tor-relays October 2018

tor-relays@lists.torproject.org

59 participants
62 discussions

Continuing To Run A Relay On Mac OS High Sierra Via Homebrew After A New Mac OS Version Is Released
by Keifer Bly 05 Oct '18

05 Oct '18

Hi all, So I am having a bit of a dilemma, the computer I am running my relay on is running Mac OS High Sierra, and despite the fact that Apple Support had priorly told me it would be able to run Mojave (via the serial number) when I go to install Mojave, I get an error saying Mojave “cannot be installed on this computer”. Ugh. As my relay is running via homebrew, I created a homebrew support ticket for this incident, and this was their response. “Generally homebrew supports only the last 3 releases, which would mean you have 2 more years of bottle support at least. It doesn’t mean it’ll stop working the day after it ends though. While having an up to date system is a good thing, the homebrew packages might very well work for years after official support is dropped, you’ll just have to compile updates for yourself.” The official homebrew support ticket can be viewed here: https://discourse.brew.sh/t/continued-support-for-certain-processes-on-olde… Seeing as they say homebrew supports the last three releases of Mac OS, I should be fine for another while. However, they hinted that the main thing that is dropped support for is bottles, so I am wondering if running the tor relay software via homebrew requires this process? I can’t really buy a new computer right now, and that’s the only available that isn’t a laptop, so I am trying to find available options. Thanks all.

4 5

Greypony / Conrad Rockenhaus offline?
by Isaac Grover, Aileron I.T. 05 Oct '18

05 Oct '18

Good afternoon fellow relay operators, My exit node hosted with Greypony IT (ephesysnull - 2426F096372BCAB360B75D463AEBD7B7B8BFF0FF) has gone offline, greyponyit.com is also offline, and emails to Conrad Rockenhaus sent over the last week have received no replies. Has anyone else received a response from him? Make your day great, Isaac Grover, Senior I.T. Consultant Aileron I.T. - "Practical & Proactive I.T. Solutions" O: 715-377-0440<tel:715-425-0440>, F:715-690-1029<tel:715-690-1029>, W: www.aileronit.com<http://www.aileronit.com/> LinkedIn: https://www.linkedin.com/in/IsaacGrover/ YouTube: https://www.youtube.com/channel/UCqrwZNFKdR-guKtuQzFPObQ

11 14

Chinese hacking chips added to Supermicro server motherboards
by I 05 Oct '18

05 Oct '18

1 0

Greypony IT - Public Statement to the Tor Community
by Nathaniel Suchy 04 Oct '18

04 Oct '18

Hi everyone, I'm writing to you all on behalf of Conrad. There have been a few messages posted here in regards to Greypony IT and a lack of responses from Conrad. Conrad is NOT ignoring you nor being malicious. Conrad had a stroke and has been seeking medical attention. Likewise he's unable to provide customer support or fix issues as he's in a hospital. The issue affecting several customers is at the ISP Level - system administrators such as myself are unable to SSH into the Xenserver to fix customer issues. This is something Conrad will have to fix after he recovers. I'm unable to fix individual virtual machines for customers until the hypervisors are fixed. It's quite possible that customers will choose to cancel services and/or switch providers and/or request an SLA Credit or a refund. This is understandable. We will address requests on a case by case basis as soon as possible. To address a few things I've seen floating around here and on a few IRC channels: 1) Greypony IT has not been shut down. We've been unable to address a network outage. 2) Greypony IT has not had equipment seized by LE to the best of my knowledge. Hopefully this provides everyone insight - I know it's not a solution but we want everyone to know. Cordially, Nathaniel Suchy

3 3

NTP and tor
by grarpamp 04 Oct '18

04 Oct '18

Further NTP client variations... https://chrony.tuxfamily.org/ https://github.com/bsdphk/Ntimed https://leaf.dragonflybsd.org/cgi/web-man?command=dntpd&section=8 http://cr.yp.to/clockspeed.html

1 0

Plans to add IPv6 exit nodes to list of Tor exit nodes
by Gabbi Fisher 03 Oct '18

03 Oct '18

Hi there! I wanted to see if there are any plans to add Tor exit nodes with IPv6 addresses to https://check.torproject.org/exit-addresses. I've observed some while using Tor, but do not see them on this list. Thanks so much! Gabbi

2 1

Question Re: firewall rules for obfs4 bridge relay
by torrelay.europa＠keemail.me 03 Oct '18

03 Oct '18

Hello, I'm in the process of setting up a couple of obfs4 bridge relays on Ubuntu server 18.04. I'm endeavoring to apply strict firewall rules to ensure only the necessary ports are open. In accordance with the configuration (below) I've allowed port 9001: #Bridge config RunAsDaemon 1 ORPort 9001 BridgeRelay 1 ServerTransportPlugin obfs4 exec /usr/bin/obfs4proxy ExtORPort auto #Set your bridge nickname and contact info ContactInfo <your-contact-info> Nickname pick-a-nickname I've also allowed port 9051 to enable me to connect to the obfs4 server via onionbox. After starting the Tor service the Tor logs report, Opening Socks listener on 127.0.0.1:9050 Opening Control listener on 127.0.0.1:9051 Opening OR listener on 0.0.0.0:9001 Extended OR listener listening on port XXXXX. Registered server transport 'obfs4' at '[::]:33919' All of the ports listed (above) appear to be fixed ports that open each time I start/restart Tor. However, the "Extended OR listener listening on port XXXXX" changes on each start/restart. I can see the configuration (above) instructs ExtORPort auto. I've looked online where there is some advice suggesting the auto setting for ExtORPort is important for security reasons, however, if I'd like to have strict firewall rules the auto setting becomes problematic. Currently, I've allowed port 9001 & the Tor logs report, Now checking whether ORPort XXX.XXX.XXX.XX:9001 is reachable... Self-testing indicates your ORPort is reachable from the outside. I'd be grateful for some advice on which ports I should keep open, to ensure I can provide the very best service & good security practice both for the client & the server - thanks :) Best regards, Kenneth

2 3

Re: [tor-relays] bridge on the public server - IP reputation
by entensaison＠use.startmail.com 02 Oct '18

02 Oct '18

> HI, > > I have a VPS server with fast internet connection. > I would like to configure tor bridge on that machine. > > VPS server has configured some services already. If tor bridge > service > will run on that machine (IP), will it generate any impact for IP > reputation ? I mean blacklisting. > > Greetings > Fazii A bridge's IP is not on a public list. So generally running a bridge shouldn't affect your reputation at all. Average people who don't use tor will not know that you run a bridge on that IP and don't care unless you tell them. Average people who want to use that bridge will appreciate it. Other service providers will not know about that fact and probably don't care either unless you tell them, because it doesn't affect their services. Since a bridge is used as a first hop in a tor circuit and not as an exit only other tor relays will receive connections from it. If your ISP doesn't allow you to run a tor relay but doesn't put too much effort into monitoring your traffic they'll probably not notice that you are running a bridge. A sensor who tries to block access to the tor network may find out your IP and block access to your other services, too. If you provide a service that is being sensored in some countries then people from those countries probably won't be able to connect to your bridge either.

1 0

Hetzner bandwidth terms update
by Roman Mamedov 01 Oct '18

01 Oct '18

Hello, It appears that Hetzner has changed their bandwidth terms from "20 TB outgoing per month, then capped to 10 Mbit" to fully unmetered 1 Gbps connection on most servers: https://wiki.hetzner.de/index.php/Traffic/en Discussed at: https://www.lowendtalk.com/discussion/152498/hetzner-dedicated-servers-now-… Adjust your relay bandwidth limits accordingly. :) -- With respect, Roman

2 1

bridge on the public server - IP reputation
by fazii＠vfemail.net 01 Oct '18

01 Oct '18

HI, I have a VPS server with fast internet connection. I would like to configure tor bridge on that machine. VPS server has configured some services already. If tor bridge service will run on that machine (IP), will it generate any impact for IP reputation ? I mean blacklisting. Greetings Fazii ------------------------------------------------- ONLY AT VFEmail! - Use our Metadata Mitigator to keep your email out of the NSA's hands! $24.95 ONETIME Lifetime accounts with Privacy Features! 15GB disk! No bandwidth quotas! Commercial and Bulk Mail Options!

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

tor-relays October 2018