumber, etc? Thanks very much all. --Keifer ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] tor crashed: Could not apply consensus diff because an ed command was missing a line number.
Hi, > On 8 Dec 2019, at 22:40, Winter Paulson > wrote: > > this morning the tor process crashed, couldn't find anything searching > the internet. Any hints what this might have been: > > Tor[96521]: Could not apply consensus diff because an ed command was > missing a line number. > Tor[96521]: consdiff_gen_diff: Refusing to generate consensus diff > because the generated ed diff could not be tested to successfully > generate the target consensus. > Tor[96521]: tor_assertion_failed_: Bug: src/lib/memarea/memarea.c:147: > memarea_chunk_free_unchecked: Assertion sent_val == 0x90806622u failed; > aborting. (on Tor 0.4.1.6 ) > Tor[96521]: Bug: Assertion sent_val == 0x90806622u failed in > memarea_chunk_free_unchecked at src/lib/memarea/memarea.c:147: . (Stack > trace not available) (on Tor 0.4.1.6 ) > > server is running on openbsd. I'm not sure what happened either, but I opened this ticket for this crash: https://trac.torproject.org/projects/tor/ticket/32718 T signature.asc Description: Message signed with OpenPGP ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] unbound: error: recvfrom 123 failed: Host is down
Hi, > On 8 Dec 2019, at 22:37, Winter Paulson > wrote: > > I'm running an exit relay > 200 Mbit/s with local unbound on openbsd. I > receive a lot of the following syslog messages from unbound: > > unbound: [15040:1] error: recvfrom 226 failed: Host is down Maybe the remote DNS server can't handle the load? Or the network between you is dropping DNS packets? Or there's some firewall between you and the remote DNS that sees your DNS as problematic? Have you tried running a full resolver? T signature.asc Description: Message signed with OpenPGP ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Article: The Growing Problem of Malicious Relays on the Tor Network
The main issue I see here is the 10%. Thats a really big chunk. They were bigger than me :( I also mailed the Tor Project after Nusenu did not receive an answer. This has to be much faster in the future. > On 9. Dec 2019, at 20:26, Dirk wrote: > > Dear all, > > I was made aware today of the article be nusenu [1]. Please read it. > > So even I theoretically new Sybil attack scenario against the tor > network - I never was aware it could affect so much of the tor network > infrastructure: > "At their peak they reached >10% of the Tor network’s guard capacity". > > The article leaves me with some thoughts: > > + Due to the natrue of the tor network the problem can never be solved > by 100% > > + How can the tor network be improved to be more resilient against this > attach (Software & Operation) > > + Is there currently already activity ongoning by the tor project and > how can we as organizations and operators support it > > > best regards > > Dirk > Tor support team digitale-gesellschaft.ch > > > > [1] > https://medium.com/@nusenu/the-growing-problem-of-malicious-relays-on-the-tor-network-2f14198af548 > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays signature.asc Description: Message signed with OpenPGP ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Article: The Growing Problem of Malicious Relays on the Tor Network
Dear all, I was made aware today of the article be nusenu [1]. Please read it. So even I theoretically new Sybil attack scenario against the tor network - I never was aware it could affect so much of the tor network infrastructure: "At their peak they reached >10% of the Tor network’s guard capacity". The article leaves me with some thoughts: + Due to the natrue of the tor network the problem can never be solved by 100% + How can the tor network be improved to be more resilient against this attach (Software & Operation) + Is there currently already activity ongoning by the tor project and how can we as organizations and operators support it best regards Dirk Tor support team digitale-gesellschaft.ch [1] https://medium.com/@nusenu/the-growing-problem-of-malicious-relays-on-the-tor-network-2f14198af548 ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Obfs4 Bridge/Relay Issue
I have been trying to run a relay/obfs4 bridge from my Macbook (macOS Catalina 10.15.1) for some time now. I want to do it to help out the Tor network - getting a Tor t-shirt would be a nice bonus. I've already donated to help out until I can get my bridge/relay up & running. I've been starting out with trying to run an obfs4 bridge with the intent to move to a full relay (non-exit) at a later date. I've tried setting up my ORPorts to 80, 443, 9050, auto, and many others. I use Bitdefender as my antivirus software (which doesn't really show open/closed/used ports; nor does the built-in firewall in System Preferences in macOS. Below is my torrc file and log files (from Console). If you see any mistakes or any reasons why I cannot get the obsf4 bridge or relay to run please let me know. I have been trying to get this to work for a few months now. I upgraded to Tor 0.4.1.6 to see if that makes a difference and so far nothing has changed. Any assistance that you could give would be greatly appreciated. Thank you in advance for your assistance. ** *_Torrc_:* #Bridge config RunAsDaemon 1 ORPort 80 ORPort 443 ORPort 9050 ORPort auto BridgeRelay 1 ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy # For a fixed obfs4 port (i.e. 9002), uncomment the following line. #ServerTransportListenAddr obfs4 0.0.0.0:9002 # Local communication port between Tor and obfs4. Always set this to "auto". "Ext" means # "extended", not "external". Don't try to set a specific port number, nor listen on 127.0.0.1 ExtORPort auto ExitRelay 0 ExitPolicy reject *:* # no exits allowed ## Send all messages of level 'notice' or higher to /opt/local/var/log/tor/notices.log Log notice file /usr/local/var/log/tor/notices.log # Contact information that allows us to get in touch with you in case of # critical updates or problems with your bridge. This is optional, so you # don't have to provide an email address if you don't want to. ContactInfo 0x4DD6289CAD37F299 # Pick a nickname that you like for your bridge. Nickname texasbuckeye ## Define these to limit how much relayed traffic you will allow. Your ## own traffic is still unthrottled. Note that RelayBandwidthRate must ## be at least 75 kilobytes per second. ## Note that units for these config options are bytes (per second), not ## bits (per second), and that prefixes are binary prefixes, i.e. 2^10, ## 2^20, etc. RelayBandwidthRate 1000 KBytes # Throttle traffic to 100KB/s (800Kbps) RelayBandwidthBurst 2000 KBytes # But allow bursts up to 200KB (1600Kb) -- *_Console_:* Nov 23 17:34:12.000 [notice] Tor 0.4.1.6 opening log file. Nov 23 17:34:12.475 [notice] Tor 0.4.1.6 running on Darwin with Libevent 2.1.11-stable, OpenSSL 1.0.2s, Zlib 1.2.11, Liblzma N/A, and Libzstd N/A. Nov 23 17:34:12.476 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://www.torproject.org/download/download#warning Nov 23 17:34:12.477 [notice] Read configuration file "/usr/local/etc/tor/torrc". Nov 23 17:34:12.481 [notice] Based on detected system memory, MaxMemInQueues is set to 6553 MB. You can override this by setting MaxMemInQueues by hand. Nov 23 17:34:12.483 [notice] Opening Socks listener on 127.0.0.1:9050 Nov 23 17:34:12.484 [notice] Opened Socks listener on 127.0.0.1:9050 Nov 23 17:34:12.484 [notice] Opening OR listener on 0.0.0.0:0 Nov 23 17:34:12.484 [notice] OR listener listening on port 57054. Nov 23 17:34:12.484 [notice] Opened OR listener on 0.0.0.0:57054 Nov 23 17:34:12.485 [notice] Opening OR listener on 0.0.0.0:9050 Nov 23 17:34:12.485 [notice] Opened OR listener on 0.0.0.0:9050 Nov 23 17:34:12.485 [notice] Opening OR listener on 0.0.0.0:443 Nov 23 17:34:12.485 [notice] Opened OR listener on 0.0.0.0:443 Nov 23 17:34:12.485 [notice] Opening Extended OR listener on 127.0.0.1:0 Nov 23 17:34:12.486 [notice] Extended OR listener listening on port 57055. Nov 23 17:34:12.486 [notice] Opened Extended OR listener on 127.0.0.1:57055 Nov 23 17:34:14.000 [notice] Parsing GEOIP IPv4 file /usr/local/Cellar/tor/0.4.0.5_1/share/tor/geoip. Nov 23 17:34:14.000 [notice] Parsing GEOIP IPv6 file /usr/local/Cellar/tor/0.4.0.5_1/share/tor/geoip6. Nov 23 17:34:14.000 [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now. Nov 23 17:34:14.000 [notice] Your Tor server's identity key fingerprint is // Nov 23 17:34:14.000 [notice] Your Tor bridge's hashed identity key fingerprint is // Nov 23 17:34:14.000 [notice] Bootstrapped 0% (starting): Starting Nov 23 17:34:20.000 [notice] Starting with guard context "default" Nov 23 17:34:20.000 [notice] Bootstrapped 5% (conn): Connecting to a relay Nov 23 17:34:21.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay Nov 23