Hi,
I am trying to setup Tor relaying, but it doesn't work so far. Windows 8, private vpn. I opened ports 80,443,9001 and 9030 (both TCP and UDP) on my Comcast router to be forwarded to the box I'm trying to configure. I added inbound and outbound rules in the firewall setup for ports 80,443,9001 and 9030 (both TCP and UDP) but I'm still getting
Mar 15 15:30:58.654 [Warning] Your server (62.210.167.197:443) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. Mar 15 15:30:58.658 [Warning] Your server (62.210.167.197:9030) has not managed to confirm that its DirPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.
Please advise,
----------- Best wishes, Gene
On Sat, Mar 15, 2014 at 02:56:36PM -0800, I wrote:
You should at least change the ssh port immediately now that you have published the address.
No, this is bad advice.
First because Tor relays (and their addresses) are public anyway.
And second because having an ssh port exposed to the Internet will draw enough scans that it had better be secure, regardless of whether running a Tor relay nearby to it draws any more attention to it.
(Please don't spread fud about the risks of running relays. Especially as there *are* risks, like any other Internet service.)
--Roger
Roger,
I beg your pardon. I would not want "fud" to deter new relays. I think the risks are overplayed as it is.
It was only that it was published on this list. I published the relay nickname somewhere and regret it.
I suggested the port change because that is what the VPS operators have told me was the first thing to do to avoid being constantly 'hacked' which has happened over and over to me.
It does seem logical to me to have a Tor Project section devoted to setting up and securing remote Tor servers.
Robert
Thank you very much Roger for the advice. I can't seem to make it work, so I'll just try setting it up on a different box
----------- Best wishes, Eugene Zhukovsky
On Sun, Mar 23, 2014 at 11:12 AM, I beatthebastards@inbox.com wrote:
Roger,
I beg your pardon. I would not want "fud" to deter new relays. I think the risks are overplayed as it is.
It was only that it was published on this list. I published the relay nickname somewhere and regret it.
I suggested the port change because that is what the VPS operators have told me was the first thing to do to avoid being constantly 'hacked' which has happened over and over to me.
It does seem logical to me to have a Tor Project section devoted to setting up and securing remote Tor servers.
Robert
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Sun, 23 Mar 2014 03:12:47 -0800 I beatthebastards@inbox.com allegedly wrote:
I suggested the port change because that is what the VPS operators have told me was the first thing to do to avoid being constantly 'hacked' which has happened over and over to me.
Actually I agree that moving ssh from the standard port can be a good idea. Whilst offering no more than security through obscurity against a determined adversary it does at least provide some protection against the mindless robots which constantly probe port 22.
Every little helps.
Mick ---------------------------------------------------------------------
Mick Morgan gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312 http://baldric.net
---------------------------------------------------------------------
On Sat, Mar 15, 2014 at 08:46:44PM +0000, eugene zhukovsky wrote:
I am trying to setup Tor relaying, but it doesn't work so far. Windows 8, private vpn. I opened ports 80,443,9001 and 9030 (both TCP and UDP) on my Comcast router to be forwarded to the box I'm trying to configure. I added inbound and outbound rules in the firewall setup for ports 80,443,9001 and 9030 (both TCP and UDP) but I'm still getting
Mar 15 15:30:58.654 [Warning] Your server (62.210.167.197:443) has not managed to confirm that its ORPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc. Mar 15 15:30:58.658 [Warning] Your server (62.210.167.197:9030) has not managed to confirm that its DirPort is reachable. Please check your firewalls, ports, address, /etc/hosts file, etc.
Hi Gene,
Assuming your relay is still running, it sure is acting weird. Port 443 answers but doesn't do anything useful, and port 9030 doesn't answer at all.
I'd say your best bet (since there was quiet here) is to show up to irc and see if people can help you in a more interactive way.
https://www.torproject.org/about/contact#irc
Thanks for wanting to help, --Roger
tor-relays@lists.torproject.org
-
curaretor@t-online.de -
eugene zhukovsky -
I -
mick -
Roger Dingledine