<div dir="ltr">Added this to my high bandwidth node - I would've done so far sooner if I had known it wasn't default behavior. I'd say this should be enabled by default or at least get a line in the example torrc so people know it exists.<br>
<br clear="all">- John Brooks<br><br><div class="gmail_quote">On Thu, Sep 11, 2008 at 7:17 AM, Scott Bennett <span dir="ltr"><<a href="mailto:bennett@cs.niu.edu">bennett@cs.niu.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
To all tor server operators (except those who run hidden service directory<br>
servers already):<br>
<br>
The torstatus page as of a few minutes ago says that there are currently<br>
1292 tor servers, of which 596 are also v2 directory servers (46.13%). If a<br>
few directory servers comes on line or goes down, it's not likely to make much<br>
difference to the tor network as a whole. However, only 10 of those directory<br>
servers are also hidden service directory (HSDir) servers (0.77% of total tor<br>
servers). Fortunately, the hidden services subsystem traffic is still<br>
relatively low, so the load on hidden service directory servers is also still<br>
low.<br>
The problem here is one of reliability. In the weeks since I began<br>
paying attention, I have seen the count of hidden service directory servers<br>
range from as high as 13 to as low as 6 or 7. With only these few servers<br>
involved, it would not be too difficult for hidden services to be shut down,<br>
either by computer or network failures or by an attacker with large resources.<br>
More people running hidden services directory servers would strengthen the<br>
reliability of the hidden services feature of tor.<br>
For a long time, I was unaware that basic directory servers did not<br>
automatically provide hidden services directories, too, but rather the hidden<br>
service directory service was an optional service that could be provided at<br>
the directory server operator's discretion. Then it took a short time to<br>
track down the means of activating hidden services directory service, which<br>
turned out to be very easy, of course.<br>
Anyway, for those directory server operators who are willing to add<br>
hidden services directory service to their ordinary tor directory server's<br>
offerings, here's how to do it. Note that your server must be configured<br>
as a directory server. Just add the following lines to your server's torrc<br>
file.<br>
<br>
## The following line enables hidden service directory mirroring.<br>
HidServDirectoryV2 1<br>
<br>
(Or skip the comment line, and just add the second line, as you please.)<br>
Then tell your tor server to reload its torrc file. Within 24 - 25 hours<br>
your server will begin operating as a tor hidden services directory server.<br>
You probably won't even notice the difference in traffic loads on your tor<br>
server.<br>
There is already a proposal in the works to make hidden services<br>
directory service the default for directory servers, which would probably<br>
radically increase the number of HSDir servers, providing a solution to the<br>
current vulnerability. Maybe you can help render that change unnecessary,<br>
freeing up some time for the developers to do other things. I propose an<br>
initial goal of raising that (frequently fluctuating) 0.77% to around 10%.<br>
How about it, folks?<br>
<br>
<br>
Scott Bennett, Comm. ASMELG, CFIAG<br>
**********************************************************************<br>
* Internet: bennett at <a href="http://cs.niu.edu" target="_blank">cs.niu.edu</a> *<br>
*--------------------------------------------------------------------*<br>
* "A well regulated and disciplined militia, is at all times a good *<br>
* objection to the introduction of that bane of all free governments *<br>
* -- a standing army." *<br>
* -- Gov. John Hancock, New York Journal, 28 January 1790 *<br>
**********************************************************************<br>
</blockquote></div><br></div>