2016-08-01 8:15 GMT+02:00 stig atle steffensen :
> I decided today to turn the node into a non-exit node this morning.
> The stress of not knowing if something will happen again is too much for me
> to go around thinking about.
>
> I will rather donate some to torproject or other exit operators.
2
Hi,
2016-09-28 13:31 GMT+02:00 Sadia Afroz :
> Can you please share the abuse complaints you received while running an
> exit?
[...]
> We will appreciate if you can share the abuse complaints you received.
> It will be valuable for us to better understand the abuse of Tor and to find
> solutions
2016-09-29 14:53 GMT+02:00 mick :
> On Wed, 28 Sep 2016 22:05:33 -0700
> Sadia Afroz allegedly wrote:
>
>> We did not publish the report anywhere.
>> I put it up on my site just for the ease of sharing it in the mailing
>> list.
>
> Sadia
>
> With respect, those two statements are mutually contrad
On 15/05/2017 00:08, Mirimir wrote:
> | WanaCrypt0r will then download a TOR client from
> | https://dist.torproject.org/torbrowser/6.5.1/tor-win32-0.2.9.10.zip
> | and extract it into the TaskData folder. This TOR client is used to
> | communicate with the ransomware C2 servers at gx7ekbenv2riucm
On 15/05/2017 09:38, Roger Dingledine wrote:
> On Mon, May 15, 2017 at 09:17:33AM +0200, Cristian Consonni wrote:
>>> | https://dist.torproject.org/torbrowser/6.5.1/tor-win32-0.2.9.10.zip
>>
>> Was the increased number of downloads from the malware visibile from the
>
Hi,
On 16/05/2017 01:52, Roger Dingledine wrote:
> For those of you who are not on tor-announce... now would be a good
> time to remember to subscribe to tor-announce. :)
I run a couple of relays with Debian 7 Wheezy, which is the old stable
version.
AS you can see from the Debian package page[1
Hi,
On 17/05/2017 17:32, Matt Traudt wrote:
> https://www.torproject.org/docs/debian.html.en
On 17/05/2017 18:02, fco...@wardsback.org wrote:
> I'm also running tor on wheezy : Currently running v0.2.9.9.
>
> To ease your life in remaining up to date, you can as well get tor from
> the Tor Proje
Hi,
On 12/05/2017 19:27, tor wrote:
>> 2. or would Verizon notice first the bandwidth or the amount of data going
>> through our connection? Which would be the first limit? Bandwidth or data?
>
> It looks like Verizon has a soft cap for FIOS customers, between 4 to 10 TB
> per month:
>
> http:/
Hi,
On 18/05/2017 01:56, Gunnar Wolf wrote:
> Cristian Consonni dijo [Wed, May 17, 2017 at 05:04:29PM +0200]:
>> AS you can see from the Debian package page[1] the latest available
>> version of Tor packaged for Wheezy is 0.2.4.27-3, which to me looks
>> quite behind either
Hi,
thanks for your response.
On 19/05/2017 02:28, teor wrote:
>> On 18 May 2017, at 21:15, Cristian Consonni wrote:
>>
>> One thing that will change with a fresh install is the IP address of the
>> nodes. So, I was wondering, in general is a good thing to keep the s
On 23/05/2017 15:45, Cristian Consonni wrote:
> so, to be clear, if I was a fallback directory mirror (which I am note)
> I should manintain the same IP. Otherwise it is ok to change IP.
Correction, one of my node is a Fallback Directory, actually.
I am a little bit perplexed because I res
On 24/05/2017 03:25, teor wrote:
>> On 24 May 2017, at 01:05, Cristian Consonni wrote:
>> I am a little bit perplexed because I responded to a call for fallback
>> dirs last December (Dec 2016), but then I got no answer or confirmation
>> that the relay was elected to beco
On 21/05/2017 21:47, grarpamp wrote:
>> On 21/05/2017 14:14, Nagaev Boris wrote:
>> Can they force an operator to decrypt, if he lives in other country
>> which is non-US and non-EU (e.g. Russia or China)? Does it make sense
>> to run nodes in countries you don't live in or visit?
>
> If poor odds
Hi,
On 18/05/2017 10:45, nusenu wrote:>> Currently, my server hosting
kitten1 and kitten2 (tor guard and fallback
>> directory) is under seizure since 14/05 11h.
butplease revoke
>> immediatly kitten1 & kitten2 tor node.
>> Those nodes are also fallback directory.
>
> I don't know any context or
On 27/05/2017 03:10, nusenu wrote:
>> - I'm being very upfront with sales@ regarding my purpose before
>> signing up, and making sure they're okay with it.
>
> That is great.
I think this is a best practice, see also:
https://blog.torproject.org/running-exit-node
>> What questions should I be as
Hi nusenu,
thanks for your reply.
On 27/05/2017 00:08, nusenu wrote:
>> If I look inside the DataDir of one of my relays - a standard Debian
>> install - see this:
>> ```
>> ed25519_master_id_public_key
>> ed25519_master_id_secret_key
>> ed25519_signing_cert
>> ed25519_signing_secret_key
>> secre
On 27/05/2017 00:55, nusenu wrote:
>> I'm just wanting to raise the point, that while lack of contact
>> information may be concerning, in my opinion the contact information is
>> definitely not something you should rely on to assess how untrustworthy
>> a given relay is. A person or group with mal
On 15/05/2017 12:21, aeris wrote:
> Private key are under encrypted volume and may be protected
On 21/05/2017 10:02, Roger Dingledine wrote:
> On Sun, May 21, 2017 at 09:12:39AM +0200, Petrusko wrote:
>> @aeris, do they ask you to uncrypt the volume ? (good luck to you...)
>> What can be the best
Hi,
thanks everybody for your replies.
On 30/05/2017 15:52, dawuud wrote:
> Is there a clear threat model justifying use of disk encryption here?
On 30/05/2017 15:52, dawuud wrote:> The decryption keys sit in system
memory so an adversary with physical
> access will surely win. I just don't see
Hi,
On 10/08/2017 21:15, Tor Node Admin @ SechsNullDrei.org wrote:
> I would welcome the opportunity to tie my name to my exit nodes, if it
> weren't for the 1%-3% of illegal traffic that could land me in jail for the
> uneducated LEAs. And if it weren't for that 1%-3%, I would encourage a
> m
Hi Paul,
On 11/10/2017 13:28, Paul Templeton wrote:
>> I believe in such case you are supposed to reply to your provider
> I will
For my experience, I do the same.
>> There was a mini discussion recently on that, with the general consensus
>> seeming to be that keeping it open is more trouble th
Hi,
due to the new DigitalOcean billing terms for bandwidth (see this other
thread [1]), I have limited my relay bandwidth to be sure I will stay
withing the limits:
```
RelayBandwidthRate 360 KB # Throttle traffic to 100KB/s (800Kbps)
RelayBandwidthBurst 720 KB # But allow bursts up to 200KB/s (
Hi,
I am running a couple of relay nodes and now I would like to set a
bridge relay. The `torrc` file says the following:
---
## Uncomment this if you run more than one Tor relay, and add the identity
## key fingerprint of each Tor relay you control, even if they're on
## different networks. You d
Hi,
tl;dr: it is not clear to me what I should ask to my provider about
SWIP, if this is something I can set up on my own and/or how I should
ask for this to my provider.
I have been running a couple of relays for some months (since the last
EFF Tor challenge) and now I would like to operate an e
Hi,
2015-09-27 1:35 GMT+02:00 :
> (1) In the guide it is advised to "Get a separate IP for the node. . .
>
> You have the right idea. Tor-exit node IPs end up on all
> sorts of black-lists and it's best to segregate exit traffic
> from all other traffic.
[...]
>http://multirbl.valli.org
>
2015-09-27 6:23 GMT+02:00 :
>>I have bought some credit on Aruba. . .
>
> Looked at Aruba offerings, check this out
>
> https://serverdedicati.aruba.it/server-dedicati/basic-1-3.aspx
>
> For 15 euros/month you can have a dedicated
> dual-core 1.6GHz with 100MBPS unmetered
> traffic. This will mak
Hi,
2015-09-27 16:42 GMT+02:00 Moritz Bartl :
>> SWIP/RWHOIS/ARIN/RIPE is what can be read from the relevant Wikipedia
>> pages. How can I ask my provider about this?
>
> You just ask. Only they can do it, so ask if they are willing to change
> WHOIS records for your IP(s).
>
> My recommendation i
Hi,
I am currently running three small relays on two different services/ISPs.
I have two somewhat unrelated questions:
* given costant resource (i.e. euro/month) I can afford to run relays
is it in general better to run one bigger relay or, say, two smaller
ones.
* are there any tools to manage m
2015-10-14 23:00 GMT+02:00 Tim Wilson-Brown - teor :
>
> On 15 Oct 2015, at 07:55, Cristian Consonni wrote:
> I am currently running three small relays on two different services/ISPs.
>
> I have two somewhat unrelated questions:
> * given costant resource (i.e. euro/month) I
2015-10-14 23:46 GMT+02:00 Saint Aardvark the Carpeted
:
> An alternative to Puppet or Chef (and I'm a fan of both) would be
> Ansible; it's much simpler to pick up, and uses SSH to connect to
> machines to manage them -- no master server needed. I'd say that
> with three nodes, something like thi
2015-10-14 23:35 GMT+02:00 :
>>* given costant resource (i.e. euro/month) I can
>>afford to run relays is it in general better to
>>run one bigger relay or, say, two smaller ones.
>
> Based on a past thread, guessing you run
>
> __fs_ BV2 IT 344 71 6.10 L 5.249.159.209 9001 None ... .aruba.it
> __
2015-10-15 16:45 GMT+02:00 :
> If you have the ability to use 'tc' instead
> of BandwidthRate (per posts earlier this month)
> you should do that. RelayBandwidth* are not
> intended for limiting bandwidth in dedicated
> relays. Replace them with BandwidthRate
> and BandwidthBurst if you can't us
Hi,
2015-10-21 22:23 GMT+02:00 teor :
> Would you mind putting the statement on the wiki or posting it to this list?
>
> It might help other exit operators to respond to these kind of abuse reports.
+1. Can somebody point me to this?
I have just received a notification from my ISP that they will
2015-11-16 12:46 GMT+01:00 Josef 'veloc1ty' Stautner :
> sorry, I marked that message as "Todo" but forgot :-)
Thank you. This is very helpful!.
> -
> Hello Martin,
>
> I've blocked the whole /24 (originally the target IP range is inside a /16
>
2015-11-16 13:21 GMT+01:00 Eran Sandler :
> My hosting provider also go these requests. Their terms of service requires
> that I will answer something to acknowledge I got that.
>
> I just answer "ok, I'll handle it" and that's it.
>
> The reverse lookup of my nodes points to a hostname that shows
2015-11-17 0:36 GMT+01:00 Dhalgren Tor :
> Webiron's system sends notifications to both the abusix.org contact
> for the IP and to ab...@base-domain.tld for the reverse-DNS name of
> the relay IP. So if you can configure abuse@ for the relay domain to
> forward to you, you will see their notices a
Il 17/Nov/2015 08:27, "Rejo Zenger" ha scritto:
>
> ++ 17/11/15 02:08 +0100 - Cristian Consonni:
> >2015-11-17 0:36 GMT+01:00 Dhalgren Tor :
> >> Webiron's system sends notifications to both the abusix.org contact
> >> for the IP and to ab...@base-do
2015-11-18 0:02 GMT+01:00 Green Dream :
> It seems to be working at least some of the time, as I did receive a
> notification to the same email address for another node, back in
> mid-October.
I have received today a notification after my node went down for ~20 hours.
Cristian
___
2015-12-20 17:21 GMT+01:00 Remi Gacogne :
>> On the other hand, I would say using a local DNS cache can increase both
>> your relay's performance and perhaps offers a slight privacy gain to tor
>> clients, given that a cached DNS response will be served directly to a
>> tor client rather than query
2016-03-08 23:15 GMT+01:00 Roman Mamedov :
> Sorry but reading these kinds of things is kind of demoralizing. --
>
> I'm not going to do a "me too" post, but some of us pay for relays with their
> own funds for years, which easily do 30-40 MB/sec combined, receiving zero
> donations -- then some gu
Hi,
I am putting together a blog post with tips and tools for
administrating a node and then I have discovered the technique of
"port knocking".
I decided to experiment with it and I have created a guide that puts
it together with the default configuration for iptables by
torservers/moba[1a][1b].
2016-05-03 16:25 GMT+02:00 Diarmaid McManus :
> I would no longer recommend port knocking using a static port sequence.
> Instead, I'd recommend knockknock by moxie,
> https://github.com/moxie0/knockknock/blob/master/README
I have discovered knockknock project just little before finishing the
post
Hi,
2016-05-03 17:30 GMT+02:00 goll :
> Have you looked into Single Packet Authorization?
>
> http://www.cipherdyne.org/fwknop/
I saw it mentioned in one of the 2014 threads, but I didn't dig into
it. I will take a look.
Thanks.
C
___
tor-relays mailin
2016-06-16 3:00 GMT+02:00 grarpamp :
> On 6/14/16, NotRandom Someone wrote:
>> What do you think about using tor-arm ?
>
> https://gitweb.torproject.org/nyx.git/
>
> Arm now known as Nyx.
On my node (running with Debian Jesse as OS) I have installed this package:
https://packages.debian.org/jessi
On 22/07/2018 18:57, nusenu wrote:
>> I am running a couple of relay nodes and now I would like to set a
>> bridge relay. The `torrc` file says the following:
>> ---
>> ## Uncomment this if you run more than one Tor relay, and add the identity
>> ## key fingerprint of each Tor relay you control, ev
Hi,
Form the instructions to install obsf4:
https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/obfs4proxy
---
```
ExtORPort auto
```
[...]
```
[notice] Registered server transport 'obfs4' at '[::]:46396'
```
Remember the random port associated to your bridge needs to be open
bridge.
> On 2018-07-23 16:03, Cristian Consonni wrote:
>> Thanks in advance (I am sorry for the flood of stupid question, but I
>> prefer to ask a stupid question that having things not work and not
>> understanding why...)
On 23/07/2018 23:36, Alexander Dietrich wrote
Hi,
On 26/07/2018 00:24, teor wrote:
> If you have multiple IP addresses, you can run multiple bridges on the
> same connection.
I don't, in fact I am using a small (fanless) machine from my home
connection.
I was thinking if I could test the relay by configuring my Tor browser
to use my bridge.
Hi,
On 31/07/2018 21:49, Alexander Dietrich wrote:
> On 2018-07-31 16:27, Cristian Consonni wrote:
>
>> so I am assuming that to test my bridge it is not sufficient to know
>> which pluggable transport is running, the IP address and the port. I
>> need the cert string
Hi,
On 01/08/2018 15:24, Cristian Consonni wrote:
> One question, I can make the ORPort and obfs4 PT port listen on port 80
> or 443, which I assume are less filtered by company firewalls.
In the end I set up the obfs4 PT to listen on port 443 and ORport on
port 80. These two tickets may
Hi,
After 7+ years of running a relay on DigitalOcean, I have decided to
move it somewhere else, as there are cheaper options.
I kept the same keys and fingerprint and it seems that it has been
picked up correctly on Atlas/Tor metrics, as it is showing with the new IP.
I believe that this relay
Hi all,
I have a fiber connection at home and I would like to run a bridge or
standalone Snowflake proxy on a dedicated Raspberry Pi 4. I have been
reading some threads [1][2] from this list about the topic, but it is
not completely clear to me what would be the best choice.
The requirements
52 matches
Mail list logo
