IONOS is good - just keep the data throughput around 25%, and they should leave
you alone.
Paul
137CF322859E400455E457DB920F65FFDD222CDF
- Original Message -
From: "MRob via tor-relays"
To: tor-relays@lists.torproject.org
Cc: "MRob"
Sent: Wednesday, February 21, 2024 10:18:28 AM
the relay with fingerprint B8D95BB1AAFB6F234EC50A100F46E4CC8E8E90FB
(coffswifi5)is not me...
coffswifi4 is mine so don't ask me to add as a family...
Paul
137CF322859E400455E457DB920F65FFDD222CDF
___
tor-relays mailing list
Hi Irr4Z,
I note you sent an email directly to me via the contact details from the exit
node.
attached...
Hola Paul,
Te escribo porque he visto que eres el único nodo activo de salida en
tor, en españa.
Estoy interesado en contribuir con un exit node en españa, y quería
conocer tu experiencia,
Just an FYI on a problem I found with two DNS of 1and1 ionos.
The affected DNS are 212.227.123.16 and 212.227.123.17 which both are not
responding to *.torproject.org domain or sub domains.
I found this out as my system reverted back to the default DNS after a system
crash. I'm now using bind
> It can be hard to set up IPv6 for a relay, we're working on a grant to make
> it easier.
It could be helpful to do a request/survey to relay operators to find out their
experiences.
That is those who have ipv6 configured what was the process and if there were
any problems in the process.
For
> the tor project mob just asked me to give money to support their effort to
> protect free communication and privacy.
> i thought my contribution to the 'community' goal paying for space of
> numerous virtual computers in numerous places was sufficient.
> how many relays do each of them run
> Aren't Russia, China, North Korea and Malaysia somewhere near?
Australia is now in EuroVision so its somewhere near...
P
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
OVH Final responce.
I've been informed that RPKI ROA is indeed a very nice security mechanism for
BGP and prevent BGP hijacking and we totally agree that the popularity grew
since the recent months. We definitely will consider this solution as BGP
hijacking protection.
For now, we do not have
OVH response so far.
"
Thank you for contacting OVH regarding your concern about BGP hijacking.
We first would like to apologize for the delayed response! We are experiencing
an unusual amount of requests at this moment. This is why the response time is
longer than usual.
That being said, I
> Since 14:00 my logs (middle node) are spamed with around 100 faild
> ssh login attemps from different ips.
> Is there anybody else affected?
Yes - it's constant 3-5 attempts per second - that's normal.
Use some tool like fail2ban and/or ssh key authentication.
Paul
> Before getting into a death-spiral of geek solutions to political problems:
> what makes you believe that
> relay operators would get classed (under a legal definition) as
> "communications providers"?
A communications provider is "the provision by the person of an electronic
service that
On a satire note -
https://www.youtube.com/watch?v=eW-OMR-iWOE
But seriously -
https://www.homeaffairs.gov.au/about/consultations/assistance-and-access-bill-2018
And -
https://www.homeaffairs.gov.au/about/national-security/five-country-ministerial-2018
The thing that worries me is that this
Question: are exit operators seeing many abuse complaints now days? I have only
had one in the last two months from 5 exits. I used to see a lot now nothing
really.
I just find it weird.
Paul
137CF322859E400455E457DB920F65FFDD222CDF
___
tor-relays
> About finding sponsors for high speed exits, it could be nice
> to gather ideas.
Can I ask what is a high speed/capacity exit? For me it would be >10MiB/s am I
correct?
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
> If you are an OVH SAS or Digital Ocean customer (directly or indirectly just
> on the same AS)
> it would be great if you could ask your customer support when they are planing
> to deploy RPKI ROAs (like other big hosters already did).
Do you have a template email that can be sent? I will
> Is there any help for setting up new high capacity exit relays ?
> Livak
If you have questions there are many who will answer them in this list.
There are s many factors that come into play.
How much are you willing to spend
How to communicate to the ISP
What hardware you are going
This is sad, but is becoming more common.
I just spent three days getting a relay back up after it was locked because of
abuse complaint. In the end I had to ring them and explain - they seemed to
have come on board.
If you have a backup you could find a new hosting service - won't do much for
In the Bill at
https://www.homeaffairs.gov.au/about/consultations/assistance-and-access-bill-2018
137CF322859E400455E457DB920F65FFDD222CDF
___
tor-relays mailing list
tor-relays@lists.torproject.org
137CF322859E400455E457DB920F65FFDD222CDF
> I'm suddenly without my tor-relays emails and I'm beginning to
> withdrawal test 1...2...3?
I feel Sad for you...
P
___
tor-relays mailing list
tor-relays@lists.torproject.org
> Exits don't get dropped from the consensus for DNS failures.
> The directory authorities only check ORPort connectivity.
Then I have two separate problems...
___
tor-relays mailing list
tor-relays@lists.torproject.org
137CF322859E400455E457DB920F65FFDD222CDF
- Original Message -
From: "Paul Templeton"
To: tor-relays@lists.torproject.org
Sent: Monday, July 9, 2018 8:55:39 AM
Subject: [tor-relays] DNS Time Outs
Hi all,
how often does the site https://arthuredelstein.net/exits/ update. 'coffswifi4'
was reporting 60% time
Hi all,
how often does the site https://arthuredelstein.net/exits/ update. 'coffswifi4'
was reporting 60% timeouts but I have setup a stand alone DNS for it and would
like to know if its resolved the problem.
I think this is why it kept on being dropped from the consensus...
For nusenu - Yes
> Would anyone have had any luck running a relay via mobile broadband in
> Australia?
> The DirPort 9030 and the ORPort 9001 are blocked.
> Is it impossible to work around the port blocking?
What provider - I used to run one on iiNet broadband.
P
> They seized most of our electronical storage equipment (disks,
laptops, PCs, GnuPG Smartcards/Yubikeys), but it is safe to assume that
they will not be able to break the encryption (or the smartcards). They
also took our mobile phones, but even if they were to break into them,
no login data or
>nusenu:
>> feature request for prefixes is on my
>> todo list
>https://trac.torproject.org/projects/tor/ticket/26646
This would be good. The scenario for me is I have two exists that fall out of
the census because of ISP firewall rules (Haven't figured it out yet).
The nodes stay up and
Can you only bind one address or is there a way to use multiple?
P
609662E824251C283164243846C035C803940378
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
I feel sorry for these guys.
I hope they had backups off shore as they probably won't see their stuff
returned for some time or at all as investigations can take years.
If they need funds for legal support I'll chip in if they require it.
Paul
609662E824251C283164243846C035C803940378
> I regret to inform you all that I will be shutting down my Tor Exit node -
> Winter [ 0] after more than five years.
Makes me sad :-(
Keep a backup - you may find hope else where... You never know.
P
609662E824251C283164243846C035C803940378
> You can rent a relay anywhere in the world. (I rent a few machines in
> other countries, because internet in my country is slow.)
pfft - Does they live in AU - LOL - If they do then its expensive as well...
But teor is right plenty of systems out there in the world - some really cheap.
P
> How long is the timeout for 'Alleged Family Members' to disappear on
> 'metrics.torproject.org'? Can I force it?
Shouldn't take long, but did you leave the relay finger print in the MyFamily
section in the torrc file?
P
609662E824251C283164243846C035C803940378
>>I have two systems one a VPS the other bare metal and both will drop out of
>>the consensuses about once a day(2 to 3 hours) but are running the whole
>>time.
>Hmm, that's weird.
>Does your provider have a reliable connection?
Both systems are hosted in Spain - Some of the Auths lose
> I get sad when I pay a USA 'business' for 15 VPS exits and they fly away.
I'm sad that you get sad...
> BOINCing is good in a winter in Coffs. It was pretty crisp this morning until
> the cpu gets going.
Reminds me of the Bitcoin mining days, used to heat the flaming shed 30+.
I get sad when I lose control over one of the bare metal systems I run and help
desk is slow to respond over the weekend. Then you have to throw in the time
differences, then the language - its a wonder anything runs...
Just wanted to know if there is anyone I can hook up with to talk about
I note that you do not receive any spam until you post to the list. So is it a
bot subscribed to the list or is it reading the piper mail?
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
Who ever looks after the @metricsbot@botsin.space its stopped working...
Paul
609662E824251C283164243846C035C803940378
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>>> https://github.com/nusenu/ContactInfo-Information-Sharing-Specification
paul:
>> or will there be a key available to specify? I.e. 25%BW and/or
>> 50%CPU.
>> I'm just saying as I have three bare metal systems two that have
>> 1gbit Ethernet no data cap but they only use 15%...
nusenu:
>Due
> https://github.com/nusenu/ContactInfo-Information-Sharing-Specification
Is there an assumption that a 100% of the system is dedicated to Tor or will
there be a key available to specify?
I.e. 25%BW and/or 50%CPU.
I'm just saying as I have three bare metal systems two that have 1gbit Ethernet
> Really annoying that my email server IP has never sent anything, no relay, no
> spam, almost no traffic so what is stated is not true and even their own
> tools reports nothing.
> Is Google looking at MAC addresses to do this? How can we stop it? I really
> do not want to run another
Thanx Alexander
> Just to be safe, you could also check the rest of the dig output and
> /etc/resolv.conf (or relevant resolver configuration on your system) to
> make sure your BIND is being used. The flags look fine, though.
resolv.conf only has 127.0.0.1 and Dig responds from 127.0.0.1 -
Hi All,
Is there anyone who uses Bind9? I'll setup DNSSEC on all Exits but I would like
to validate the config.
I have done this on 41781FDC57238DAB955DF6D6E8400CEC5ACBE706
options {
directory "/var/cache/bind";
dnssec-enable yes;
dnssec-validation yes;
Thanks teor
> I would recommend using a caching resolver, it puts much less load on the
> remote resolvers you are using.
Went down this path - its working.
Paul
609662E824251C283164243846C035C803940378
___
tor-relays mailing list
Thanks nusenu
> I'd say this is broken network and ask them to fix it.
Ticket has been lodge but it takes for ever to get something done - The node
has been off line for two weeks now (After a power issue in the rack). There
has been issue after issue getting the system up again and now this.
> Can you elaborate on your network topology and NAT?
Out bound traffic from 95.130.9.210 goes via 95.130.9.1 then 95.130.8.1 then
out to the real world.
In bound traffic comes via 95.130.8.11 then 9.130.8.120
It's NATted at 95.130.8.11 and all I see is this address connected to the
system(ie
> and has screwed DNS resolution.
;; reply from unexpected source: 95.130.8.11#53, expected 95.130.8.8#53
;; reply from unexpected source: 95.130.8.11#53, expected 95.130.8.9#53
This is the problem I'm having...
609662E824251C283164243846C035C803940378
Hi All,
I have an ISP who has started NATting inbound traffic and has screwed DNS
resolution. Is there a way to bind DNS requests to use a specific IP address
(Have multiple) that is not affected with this NATting problem.
Paul
609662E824251C283164243846C035C803940378
> I was wondering if you have any plans to get IPv6 connectivity?
At three of the ISPs i use have IPv6 available but my skill set is vastly
lacking. I would love to find a mentor to assist with configs.
IPv6 is the future.
Paul
609662E824251C283164243846C035C803940378
> Tor Project infra. is being DDoSed right now. What little that can be
> done, is being done.
Maybe you could update your DNS records to create a round robin with some of
the trusted mirrors to take the load off?
Paul
609662E824251C283164243846C035C803940378
Is it me or is there some issue.
Since I've upgraded to version 0.3.2.9 there has been no update to the
bandwidth graphs.
family:867B95CACD64653FEEC4D2CEFC5C49B4620307A7
Paul
609662E824251C283164243846C035C803940378
___
tor-relays mailing list
Hi all,
Just wondering if anyone else has had this problem over the last week. I have
had attempts (one successful) on my social media accounts. Just found it
strange that it was more than one.
They got into my Facebook page (Haven't used it for years) - Seems that they
got access via really
I can not add technical advice but it reads well.
Paul
609662E824251C283164243846C035C803940378
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Hi all,
just a query - I get these unusual spikes on
https://atlas.torproject.org/#details/867B95CACD64653FEEC4D2CEFC5C49B4620307A7
(have a look at the three month chart) and I notice some of the other AU relays
do the same.
can anyone tell me what they are
Paul
You can throw 867B95CACD64653FEEC4D2CEFC5C49B4620307A7 into the mix - its my
only stable server with little load.
I would have IPv6 but OVH AU has some sort of problem - have had a ticket open
for two weeks now.
Paul
___
tor-relays mailing list
Yup - Me Too...
- Original Message -
From: "Aneesh Dogra"
To: tor-relays@lists.torproject.org
Sent: Tuesday, December 12, 2017 8:47:30 PM
Subject: Re: [tor-relays] Issues with faravahar?
On Tue, Dec 12, 2017 at 3:06 PM, r1610091651 < r1610091...@telenet.be
Have three servers around the globe and never been asked for ID. Even in
Australia where your have to identify your self with ID.
It must be the type of system yo are purchasing as I have found all of mine are
under the banner of corporate.
paul
Happening to middles as well - I get black hold all the time - ISP has auto
rules.
Paul
- Original Message -
From: t...@t-3.net
To: tor-relays@lists.torproject.org
Sent: Saturday, November 25, 2017 10:23:24 AM
Subject: [tor-relays] Pretty sure our exit was being synflooded.
Was anyone
got it...
- Original Message -
From: "Alessandro Lo Mo"
To: tor-relays@lists.torproject.org
Sent: Thursday, November 16, 2017 3:49:42 PM
Subject: [tor-relays] Test
Test
___
tor-relays mailing list
Here Here
- Original Message -
From: "Tor Node Admin @ SechsNullDrei.org"
To: tor-relays@lists.torproject.org
Sent: Monday, October 30, 2017 9:58:49 PM
Subject: [tor-relays] Thank you to directory operators
Good morning,
Relay operators often receive
These nodes are popping up everywhere - is this some sort of malware being
deployed on systems around the globe?
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
> How long is your relay blackholed for?
Usually 12Hrs - I'll look at a second IP to see if it helps a bit.
Having the ability to rotate address would be good... :)
Paul
___
tor-relays mailing list
tor-relays@lists.torproject.org
> What do you mean when you write "Black Holed" ? Are you referring to
large sites online automatically blocking users, or your traffic being
shut down by your provider?
Yes and no - The carrier is doing it - so no traffic can get through to the
providers system (My node- even me). It's
Hi All,
I have a question. I would like to know other peoples experiences for exit
nodes and the methods of mitigating getting black holed.
I have a node that gets black-holed all the time now - it runs at 18Mibt -
41781FDC57238DAB955DF6D6E8400CEC5ACBE706 I have noticed smaller relays/exits on
> Whoever runs that node will need to talk to their ISP support team to
get it unblocked.
Thanks Andy - the reason I asked because its not with the Service Provider it's
there upstream carrier - I have lodged a ticket with the carrier and waiting to
here back. The ISP doesn't know anything. I
Has anyone come across a scenario where a carrier blocks IP traffic?
atlas.cogentco.com is the point which drops any packet to 95.130.9.210
The server is up and running internal monitoring says its OK. The ISP doesn't
provide an interface to the Server so I can not log on to do any other
Thanks Roman,
> I believe in such case you are supposed to reply to your provider
I will
> There was a mini discussion recently on that, with the general consensus
> seeming to be that keeping it open is more trouble than it's worth.
>
It makes me happy but alas it was forwarded to me by the provider and didn't
include an email address... so now I can not reply, SIGH
Question: this has come from port 22 usage - how important is this port to the
general population? Thoughts...
Regards,
Paul
Thanx Teor,
I did speak to a lawyer and there is no requirement to retain any data if you
run a node. It's treated as a VPN.
My question that I sent was more about whether a service (non commercial
service) was exempt.
They don't delineate.
Paul
___
Hi All,
I have asked the Attorney Generals Department about data retention and got the
following response.
If you run a relay/bridge here you seem to be exempt from retaining data. If
your not an ISP and you run a service from home the ISP/carrier will retain the
data though.
This just
> So, in Australia, if you're running a Tor relay, it's actually easier to
> *not* be an ISP.
I'm testing this with AGs department - I have put in a request to see if Tor
falls outside of the scope - That is it's not a commercial service. The law
only states commercial services that you
> Could you please define “Metadata”? Server connections? That would be quite a
> bit with a high traffic tor relay …
https://www.ag.gov.au/dataretention
Should answer your questions.
Paul
___
tor-relays mailing list
> If you're interested in becoming your own ISP (obtaining your own ASN,
> IPv6 and IPv4 scopes), you'll need to apply via APNIC, as I did in the
> US with ARIN. Here is an example:
Would if I could - but here in AU you have to log all metadata for two years if
you are an ISP.
I either listen
OVH has this in AU
5.9
For security reasons, OVH reserves the right to proceed with the immediate
suspension without
notice, of any Server on which there is a public service Proxy, IRC, VPN or TOR
which is available free
of charge or for a fee, and for which OVH has knowledge of its
Thanx Tim,
> * reverse DNS pointing to your domain, and
I would do it anyway
> * registration services like abuse.net.
Will look into it
> ovh.com.au
Pricing ok - may be the better option - 100Mbs unlimited - [i'll give them a
call and see what they have/can do.] - I just rang them they have
alone'”
--David Cameron, 2015
On 24. Aug 2017, at 02:29, Paul Templeton < p...@coffswifi.net > wrote:
Thanx to all here on the list for input to earlier posts. Helped a lot.
Question I have is there anywhere where you can get a block of IP address or
lease as I'm in the process of g
Thanx to all here on the list for input to earlier posts. Helped a lot.
Question I have is there anywhere where you can get a block of IP address or
lease as I'm in the process of getting a 10/10Mb SHDSL service(No flaming data
cap :-)) here in AU but I want an IP range that abuse questions can
74 matches
Mail list logo