tor-relays October 2013

tor-relays@lists.torproject.org

80 participants
54 discussions

Re: [tor-relays] OT: Re: risk of relay exploit
by starlight＠binnacle.cx 16 Oct '13

16 Oct '13

Very sorry! I forgot to use the throwaway version of my address that bypasses the curmudgeonly filter. Please try me at starlight.2013z3(a)binnacle.cx At 02:16 10/16/2013 +0100, Geoff Down wrote: >Hello starlight, > >Your outgoing self-generated Spam Score also gets >your emails treated as spam by my email provider >(I tried to email you privately but your >mailserver doesn't accept mail from my provider at >all...). > >GD >

1 0

risk of relay exploit
by starlight＠binnacle.cx 16 Oct '13

16 Oct '13

Hello, Can anyone comment on the pros and cons of running a separate client-only 'tor' instance for local browsing while maintaining an independent instance configure as a relay? My thought is that if high-resource adversary exploits/subverts the relay code and inserts a trojan/parasite, they would be in a position to monitor unencrypted traffic on the SOCKS port. Is the probability of exploit significantly reduced for instances that do not accept relay connections? If so then keeping local browsing in a non-relay client would seem to be more secure since I understand that remote relays see only encrypted traffic. Thanks

3 3

significance of different bandwidth values
by starlight＠binnacle.cx 15 Oct '13

15 Oct '13

Question: What the difference between the bandwidth value given by getinfo ns/name/xxxxx >>> w Bandwidth=297 and getinfo dir/server/authority >>> bandwidth 300000 375000 335872 Here they are close, but sometimes they are far apart. The first above is what shows up in the Vidalia Network Map and the latter is less visible, but shows up in various web tools for monitoring the Tor Network. In particular, how are these values used in choosing route paths? Thanks

1 0

dynamically adjusting bandwidth
by starlight＠binnacle.cx 15 Oct '13

15 Oct '13

Hello, I've recently established a full-time relay running on a fast Linux router. Working nice with version 0.2.4.17-rc. Have a daily offsite backup that was butting heads with TOR traffic, so I wrote a 'tor_bwreduce' and 'tor_bwrestore' script like these: nc 10.92.88.1 9151 <<EOF AUTHENTICATE "xxx" SETCONF RelayBandwidthRate=60000 SETCONF RelayBandwidthBurst=60000 QUIT EOF : nc 10.92.88.1 9151 <<EOF AUTHENTICATE "xxx" SETCONF RelayBandwidthBurst=375000 SETCONF RelayBandwidthRate=250000 QUIT EOF : and run them at the appropriate points in the offsite backup script. The backup is rate-limited as well so the link now avoids going into significant oversubscription or contention. This works much better than I expected. The Tor network consensus bandwidth for the node was taking a bad hit due to congestion delays when the backup ran. Now it seems unaffected and the consensus for my node has shot up above the 'RelayBandwidthRate' value. So that's all super. The question is, should I put in an adjustment for 'MaxAdvertisedBandwidth' during the backup window or make any other change to advise remote relays to de-prioritize the node for the duration? Ideally I'd like to put the node into temporary hibernation, but it seems the only way to do that is indirectly by fiddling with several Accounting* parameters. Thanks! P.S. BTW Vidalia could use some improvement in the area of dealing with a Tor relay living on a different box in the same network. Nothing major, but it should 1) not override the config and/or warn first 2) import the config when a virgin TBB install connects to a non-local address 3) not shut down the relay casually without an "are you sure?" pop-up

1 0

Re: [tor-relays] NSA's "Tor Stinks"
by Eugen Leitl 14 Oct '13

14 Oct '13

----- Forwarded message from Adam Back <adam(a)cypherspace.org> ----- Date: Mon, 14 Oct 2013 12:02:04 +0200 From: Adam Back <adam(a)cypherspace.org> To: Eugen Leitl <eugen(a)leitl.org> Cc: Cpunks List <cypherpunks(a)cpunks.org>, info(a)postbiota.org, zs-p2p(a)zerostate.is Subject: Re: [tor-relays] NSA's "Tor Stinks" Message-ID: <20131014100204.GA28712(a)netbook.cypherspace.org> User-Agent: Mutt/1.5.21 (2010-09-15) Btw speaking of GCHQ or NSA operating Tor nodes, of course that is inevitable; and to the extent that they are not perfectly policy aligned a good thing, and they'll try to do a professional job of securing their own tor nodes :) eg if you are a chinese dissident maybe you want to use them as one hop. You just dont want them controlling to many nodes. And probably the Russians, French, Israelis, Chinese etc are all running Tor nodes and even less mutually cooperative. What we could really do with is North Korea, and Iran intelligence services running some also. I suspect to the extent that they are experiencing limited success you could imagine its because not ony are some nodes controlled by users, but more that some are operated by mutually distrustful competing intelligence agencies. The intelligence agency nodes are probably better secured than user nodes, though some user nodes maybe run by security capable and conscious users. The intelligence agencies however have a budget for and hoard of unpublished 0-days on PC & router operating systems so they have a slight edge. Also the intelligence agency is not going to cave under legal pressure when someone from law enforcement comes with threats and demands relating to exit traffic so they have that advantage too. It would be better to my mind if they just came out and said yes this is our node and ran it from their own domain tor.gchq.gov.uk or tor.nsa.gov; then users could opt to use it. However I suspect they think no one would use it, or the people they actively want to use it (who they are trying to trace) would avoid it. Could be useful if they used an identified one and a plausibly hidden one. Speaking of plausibly hidden I notice there is mention of code word 'NEWTONS CRADLE' in one of the docs for a GCHQ tor node operation, speculating could that be some MoD funded student at cambridge in their dorm? (Quite commnon in the UK for students to be sponsored by a company they will work for afterwards or a government career they took a break from. A couple of my classmates at BSc, University of Exeter (UK) comp sci BSc were openly MoD sponsored.) No matter, its trivial for establishment to provide perfect cover for node operation, just run from home address, or persuade ISP/telco to route traffic via DSL lines identifying IP address range as a IP forwarding proxy. They can do whatever they want, you'd think that more likely, however a university dorm IP address range would look nice and plausible/credible also, maybe more so than a DSL address. Probably a university upstream or the university IT itself (universities often take defense contracts) could fake it or operate it under contract with intelligence cleared dual-hat admin if they cared enough. I do think it would be very useful if the intelligence agencies running tor nodes also ran one on their own domain. Then you could route via one who's government is overtly supportive of your political cause. (Doesnt protect you from backroom information exchange deals and horse trading, which I'm sure happens even with sworn enemies, but its a start if you are unintersting enough!) However I expect another reason they dont want to do that is they dont want to enable people to get stronger privacy period. They have a dual hat, they want internet privacy for their own open source research, but they selfishly dont want other users to have privacy or gain any privacy as a side-effect from their own. Adam On Mon, Oct 14, 2013 at 11:18:33AM +0200, Eugen Leitl wrote: > ----- Forwarded message from Jesse Victors <jvictors(a)jessevictors.com> ----- > > Date: Tue, 08 Oct 2013 13:23:48 -0600 > From: Jesse Victors <jvictors(a)jessevictors.com> > To: tor-relays(a)lists.torproject.org > Subject: [tor-relays] NSA's "Tor Stinks" > Message-ID: <52545BC4.3020106(a)jessevictors.com> > User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0 > Reply-To: tor-relays(a)lists.torproject.org > > > I recently ran across several articles related to the NSA's attempts at > cracking Tor and de-anonymizing its users. They are after terrorists and > other individuals who seek to do harm of course, but their work > obviously has implications into other Tor users, the vast majority of > whom use Tor for legal and proper activities. So far, it appears that > the cryptographic standards and protocols implemented by the Tor devs > appear to be holding, which I find interesting. The NSA has been trying > other methods to figure out Tor, including identifying and then > infecting user machines, trying to control/hijack the Tor network, or by > influencing the network as a whole, and they've had a very small amount > of success, but not much. One thing that was especially interesting to > me (and I expect to everyone on this mailing list) is that they are > trying to control more relays via cooperation or direct access, which > can then be used for timing attacks or disruptions to the users. They > are also trying to shape traffic to friendly exits. For anyone > interested, I would highly recommend these links: > http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-pre… > http://www.bbc.co.uk/news/technology-24429332 > http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-en… > > Also, from > http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-in… > it appears that their opinion of Tails is that it "adds severe CNE > misery to [the] equation". These are all highly informative articles, > and it appears that Tor is remaining resilient to their efforts, as long > as people (including relay/exit operators) use the latest software, > remain aware that Tor doesn't protect them in all aspects, and as long > as there are enough non-NSA relays and exits (we need more!) such that > everything they see still remains encrypted and anonymous. Interesting I > say. > > Jesse V. > > > > > _______________________________________________ > tor-relays mailing list > tor-relays(a)lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > > ----- End forwarded message ----- > -- > Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org > ______________________________________________________________ > ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org > AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5 ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org AC894EC5: 38A5 5F46 A4FF 59B8 336B 47EE F46E 3489 AC89 4EC5

1 0

iptables changes required to advertise on 80 and 443 and bind to different ports.
by Tor Operator 13 Oct '13

13 Oct '13

I’m running a Tor exit relay on ports 9030 for advertising directory connections and 9001 for advertising incoming Tor connections. In the spirit of proxy-proofing my relay, I’d like to expose the directory and Tor connections on 80 and 443. I’ve spent hours trying to get my iptables config correct, but never successfully. I’m running CentOS 6 with SELinux enabled. Swap and /tmp are encrypted. SSH is set to public key auth only and limited to a single user. Root login is disabled, as is X11 forwarding. No other services are active and log retainment is set to a short interval. It’s a dedicated box in data center with a 100Mbit, unmetered networking connection. The box’s sole purpose in life is to be an exit node. My current iptables looks like this: # Generated by iptables-save v1.4.7 on Sat Oct 12 13:52:47 2013 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -p tcp -m tcp --dport 9001 -j ACCEPT -A INPUT -p tcp -m tcp --dport 9030 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited -A OUTPUT -j ACCEPT COMMIT I tried adding the following rules without success: iptables -t nat -A PREROUTING -p tcp -i eth0 —dport 80 -j REDIRECT —to-ports 10091 iptables -t nat -A PREROUTING -p tcp -i eth0 —dport 443 -j REDIRECT —to-ports 10090 There was also a binding issue due to Tor being blocked from binding to 10091 and 10090, which I fixed with semanage port. But the logs still indicated that the ORPort and DirPort were not reachable from the outside. I think I’m missing some other key iptable routing directives, but I can’t figure them out. I want 80 and 443 publicly exposed, but 10091 and 10090 to not be accessible from the internet. I’ve read countless FAQs, how-tos, message board posts, Linux books, the Tor mailing lists, and the answer still eludes me. It’s maddening. If anyone can provide any assistance, I’d be greatly appreciative. If I’m running the directory connections on port 80, should I still setup a vhost on the relay with the exit notice or can I just point to it in the torrc file? .cpj

3 2

NSA's "Tor Stinks"
by Jesse Victors 10 Oct '13

10 Oct '13

I recently ran across several articles related to the NSA's attempts at cracking Tor and de-anonymizing its users. They are after terrorists and other individuals who seek to do harm of course, but their work obviously has implications into other Tor users, the vast majority of whom use Tor for legal and proper activities. So far, it appears that the cryptographic standards and protocols implemented by the Tor devs appear to be holding, which I find interesting. The NSA has been trying other methods to figure out Tor, including identifying and then infecting user machines, trying to control/hijack the Tor network, or by influencing the network as a whole, and they've had a very small amount of success, but not much. One thing that was especially interesting to me (and I expect to everyone on this mailing list) is that they are trying to control more relays via cooperation or direct access, which can then be used for timing attacks or disruptions to the users. They are also trying to shape traffic to friendly exits. For anyone interested, I would highly recommend these links: http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-pre… http://www.bbc.co.uk/news/technology-24429332 http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-en… Also, from http://www.theguardian.com/world/interactive/2013/oct/04/tor-high-secure-in… it appears that their opinion of Tails is that it "adds severe CNE misery to [the] equation". These are all highly informative articles, and it appears that Tor is remaining resilient to their efforts, as long as people (including relay/exit operators) use the latest software, remain aware that Tor doesn't protect them in all aspects, and as long as there are enough non-NSA relays and exits (we need more!) such that everything they see still remains encrypted and anonymous. Interesting I say. Jesse V.

11 14

Re: [tor-relays] NSA's "Tor Stinks"
by Jesse Victors 09 Oct '13

09 Oct '13

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 > Message: 1 > Date: Wed, 09 Oct 2013 11:48:01 +0200 > From: Konrad Neitzel <konrad(a)neitzel.de> > To: tor-relays(a)lists.torproject.org > Subject: Re: [tor-relays] NSA's "Tor Stinks" > Message-ID: <1381312081.3204.32.camel(a)opensusevm1.site> > Content-Type: text/plain; charset="utf-8" > > On Tue, 2013-10-08 at 23:40 -0400, krishna e bera wrote: >> On 13-10-08 03:23 PM, Jesse Victors wrote: >>> ... >>> obviously has implications into other Tor users, the vast majority of >>> whom use Tor for legal and proper activities. >> Could you give some evidence for what "vast majority" means in terms of >> percentages? How are you getting such data? > I think that we first need a clear definition what "legal" means or what > "proper activities" are. The core problem is, that the definition of > these terms can differ a lot (e.g. from country to country but even from > person to person inside a country. At least the interior minister of > germany seems to have some strange ideas :) ). > > And I just read a news article of a german publisher (Heise) about NSA > and what they do and I understood it that NSA is claiming to just check > on non US citizens or illegal things. The "owner" of the data that is > sent between 2 tor nodes cannot be identified so when the NSA attacks > any tor traffic there must be some kind of understanding, that using the > tor network already is something illegal in the minds of these people. > > At least that was, what I understood when I was reading this article. > > With kind regards, > > Konrad Ok, I did not expect that this was going to be a talking point or be otherwise confusing. No I don't have any hard numbers, nor do I run an exit that I can test using tcpdump. But the Torproject repeatedly says that Tor is often used for good, or simply to just hide one's Internet activities for those who feel that they have a right to be hidden even if they have nothing to hide. I have friends who do their browsing over Tor, and there's nothing at all controversial about what they are up to as far as I'm aware. I understand what you're saying: I agree that simply going to Google may be illegal in some countries. I believe that a few bad apples put Tor in the news, make things hard for the exit operators, and spoil things for the rest of us. My point was that the NSA is doing penetration testing on the Tor network and doing what they can to figure it out. No matter what kind of traffic goes through Tor, the fact remains is that they are doing that, and we need to be aware of their efforts, the progress they've made, and what they are planning. That was my main topic that I was introducing to the group. Jesse V. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQF8BAEBCgBmBQJSVWhVXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxMjgyMjhENjEyODQ1OTU1NzBCMjgwRkFB RDk3MzY0RkMyMEJFQzgwAAoJEK2XNk/CC+yAnvcIALGb0/r7GNfxozWW27uc/dIN 5asIgWpUCFIm9Rw4pl8EfDeQ7r0ktauM8/MsRrOaIxMiyoj8u1n07HS7bmf6UKyg dLZTIJeyxnjewEw1fSAHAw6e3dxXVQxyNz0eF6EqIJureRXqfzvEa+9oFNBOBxgk qsCDNn38xwnhumOMESmiGzaUO7eEvTNAnwCZTKtrlYwSUf7G8zWjHafJbe68kcGE j5bxa8+sjB6OwdvCnCXEOe+L65L+N0RCPIEL+NWBqn+ff5dwQY5GYPNhszil4qLr RlFgpOwvbwmA5hRAHBKpVLubrPDx9ocLaNBwcWwlP/ccgFfwqYJrOInTueKSs9k= =SOt/ -----END PGP SIGNATURE-----

1 0

Re: [tor-relays] Admin panel compromised
by Yoriz 06 Oct '13

06 Oct '13

All, I have successfully reinstalled the 'privshield' exit: https://atlas.torproject.org/#details/BA2D32ECE096FC423D6DC1975021A01D96C01… Unfortunately, as fresh server keys have been generated, the node will keep its "unnamed" flag for another 6 months (why?!), and consensus weight started at the bottom again so I am not seeing a lot of traffic yet. And most importantly: I have to start all over again to try to earn my Tor T-Shirt! ;-) @Lunar and @Jon: thank you for your kind words. // Yoriz

1 0

Anyone using obfsproxy on Ubuntu Lucid?
by Lunar 05 Oct '13

05 Oct '13

Hi! Ubuntu Lucid is getting old. Building an obfsproxy package for Lucid now requires some extra work. weasel stopped building tor master branch for Lucid already. Is there anyone providing obfsproxy bridges using Ubuntu Lucid? -- Lunar <lunar(a)torproject.org>

2 1

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-relays October 2013