Re: [tor-relays] Deploy relays using hidden exit IP's?
Also related, has anyone tried operating an exit behind a VPN/NAT/proxy service? As opposed to having secondary interfaces/routes on the local machine. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
On Tue, 27 Nov 2012 01:58:40 + (UTC) Sven Olaf Kamphuis s...@cb3rob.net wrote: [Utopian fantasy] Meanwhile, back in the Real World, ancient protocols like SMTP dominate the Internet (oh look, you used it to post to this list) and people do what they have to in order to keep their services running. Perhaps you've never worked on a project large enough that network ops and development are handled by separate teams, but in such an environment a sysadmin who allowed the servers to fall over because they believed it was dev's responsibility would quickly find herself out of a job. Tor won't benefit from that person's career suicide. Whereas giving admins the power to implement an easy kill switch (by blocking the exits when they need to) makes Tor a much less attractive prospect for those who would abuse the network. If you can run your attack over Tor, knowing you can be blocked easily, or over some botnet, which would you choose? This means more bandwidth for the rest of us, and fewer abuse complaints for exit operators. I'd say that's a win. Of course, some organisations (I'm looking at Wikipedia) have a problem with Tor that is due to policy, not technology. Is their policy right? Of course not - the impressive level of vandalism that happens anyway proves that (although CluebotNG has an equally impressive catch rate, it has to be said). But unless you're the one paying for and running the infrastructure of that free-as-in-beer service, what right do you have to say “let them all go to hell”? Do you say the same about people who run relays whose exit policies don't allow your traffic? Do you curse at your neighbour whose unencrypted wireless network doesn't allow connections to your favourite porn site? Seriously, get some perspective. Nobody's going to listen if you're rude to/about them. They're more likely to just dig in their heels and erect another barrier. People do what they feel they must to protect what they (are being paid to) care about. Being open about where the exits are is one way of saying “look, we're all friends”. Conversely, making a serious effort to circumvent their blocks by using unpublished exit addresses will simply create another game of Cat Mouse, just like the one being played with bridge relays. Sites like Wikipedia, who have made at least some token efforts to come to a solution which works for Tor, will stop trying at all because it will no longer be possible to distinguish Tor exit traffic from other non-authenticated connections. As you can see I've made the effort to write in real sentences, use capital letters and avoid “zomg”. I won't do so a second time, because if I haven't convinced you by now I'm not going to. By all means continue daydreaming, just remember that's what it is. If you want your utopia to eventually exist, you have to start with reality. You can't just will it into existence. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
I have a real world example of this. My forum was being abused by several users all originating from the Tor network, so the first thing I did (and any sane admin would do) was block Tor access (with a note) for a few hours while I figured out what to do. I ended up unbloacking the network and showing Tor users a low-fi version of the forum, and not letting them sign in without captcha (a simple qualitative question) - reducing load and spam. But something must be done temporally, I agree that Tor users shouldn't be blocked permanently but quiet is needed in order to implement a solution and to get that quiet you need to block at network level, then you can begin a more permanent mitigation plan. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
I have the opposite problem in a way. I use geocaching.org frequently. But because they have had a problem in the past with Tor users they block Tor nodes. As I run a Relay, not Exit, this means that I have to ask for an exception every time my IP changes Happily that doesn't happen very often but it is surly a pain when it does. Is there a way for someone to distinguish real and exit IPs? If so I'll try to educate them. Bill W On Tue, Nov 27, 2012 at 1:15 PM, Daniel Case danielcas...@gmail.com wrote: I have a real world example of this. My forum was being abused by several users all originating from the Tor network, so the first thing I did (and any sane admin would do) was block Tor access (with a note) for a few hours while I figured out what to do. I ended up unbloacking the network and showing Tor users a low-fi version of the forum, and not letting them sign in without captcha (a simple qualitative question) - reducing load and spam. But something must be done temporally, I agree that Tor users shouldn't be blocked permanently but quiet is needed in order to implement a solution and to get that quiet you need to block at network level, then you can begin a more permanent mitigation plan. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
On Tue, 27 Nov 2012 18:42:56 -0500 Bill Waggoner ctgreybe...@gmail.com wrote: I have the opposite problem in a way. I use geocaching.org frequently. But because they have had a problem in the past with Tor users they block Tor nodes. As I run a Relay, not Exit, this means that I have to ask for an exception every time my IP changes Happily that doesn't happen very often but it is surly a pain when it does. Is there a way for someone to distinguish real and exit IPs? If so I'll try to educate them. Yes. As per Moritz's contribution to this thread: People are always thankful when I can point them to the bulk exit list and torDNSel. I point out that Tor has a lot of users and not all of them are bad, and urge for a temporary block. Most admins seem to follow that advice. https://check.torproject.org/cgi-bin/TorBulkExitList.py https://www.torproject.org/projects/tordnsel.html.en If they want to implement blocking of Tor exit relays, these tools can help them to do that. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
On Sat, 24 Nov 2012 07:44:48 -0800 Aaron aag...@extc.org wrote: On Sat, Nov 24, 2012 at 4:24 AM, Moritz Bartl mor...@torservers.net wrote: I don't think it's a good idea. People are always thankful when I can point them to the bulk exit list and torDNSel. I point out that Tor has a lot of users and not all of them are bad, and urge for a temporary block. Most admins seem to follow that advice. But in the light of an IP address is not identity -- is it reasonable to block every user of an IP because one person (or bot) is up to no good? Why do people insist on stopping problem behavior at the network layer? What else do you propose? You have a service which is costing money to run, some idiot is abusing it to the detriment of your genuine users, and the only correlation you can see between connections is that they originate from Tor exit nodes (remember, the point of Tor is that you *can't* establish identity). Sure, you may be able to develop an application level defence against the attack, but that takes time and resources which may not be immediately available. Meanwhile, of course you block the originating network! It's just the same as if you're being flooded by abusive requests all from the same /24: you might not want to permanently block the whole subnet, but you certainly want to mitigate the immediate threat. Sysadmin 101: If you don't do something *now*, you'll regret it tomorrow. Julian -- 3072D/F3A66B3A Julian Yon (2012 General Use) pgp.2...@jry.me signature.asc Description: PGP signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Shouldn't some exit relays (funded or not) be deployed to use an exit IP that is different from it's advertised exit IP in order to prevent a simplistic form of blocking based on scraping the descriptor set? I think this can happen if the default route is out another interface or secondary address. Something of that nature. Actually I think this is a great idea and allows Tor to be used when it wasn't possible or painful before. How does the Torproject and the major Tor network operators think about it? -BEGIN PGP SIGNATURE- iF4EAREKAAYFAlCws6QACgkQyM26BSNOM7YoUwEAtsrq4+zcKVDMM1mrAz1Up/rC YH6UhTVI3i2bWUQsRxYA/iMVMYJscqKlQgVVVdJcUkkg5T29yIQCD8CWoLHRlaAG =89ZU -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
On 24.11.2012 12:46, tagnaq wrote: Shouldn't some exit relays (funded or not) be deployed to use an exit IP that is different from it's advertised exit IP in order to prevent a simplistic form of blocking based on scraping the descriptor set? I don't think it's a good idea. People are always thankful when I can point them to the bulk exit list and torDNSel. I point out that Tor has a lot of users and not all of them are bad, and urge for a temporary block. Most admins seem to follow that advice. https://check.torproject.org/cgi-bin/TorBulkExitList.py https://www.torproject.org/projects/tordnsel.html.en -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
On Sat, Nov 24, 2012 at 4:24 AM, Moritz Bartl mor...@torservers.net wrote: On 24.11.2012 12:46, tagnaq wrote: Shouldn't some exit relays (funded or not) be deployed to use an exit IP that is different from it's advertised exit IP in order to prevent a simplistic form of blocking based on scraping the descriptor set? I don't think it's a good idea. People are always thankful when I can point them to the bulk exit list and torDNSel. I point out that Tor has a lot of users and not all of them are bad, and urge for a temporary block. Most admins seem to follow that advice. But in the light of an IP address is not identity -- is it reasonable to block every user of an IP because one person (or bot) is up to no good? Why do people insist on stopping problem behavior at the network layer? --Aaron https://check.torproject.org/cgi-bin/TorBulkExitList.py https://www.torproject.org/projects/tordnsel.html.en -- Moritz Bartl https://www.torservers.net/ ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
[tor-relays] Deploy relays using hidden exit IP's?
Shouldn't some exit relays (funded or not) be deployed to use an exit IP that is different from it's advertised exit IP in order to prevent a simplistic form of blocking based on scraping the descriptor set? I think this can happen if the default route is out another interface or secondary address. Something of that nature. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] Deploy relays using hidden exit IP's?
On Tue, 30 Oct 2012 05:20:03 -0400 grarpamp grarp...@gmail.com wrote: Shouldn't some exit relays (funded or not) be deployed to use an exit IP that is different from it's advertised exit IP in order to prevent a simplistic form of blocking based on scraping the descriptor set? I think this can happen if the default route is out another interface or secondary address. Something of that nature. it is part of the system design to make the exit list public: https://www.torproject.org/docs/faq#HideExits ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays