I am running some pretty good developing relays which I would like to change into exit-nodes over time. As I have no experience how to handle possible abuses I would need some help please?
Is there anybody out there who can give me some advice, or even help me doing (answering) these? How many of those abuses are to expect? How to avoid on changing what parameters?
Any hints highly appreciated.
PA
You should start with the FAQ, if you haven't already seen it:
https://www.torproject.org/docs/faq-abuse.html.en
The topic has been addressed many times on the list as well, so I'd suggest searching the archives. You can easily do that via Google with a search like:
abuse site:lists.torproject.org/pipermail/tor-relays
You can reduce the abuse to some extent by using the recommended reduced exit policy. You'll probably get a decent amount of reports anyway. Don't run an exit from your home.
Am 2016-05-18 um 22:13 schrieb pa011:
I am running some pretty good developing relays which I would like to change into exit-nodes over time. As I have no experience how to handle possible abuses I would need some help please?
Is there anybody out there who can give me some advice, or even help me doing (answering) these? How many of those abuses are to expect? How to avoid on changing what parameters?
Any hints highly appreciated.
Read everything on torproject.org and torservers.net about this. My experience is, if you really answer to every single abuse email, they will actually (almost) disappear over time.
good luck with your exits.
On 05/18/2016 10:13 PM, pa011 wrote:
Is there anybody out there who can give me some advice, or even help me doing (answering) these?
I think it is pretty much straightforward. You can explain what Tor is, why you are supporting it, and in some more heated cases offer to temporarily block destination IP/port pairs. You will come up with your own language and standard cases as you go along, and from that can derive some template replies.
How many of those abuses are to expect? How to avoid on changing what parameters?
The easiest parameter to tune is bandwidth. The more bandwidth you provide, the more abusive traffic you will see. The second most important parameter is the ExitPolicy. See also https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment and https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines .
Thanks for running Tor relays, and welcome to the exit business! :)
"You will come up with yourown language and standard cases as you go along, and from that can derive some template replies."
From the templates you can derive your own language.
Rob
Thank you all who have contributed with there hints, support and motivation so far. I will dig into that links and papers hopefully in the coming days and probably ask again afterwards :-)
What seems to be important is to get an IP reassignment from the ISP -is that really essential to start?
And furthermore is it ok to run with such a set of IP4 rules:
/etc/iptables/rules.v4 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
Thank you again
PA
Am 19.05.2016 um 13:56 schrieb Moritz Bartl:
On 05/18/2016 10:13 PM, pa011 wrote:
Is there anybody out there who can give me some advice, or even help me doing (answering) these?
I think it is pretty much straightforward. You can explain what Tor is, why you are supporting it, and in some more heated cases offer to temporarily block destination IP/port pairs. You will come up with your own language and standard cases as you go along, and from that can derive some template replies.
How many of those abuses are to expect? How to avoid on changing what parameters?
The easiest parameter to tune is bandwidth. The more bandwidth you provide, the more abusive traffic you will see. The second most important parameter is the ExitPolicy. See also https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment and https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines .
Thanks for running Tor relays, and welcome to the exit business! :)
I never got an IP reassignment. The only difference would be that abuse reports would be sent to you, rather than to the ISP. When I asked about it, they responded that they would forward all abuse complaints to me anyway. On May 19, 2016 3:50 PM, "pa011" pa011@web.de wrote:
Thank you all who have contributed with there hints, support and motivation so far. I will dig into that links and papers hopefully in the coming days and probably ask again afterwards :-)
What seems to be important is to get an IP reassignment from the ISP -is that really essential to start?
And furthermore is it ok to run with such a set of IP4 rules:
/etc/iptables/rules.v4 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT -A INPUT -j REJECT --reject-with icmp-host-prohibited -A FORWARD -j REJECT --reject-with icmp-host-prohibited COMMIT
Thank you again
PA
Am 19.05.2016 um 13:56 schrieb Moritz Bartl:
On 05/18/2016 10:13 PM, pa011 wrote:
Is there anybody out there who can give me some advice, or even help me doing (answering) these?
I think it is pretty much straightforward. You can explain what Tor is, why you are supporting it, and in some more heated cases offer to temporarily block destination IP/port pairs. You will come up with your own language and standard cases as you go along, and from that can derive some template replies.
How many of those abuses are to expect? How to avoid on changing what parameters?
The easiest parameter to tune is bandwidth. The more bandwidth you provide, the more abusive traffic you will see. The second most important parameter is the ExitPolicy. See also
https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
and https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines
.
Thanks for running Tor relays, and welcome to the exit business! :)
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays@lists.torproject.org
-
Green Dream -
I -
Martin Kepplinger -
Moritz Bartl -
pa011 -
Tristan