tor-relays May 2014

tor-relays@lists.torproject.org

60 participants
34 discussions

Non-exit abuse reports
by dope457 24 May '14

24 May '14

Hello, I have been running middle relay on my VPS since it was too much trouble to operate an exit. But ever since I have received two abuse reports regarding same issue. 1) Source: 31.31.78.141 Event type: DNSANOMALY Detail: High amount of TCP DNS traffic, whole transfer: 12 503 B Timestamp: 2014-05-14 20:20:35 NetFlow source: localhost Targets: 178.238.223.67 2) Source: 31.31.78.141 Event type: DNSANOMALY Detail: High amount of TCP DNS traffic, whole transfer: 667 644 B Timestamp: 2014-04-28 19:45:00 NetFlow source: localhost Targets: 178.238.223.67 relay - https://atlas.torproject.org/#details/F12AFDB3FEC184E76944579579F762F1142C7… ISP is pushing me to do something about it and that is why I am asking you to help me because I am not sure what to do. Thank you and have a nice weekend! dope457

3 2

Fwd: [rt.torproject.org #26011] Unknown connections
by eva 21 May '14

21 May '14

Hi all, so I'm forwading my message to your mailing list - see below. And yes, I read https://blog.torproject.org/blog/lifecycle-of-a-new-relay though. The consensus weight of my relay was 27 before, and dropped to 15. Now it's getting up again, so it might be ok. But my main question is about unknown connections. Is this a normal behaviour? Apologies, if this is already answered on another page I didn't read, unfortunately. Thank you all for developing Tor. Eva -------- Original-Nachricht -------- Betreff: [rt.torproject.org #26011] Unknown connections Datum: Tue, 20 May 2014 20:36:19 +0000 Von: Matt Pagan via RT <help(a)rt.torproject.org> Antwort an: help(a)rt.torproject.org An: unnamedabc(a)posteo.de Hi: I think you would get a better response to this question by emailing the tor-relays mailing list at tor-relays(a)lists.torproject.org. To subscribe to this mailing list, visit this page: https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays You first may want to have a read over https://blog.torproject.org/blog/lifecycle-of-a-new-relay though. On Mon May 19 18:44:00 2014, unnamedabc(a)posteo.de wrote: > Hi, > > first, thanks for your incredible work on Tor. > > I'm running a middle relay on Linux for about two months and everything > seems to be quite ok. But I'm new to Linux and to configuring a network. > So if you experts have some time to spare to help a newbie, it would be > very nice. > > For the last few days the relay traffic is only a third of it's normal > traffic. And I wonder if I should worry about some inbound and > outbound connections called 'unknown'. Arm shows something like this > > outbound > address: 0.0.0.0 > locale: ?? > No consensus data found > > inbound > address: 166.84.7.148 > locale: ?? > No consensus data found > > Could that be a problem? > > The relay fingerprint is 12AAE898482C1B7CB9ED91A3D7F6EF81D2149178 > > Thanks, > Eva -- - - - - - - - - - - - - - - - - - - - - - - - Help make more Tor-- Support the Tor Project! https://www.torproject.org/donate/donate.html

1 0

Sorry for my molestation
by zwiebel＠quantentunnel.de 19 May '14

19 May '14

I will keep calm next days ... > Gesendet: Montag, 19. Mai 2014 um 18:19 Uhr > Von: "Peter Palfrader" <weasel(a)torproject.org> > An: zwiebel(a)quantentunnel.de > Cc: "Tor Assistants" <tor-assistants(a)lists.torproject.org> > Betreff: Your tor-relays postings (was: [tor-relays] relay not receiving very much traffic) > > Hey, > > you have been posting to tor-relays quite a bit recently. > > zwiebel(a)quantentunnel.de schrieb am Montag, dem 19. Mai 2014: > > > torrc looks good in my eyes. > [..] > > Please don't top-post, and please send text-only mail instead of HTML > mail. > > Thanks, > weasel > -- > | .''`. ** Debian ** > Peter Palfrader | : :' : The universal > http://www.palfrader.org/ | `. `' Operating System > | `- http://www.debian.org/ >

1 0

relay not receiving very much traffic
by Markus Klock 19 May '14

19 May '14

Hello!I deployed a new tor-relay about 2 months ago. It runs on a server with 2 Quad-cores, 8GB RAM and 1Gbit connection.However, I have still not received very much traffic to it, it almost never goes above 10Mbit.This is the server traffic the last 2 months:http://best-practice.se/dump/tor-ralay.PNG Is this normal or may I have configured something wrong?Last time I had a relay running I received 100Mbit+ traffic... Markus

5 11

Advertised Bandwidth
by Spencer Neitzke 19 May '14

19 May '14

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello, My advertised bandwidth is much slower than what it should actually be. I am running on a network that easily achieves 2gbps, although atlas is reporting 4.15mb/s. Have I misconfigured something? Nickname - ServerX5690 -----BEGIN PGP SIGNATURE----- Version: OpenPGP.js v0.5.1 Comment: http://openpgpjs.org wsBcBAEBCAAQBQJTeZXmCRAgZfyIs5JzlAAABhkH/0GeOwtqo1sE5aT7jQVT taaOKZmJiIgDfBA0KQZdq8WLAkT2V61wiOHcWf6PXIouvY/Tt3n+aWs85v4n cs5Rahj83MYZArKIm9wQ34hEkYu6Fku9HVIVZBWpPcFC6aZgKDk9xgKo4qO1 +OjxsoE8liY0WYVr9BabWKsN3+kiwWDQUk/Et48xPk6YyFJLj0Bjqa951SQf J7lTjitrfxYqPn6GHiz9njhO/szHOP24aLJR5jIagBbGJzlxeQ686C4ptDVM DuZjeTqmN6ZmVWZv5M44FdJknfUigRnUerWVBjfrVuHGU5pnSVf6owSduOX4 U+kK3PlbOrk+0zfQiyJBeuU= =A0nS -----END PGP SIGNATURE-----

3 4

Re: [tor-relays] relay not receiving very much traffic
by Markus Klock 18 May '14

18 May '14

Well, I *am* the network admin :) This server is directly connected to our backbone and is not being throttled in any way. AS1653 is our upstream and they like the Tor-project, no throttles there either :) How often does tor/atlas mesure bandwith? /Markus ________________________________ Från: zwiebel(a)quantentunnel.de<mailto:zwiebel@quantentunnel.de> Skickat: ‎2014-‎05-‎18 23:11 Till: tor-relays(a)lists.torproject.org<mailto:tor-relays@lists.torproject.org> Ämne: Re: [tor-relays] relay not receiving very much traffic _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

3 2

Re: [tor-relays] relay not receiving very much traffic
by Markus Klock 18 May '14

18 May '14

Yeah, I have no problem pushing 850Mbit and more via iperf and wget from speedtest-servers. /Markus ________________________________ Från: zwiebel(a)quantentunnel.de<mailto:zwiebel@quantentunnel.de> Skickat: ‎2014-‎05-‎18 22:11 Till: tor-relays(a)lists.torproject.org<mailto:tor-relays@lists.torproject.org> Ämne: Re: [tor-relays] relay not receiving very much traffic _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

1 0

One server, Two open tor connections
by Kurt Besig 18 May '14

18 May '14

Hi all, I'm currently running a Linux relay on one LAN machine. I recently set-up a dual boot win7/Ubuntu 14.04 LTS machine, also on the LAN. For now I'd just like to browse the tor network on the second machine and not run a relay on it for the present. I'm concerned my ISP might give me problems if my bandwidth gets too crazy. So, other than editing my /etc/tor/torrc to open a control port and forwarding the control port, is there anything else required to simply browse tor? When I installed tor on the second machine's Ubuntu install I added the tor repositories to my sources.list and updated, upgraded, and installed tor though apt-get.

3 2

DigitalOcean starting Exit node crackdown
by Shawn Nock 15 May '14

15 May '14

Hello friends, As I recall, there are several exits running on DigitalOcean's infrastructure. This is presented FYI: Background: I've run an exit on DigitalOcean for about a year without issues (lost track of uptime duing heartbleed key regen). It wasn't hidden (the droplet name was 'tor-exit') and it had valid reverse DNS and the standard informational page was hosted there. At the time of droplet creation, tor exits were not prohibited by their ToS. I've mentioned to DigitalOcean staff during support tickets that it was a Tor exit. Today the exit was shutdown, the message received was this: >Hello > >We do see that you are running an exit node for the TOR network. > >Unfortunately we are unable to resume services to this droplet and ask >you that you please not run any other TOR exit nodes. > >Please get back to us as soon as possible so we can resolve this. > >Thanks >Support I sent the following response: >Hello, > >My droplet has been running for months (perhaps a year) with no >significant incidents. It is well managed, allows only a strict subset >of traffic to exit and the very few complaints that have been lodged >have been dealt with quickly and professionally (as said by your >support team). The droplet has been configured to limit the rate of >traffic below the droplet's monthly network transfer quota. > >It's well established that under US law ISPs are excluded from >liability under the safe-harbour provisions of the DCMA for any >copyright infringing traffic. More generally, the probability under US >law that an ISP would be held liable carrying user-generated traffic is >extremely low. Tor exits have been operated by Universities, Churches, >and corporations (large and small) for slightly more that 10 >years. During this time not a single criminal or civil complaint has >been brought against an operator's ISP (to my knowledge). > >While it is surely your right to operate your business in the manner of >your choosing; I politely request an explanation for your apparent >policy against Tor exit nodes. If there is some way I might change the >parameters of the exit to suit a policy against specific traffic (to >certain IP blocks, port ranges); I'd surely comply. > >Finally, in this time where repressive regimes are cracking down on >Internet traffic and persecuting their countrymen and where free access >to the internet is nearing the stature of 'human right': if your policy >is indeed a general one against all Tor exits, I urge you to reconsider >your policy. It would be a great service to tens-of-thousands of Tor >users (refugees, political activists, religious minority, abused >spouses, law enforcement, &c) to revise your policy to allow >well-maintained exits to remain on your network. > >I appreciate any attention you could give to this serious matter. -- nock(a)aphr.asia (OpenPGP: 0x6FDA11EE 3BC412E3)

5 7

Malicious or crappily configured exit node
by u 15 May '14

15 May '14

Hello! referring to https://trac.torproject.org/projects/tor/wiki/doc/badRelays, i sent this also to tor-assistances@tpo. Never got an answer though :( Now and then, I use Icedove with TorBirdy under Debian. While connecting to port 465 on my usual mailserver, using SSL, I sometimes get an SSL certificate alert. The certificate presented is not my usual certificate at all (which works without adding an exception), but one for cab.cabinethardwareparts.com, pretending to be my mailserver. [1] I've searched a bit for information on that exit node and found: http://torstatus.rueckgr.at/router_detail.php?FP=0cc9b8aa649881c39e948e70b6… This node has flags: fast, stable, guard... I tried it several times and the behaviour was repeatedly the same. Last time it happened was 10 days ago. Then again today. I'm not quite sure where to report this (that is how this e-mail ends up on tor-relays :) ), nor how to avoid this exit node. Is there a way to do that? Thanks, u. [1] http://pix.toile-libre.org/upload/original/1399232278.png screenshot of the certificate

5 6

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-relays May 2014