Re: [tor-relays] Fwd: Your TOR relay

On 08/07/2017 10:53 PM, Dennis Emory Hannon wrote: > No attitude or hurt feelings. What’s different from my servers compared > to others? Probably nothing at all….this is just a hobby of mine. One > would think if I wanted to collect information I would just run an exit > node myself since I have

Re: [tor-relays] Linux kernel vulnerability

On 10/22/2016 08:02 PM, Tristan wrote: > Would it be acceptable to configure unattended-upgrades to automatically > reboot the system when required? I already have it configured to check > for and install all updates to Ubuntu and Tor once a day, but I still > need to manually reboot to apply

Re: [tor-relays] Linux kernel vulnerability

On 10/21/2016 06:23 PM, Tristan wrote: > And? > > Honestly, the way people create names and websites for these things, > you'd think it's a fund-raiser for something, not a critical security bug. Tristan, they know this. They are even good-natured enough to make fun of it themselves. From

Re: [tor-relays] Why do 40% of Tor exits uses 8.8.8.8 for DNS resolving ?

On 10/17/2016 12:34 PM, Hoshpak wrote: >> # chattr +i /etc/resolv.conf >> >> Exact it works fine :) > > Please only do this if your are sure your server is not running in a > Virtuozzo/OpenVZ container environment. On Virtuozzo, the startup > procedure includes scripts that rewrite resolv.conf

Re: [tor-relays] Why do 40% of Tor exits uses 8.8.8.8 for DNS resolving ?

On 10/16/2016 04:54 PM, Petrusko wrote: > Thx for this share. > > But I'm not sure how Unbound is "speaking" with the roots DNS servers... > Somewhere I've read that DNS queries can be forwarded by a "man in the > middle", and the server operator can't be sure about this :s > An ISP is able to do

Re: [tor-relays] Tiny computers (RPi-like) for exit nodes?

cal roles, so they may have a possibility of standing up to the job. If not, a low-end old laptop will have AES acceleration. Something to consider. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] VPS for Exits

You can add Pulse Servers to the list. I think they are happy as long as you don't use an excessive amount of bandwidth per month. A rough estimate of the maximum is 10 TB per month per tier, but less is better. -- Jesse V signature.asc Description: OpenPGP digital signature

Re: [tor-relays] unbound bogs down strangely, degrading exit relay

On 03/18/2016 02:02 PM, Dhalgren Tor wrote: > This issue is a PIA and if it continues I'll give up on 'unbound' and > follow the previous operator, switching to bind9 despite the lesser > performance. Could you try switching to a different upstream DNS provider? -- Jesse V sign

Re: [tor-relays] please send me the hosters you use

nth plan meet your criteria. They give you a Xeon-class CPU and a 1 Gbits link, but there's a clause about reasonable use, so typically it's best to keep it under 100 Mbits unless you buy a higher tier. Servers are in CA and UK. I don't remember what container they use though. -- Jesse V signatu

Re: [tor-relays] Any known Tor relay seizures (in Germany)?

ate a significant amount of spam and attacks by using a reduced exit policy, especially if you get rid of the standard ports for SSH and Telnet traffic. A custom landing page doesn't hurt either; mine looks like this: http://198.50.200.131/ -- Jesse V signature.asc Description: O

Re: [tor-relays] Netflix overblocking non-exit Tor relays

bly need to try to talk to someone above the average tech support responder, since they are trained to how to diagnose and repair common issues, and "Netflix is blocking non-exit Tor relays" certainly isn't high on that list. -- Jesse V signature.asc Description:

Re: [tor-relays] tor middle node question

know. I guess I heard incorrectly. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] What does this message mean in my tor logs?

th packet forwarding on a personal machine and had duplicated packets (which manifested itself as log warnings, double ping replies, and slow performance) until I fixed my iptables rules. -- Jesse V signature.asc Description: OpenPGP digital signature ___ t

Re: [tor-relays] tor middle node question

obe.torproject.org. The choice of Atlas or Globe is a personal preference. I prefer Globe, but both are far better than torstatus.blutmagie.de -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.to

Re: [tor-relays] Tor Bridges

On 01/22/2016 05:59 PM, Roots Babilonia wrote: > Please send me bridges > This is not the place to ask for bridges. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org

Re: [tor-relays] Suggestion to make Tor usage more disguised

ne they wrote themselves. It just makes the whole network more friendly for the rest of the Internet. It's "Tor", not "TOR". -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailin

Re: [tor-relays] How to update tor on my raspberry

On 01/10/2016 09:00 AM, Peter Garner wrote: > I just download the source code and do a build. It takes a while but at least > you can grab a coffee! It's generally a better idea to use software repositories, primarily because it's easier to stay up-to-date. -- Jesse V signatu

Re: [tor-relays] Debugging my small relay

system standards, near as I can tell. See https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.o

Re: [tor-relays] Debugging my small relay

lay/C1B80BA2D97C33851DE08FD061F531A129705988 It will be a few days before it sees more traffic, since it's a very new relay at this point. With a speed like that, you might consider switching to an obfs4 bridge rather than a relay. You'll probably contribute more to the network that way. -- Jess

Re: [tor-relays] tor hidden services & SSL EV certificate

ct.org/blog/facebook-hidden-services-and-https-certs -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Delete

On 12/30/2015 08:24 AM, OM Healing wrote: > Me too fuck, I can't get off this thing either. > Please!!! Use https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays You can always unsubscribe yourself, same as most other mailing lists. -- Jesse V signature.asc Description: O

Re: [tor-relays] tor hidden services & SSL EV certificate

ed an HTTPS cert but I think that's mostly for a publicity stunt than anything else. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] tor hidden services & SSL EV certificate

hat case you don't need an SSL cert. This can sometimes be superior to trusting the centralized CA model, but I agree that the points you've listed are useful applications as well. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays

Re: [tor-relays] Running an exit? Please secure your DNS with DNSCrypt+Unbound

you pointed out. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Re: [tor-relays] Running an exit? Please secure your DNS with DNSCrypt+Unbound

EC. Although DNSSEC doesn't provide confidentiality for DNS queries, it does provide authentication and integrity checks. Unbound with a large cache and DNSSEC re-enabled is probably superior to Unbound+DNSCrypt without DNSSEC. The point still stands though; you can secure and optimize an exit's DNS

Re: [tor-relays] Running an exit? Please secure your DNS with DNSCrypt+Unbound

red this? Certainly. My configuration files are here: https://gist.github.com/Jesse-V/66fe794bf1b9e4ccf852 Unbound does most of the hard work already and by default queries authoritative DNS servers. My configuration is based on the manpage, Fedora's default Unbound configuration, and the optimization

Re: [tor-relays] Running an exit? Please secure your DNS with DNSCrypt+Unbound

On 12/20/2015 04:11 PM, Jesse V wrote: > On 12/20/2015 03:47 PM, Green Dream wrote: >>> Weasel and velope on #tor-project suggested that I remove DNSCrypt >>> entirely and let Unbound be a recursive resolver against the root DNS >>> servers, which I have now don

[tor-relays] Running an exit? Please secure your DNS with DNSCrypt+Unbound

scrypt-proxy#installation may be helpful here. 3) I modified Unbound's configuration per the instructions in https://www.dnscrypt.org/#dnscrypt-proxy. For the sake of convenience, you can find my configuration here: https://gist.github.com/Jesse-V/675b7ec87eca864887e6 I then reloaded Unbound to apply

Re: [tor-relays] Running an exit? Please secure your DNS with DNSCrypt+Unbound

earnet somewhere. It's probably not a good idea to build infinite loops through the Tor network. -- Jesse V signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cg

Re: [tor-relays] Opt-In Trial: Fallback Directory Mirrors

Able! Op do 17 dec. 2015 20:19 schreef Aeris : > > we will only add your relay if you opt in. > > You obviously have my opt-in for my kitten1 > (86E78DD3720C78DA8673182EF96C54B162CD660C) relay ! > > <3, > -- > Aeris > Individual crypto-terrorist group self-radicalized on

[tor-relays] Any experience with Pulse Servers?

and the UK and have really low prices on VPSs, which I'm trying to understand. I've been trying to learn more but I think they have a pretty small setup (apparently the owner does tech support) and documentation is limited. Does anyone have any experience or opinions on them? -- Jesse V signature.asc