> On 5 Sep 2018, at 02:36, Damian Johnson wrote:
>
> Nyx's 'should this be scrubbed' check is pretty simple [1].
> Inbound addresses are scrubbed if...
>
> 1. You're configured to accept user traffic (ie. you set BridgeRelay
> in your torrc or have receive the Guard flag). [2]
There are so
El 04/09/18 a las 17:51, nusenu escribió:
…
> > Certificate verification failed for /C=US/O=Let's Encrypt/CN=Let's Encrypt
> > Authority X3
> > 34405378632:error:14090086:SSL
> > routines:ssl3_get_server_certificate:certificate verify
> > failed:/usr/src/crypto/openssl/ssl/s3_clnt.c:1269:
> >
> On 5 Sep 2018, at 12:30 pm, Isaac Grover, Aileron I.T.
> wrote:
>
> Good evening,
>
> Following up with a tongue-in-cheek suggestion to set up exit nodes in
> Australia, for those who are interested, there are already seven exit nodes
> in Australia per
Good evening,
Following up with a tongue-in-cheek suggestion to set up exit nodes in
Australia, for those who are interested, there are already seven exit nodes in
Australia per https://hackertarget.com/tor-exit-node-visualization/ .
I have also contacted RIMU Hosting, which has servers in
On 09/04/2018 03:19 AM, Paul Templeton wrote:
>
> On a satire note -
>
> https://www.youtube.com/watch?v=eW-OMR-iWOE
>
> But seriously -
> https://www.homeaffairs.gov.au/about/consultations/assistance-and-access-bill-2018
> And -
>
> Using an obscure port only prevents attempts being logged, nothing else.
And if you’re going to use an alternate port, pick one under 1024. Make it
so an attacker needs to be root before they replace your sshd process.
If you take that approach, make sure you are using a hardware firewall
On Tue, Sep 04, 2018 at 10:19:45AM +, Paul Templeton wrote:
> The thing that worries me is that this bill will probably go through and it
> can hoover up relay operators. That is they can force you to add/develop
> tools to eavesdrop on you.
>
> Is there any real defense against this bill?
OVH response so far.
"
Thank you for contacting OVH regarding your concern about BGP hijacking.
We first would like to apologize for the delayed response! We are experiencing
an unusual amount of requests at this moment. This is why the response time is
longer than usual.
That being said, I
For DoS traffic, it'd be nice to have some agreed upon rate limit rules of
obvious syn flood and similar traffic which both stop the attacks, or slow
them down so they don't affect anything and cause complaints, while still
allowing legitimate traffic to flow as normal. Scaleway knows about Tor,
I made the same experience as you several times in the last few weeks with
Scaleway.
Usually you have 48 hours to respond - that's at least what they tell you
somewhere on their pages.
My impression is that you can place anything you want in your answer -
important is your answer within time.
I run a "browser-only" exit relay at Scaleway, by "browser-only" I mean
only ports 53 (DNS), 80 (HTTP), 443 (HTTPS) and so far it's gone well.
Their support recommends if you run "an open proxy" to check your abuse
inbox daily (See: https://cloud.scaleway.com/#/abuses) as they will suspend
after
Had the same experience with Scaleway a year ago.
> Am 04.09.2018 um 22:27 schrieb Olaf Grimm :
>
> Dear readers,
>
> some days ago I change my relay to an exit relay with a very strict
> policy. Today came the suspension message into my regular mail account.
> After login into the Scaleway
Dear readers,
some days ago I change my relay to an exit relay with a very strict
policy. Today came the suspension message into my regular mail account.
After login into the Scaleway account I saw that the time between the
abuse log message and the deactivation of my exit relay were 6 hours
Thanks for this added info--it helps.
On 9/4/2018 9:36 AM, Damian Johnson wrote:
Hi arisbe. This isn't as concerning as you seem to think. As Nathaniel
mentions it's simple to get this information, Nyx is simply attempting
to scrub it cuz... well, it's ethically and legally the right thing to
Hello Marcus,
On an ongoing basis, most of my relays get up to 4000 attempts each
day. It's standard practice I guess! Many, many are from just a few IP
addresses. The rest are just a few per IP address. Occasionally, I will
go beyond the fail2ban "ban" and block an IP address in iptables
For me, 8.
On 9/3/2018 8:42 PM, I wrote:
How many relays do you do that to?
___
tor-relays mailing list
On Tue, 4 Sep 2018 18:44:55 +0100
wrote:
> Waste of time move SSH port? My fail2ban has hardly anything to do since
> moving port some time back
Yes, it is. And you might as well remove fail2ban altogether if you simply have
key-based auth and disable passwords.
--
With respect,
Roman
Waste of time move SSH port? My fail2ban has hardly anything to do since
moving port some time back. Very rarely does it see any attempts on my new odd
number SSH port, but on port 22 the attacks were continuous. I agree in terms
of security for a determined hacker moving port does nothing.
FWIW I found sshguard easier to deal with on FreeBSD than fail2ban.
Turn off password logins and take good care of your ssh keys. Moving sshd to a
different port is a waste of time but harmless if you’re the only administrator.
—mkb
> On Sep 4, 2018, at 5:35 AM, Marcus Wahle wrote:
>
>
El 04/09/18 a las 17:12, nusenu escribió:
>
>
> Paul:
> >
> > For me running several FreeBSD relays this is a great hint!
> >
> > Maybe it will find its way to
> > https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/FreeBSD
> >
>
> http replaced with https
>
My relay VMs are provisioned with Terraform. Once the VMs are up, Terraform
copies over a shell script which installs and configures everything. Relay
keys, configs, etc live on a separate volume so that relays keep the same
identities even when I rebuild the VMs from scratch. I can destroy all
Paul:
>
> For me running several FreeBSD relays this is a great hint!
>
> Maybe it will find its way to
> https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/FreeBSD
>
http replaced with https
Hi arisbe. This isn't as concerning as you seem to think. As Nathaniel
mentions it's simple to get this information, Nyx is simply attempting
to scrub it cuz... well, it's ethically and legally the right thing to
do. Nyx's 'should this be scrubbed' check is pretty simple [1].
Inbound addresses are
For me running several FreeBSD relays this is a great hint!
Maybe it will find its way to
https://trac.torproject.org/projects/tor/wiki/TorRelayGuide/FreeBSD
> Not a problem with FreeBSD.
>
> Switch over to https and latest...
>
> /etc/pkg/FreeBSD.conf:
>
> url:
Hello,
i'm using ansible to do that.
ps:
https://bitbucket.org/urykhy/ansible-roles/src/master/tor/
(yes, there is lot of hardcode, it's really example, not solution)
04.09.2018 05:11, Isaac Grover, Aileron I.T. пишет:
Hello,
i'm using ansible to do that.
ps:
https://bitbucket.org/urykhy/ansible-roles/src/master/tor/
(yes, there is lot of hardcode, it's really example, not solution)
04.09.2018 05:11, Isaac Grover, Aileron I.T. пишет:
Hi,
I am unfamiliar with the nuances of Australian law however I do wonder the
following:
On Tue, 4 Sep 2018 at 14:01, teor wrote:
>
> The law specifically allows payments by the government.
>
Lets speculate and say there is a relay operator who runs their relay in
their spare time, and the
(mostly a copy paste from [0])
1. Monitor your relay’s BGP prefix for suspicious BGP activity and share alerts
with
this mailing list.
The easiest way to do so is to subscribe to your prefixes using
https://bgpmon.net/.
You should practically get zero alerts.
2. Check the following properties
> On Sep 4, 2018, at 9:06 AM, Ralph Seichter wrote:
>
> On 04.09.2018 14:44, Sean Brown wrote:
>
>> Using an obscure port only prevents attempts being logged, nothing
>> else.
>
> I cannot agree with that. What an sshd logs is not determined by the
> port number it is listening on, and the
On 04.09.2018 14:44, Sean Brown wrote:
> Using an obscure port only prevents attempts being logged, nothing
> else.
I cannot agree with that. What an sshd logs is not determined by the
port number it is listening on, and the quantity of failed login
attempts across my servers is measurably lower
> On 4 Sep 2018, at 21:57, Gary wrote:
>
>> On Tue, 4 Sep 2018, 11:20 Paul Templeton, wrote:
>> But seriously -
>> https://www.homeaffairs.gov.au/about/consultations/assistance-and-access-bill-2018
>> And -
>>
On 09/04/2018 03:41 PM, Marcus wrote:
> Thanks Paul,
> I use fai2ban, but this amount of failed logins is new to me.
> Marcus
The failed logins are business as usual. If the machine is on the net,
then bots will find it no matter where it is or which port it listens
on. But they usually move on
On Sep 4, 2018, at 8:40 AM, Natus wrote:
>
>> Use some tool like fail2ban and/or ssh key authentication.
>
> Also change the default port of your ssh endpoint (eg: )
>
>
Using an obscure port only prevents attempts being logged, nothing else. And if
you’re going to use an alternate
Marcus Wahle:
> Since 14:00 my logs (middle node) are spamed with around 100 faild
> ssh login attemps from different ips. Is there anybody else
> affected?
I'd say that is business as usual and not much to worry about if you use strong
authentication
--
https://twitter.com/nusenu_
Thanks Paul,
I use fai2ban, but this amount of failed logins is new to me.
Marcus
--
Mein öffentliches Zertifikat finden Sie unter:
https://web.tresorit.com/l#tDLNPX-QlTRTcpMEqRRSng
Am 04.09.2018 um 14:38 schrieb Paul Templeton :
>> Since 14:00 my logs (middle node) are spamed with around 100
ssh key authentication.
and an obscure port
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> Use some tool like fail2ban and/or ssh key authentication.
Also change the default port of your ssh endpoint (eg: )
--
regards, natus
___
tor-relays mailing list
tor-relays@lists.torproject.org
> Since 14:00 my logs (middle node) are spamed with around 100 faild
> ssh login attemps from different ips.
> Is there anybody else affected?
Yes - it's constant 3-5 attempts per second - that's normal.
Use some tool like fail2ban and/or ssh key authentication.
Paul
Dear all,
Since 14:00 my logs (middle node) are spamed with around 100 faild ssh login
attemps from different ips.
Is there anybody else affected?
Best regards
Marcus
___
tor-relays mailing list
tor-relays@lists.torproject.org
I live in the United States so they’d need to pass an act here for it to be
enforced, which would be constitutionally challenged with every last legal
measure available. Have you seen the legal shitstorm with social networks
censoring conservatives, can you imagine them hearing the government is
Hello,
On Tue, 4 Sep 2018, 11:20 Paul Templeton, wrote:
> But seriously -
>
> https://www.homeaffairs.gov.au/about/consultations/assistance-and-access-bill-2018
> And -
>
> https://www.homeaffairs.gov.au/about/national-security/five-country-ministerial-2018
>
> The thing that worries me is that
> Before getting into a death-spiral of geek solutions to political problems:
> what makes you believe that
> relay operators would get classed (under a legal definition) as
> "communications providers"?
A communications provider is "the provision by the person of an electronic
service that
On Tue, 4 Sep 2018 at 11:20, Paul Templeton wrote:
>
> The thing that worries me is that this bill will probably go through and
> it can hoover up relay operators. That is they can force you to add/develop
> tools to eavesdrop on you.
>
Before getting into a death-spiral of geek solutions to
On a satire note -
https://www.youtube.com/watch?v=eW-OMR-iWOE
But seriously -
https://www.homeaffairs.gov.au/about/consultations/assistance-and-access-bill-2018
And -
https://www.homeaffairs.gov.au/about/national-security/five-country-ministerial-2018
The thing that worries me is that this
> what maintenance actions do you take? I merely keep the operating system
> up to date, which includes the tor package.
> So i do not ssh regularly into my machines. Sometimes maybe once a week.
> What are you guys doing every day?
If they're cheap VPSs, as mine are, the nongs who run them keep
Hi,
relayor v18.1.0 is released.
relayor helps you with running relays with minimal effort (automate everything).
https://github.com/nusenu/ansible-relayor
Changes since v18.0.0:
--
- enable NoExec by default on all platforms except CentOS
- increase min.
46 matches
Mail list logo
