Good morning fellow exit node operators,
I have set up an exit node in my home on a separate IP address away from all other traffic. I'm well aware of the risks from dated articles posted many years ago, so if you're going to send warnings and scary stories, please do so off list.
I won't be running it with all ports open; rather I'm interested in ports that still provide benefit to the Tor network but don't attract the attention of law enforcement. Currently I am exiting port 8333 (Bitcoin) and nothing else, but am open to other non - risky ports.
Make your day great, Isaac Grover, Senior I.T. Consultant Aileron I.T. - "Practical & Proactive I.T. Solutions"
Office: 715-377-0440, Fax:715-690-1029, Web: www.aileronit.com
I'd suggest looking at the reduced exit policy. I don't think I've gotten any complaints from Comcast after switching to a customized version of it. Generally speaking, 80/443 is "safe" and very useful. Port 22 (SSH) is very useful, but often generates complaints and I currently don't allow it on my exits. I also allow 993/995 (IMAP/POP3 over SSL). Sadly, I don't allow 465, SMTP over SSL, though I've pondered enabling it. I allow port 5228 which is supposedly for the Android marketplace. I allow 11371 for OpenPGP keyservers. 19294 is for Google Voice, though I'm not sure it still uses that port or if anyone uses GV over tor. Mumble works across 64738, though I'm not sure how useful this one is either. I also allow 10000 for those who might need to access Webmin over tor. 9418 and 3690 for git and SVN protocols. I also allow 636 for secure LDAP and 706 for SILC, though I'm not sure anyone uses it either.
-- John McDonnell
-----Original Message----- From: tor-relays tor-relays-bounces@lists.torproject.org On Behalf Of Isaac Grover, Aileron I.T. Sent: Wednesday, September 26, 2018 9:12 AM To: tor-relays@lists.torproject.org Subject: [tor-relays] "Safe" ports for exit node that won't attract LEA?
Good morning fellow exit node operators,
I have set up an exit node in my home on a separate IP address away from all other traffic. I'm well aware of the risks from dated articles posted many years ago, so if you're going to send warnings and scary stories, please do so off list.
I won't be running it with all ports open; rather I'm interested in ports that still provide benefit to the Tor network but don't attract the attention of law enforcement. Currently I am exiting port 8333 (Bitcoin) and nothing else, but am open to other non - risky ports.
Make your day great, Isaac Grover, Senior I.T. Consultant Aileron I.T. - "Practical & Proactive I.T. Solutions"
Office: 715-377-0440, Fax:715-690-1029, Web: www.aileronit.com
Penn Cambria School District
This e-mail and any files transmitted with it are confidential and intended only for the person or entity to which it is addressed. If you have received this email in error, please notify the sender immediately via email and delete this email along with any attachments from your system. Any unauthorized or improper disclosure, copying, distribution, or use of the contents of this e-mail and attached documents is strictly prohibited. The views and opinions of this email or attachments are reflections of the author and are not necessarily the views and opinions of Penn Cambria School District. We do not accept responsibility or liability for any loss or damage from the receipt of this email, its use, or for any errors or omissions.
www.pcam.orghttp://www.pcam.org
exit node in my home
I also allow 993/995 (IMAP/POP3 over SSL). Sadly, I don't allow 465, SMTP over SSL, though I've pondered enabling it.
If you're trying to help standalone MUA users send email... 465 - this is smtp over TLS, you don't / rarely want this legacy mashup thing 567 - this is submission over TLS, you definitely want this usefully segregated authenticated thing
SSL is deprecated, call it such and move on. If it speaks TLS, say TLS and use it.
Death threats, kiddie pron, and hacking / crime, is what gets LEA knocking. Copyright is what gets your mailbox stuffed. Any port can be used for any thing. "Risk" of "attention" is relative therein. Post a notice on your doors, and motion detector security cameras to alert you... at least that way your physical risk is minimized.
Have fun :)
tor-relays@lists.torproject.org