- network-health - lists.torproject.org

Upgrade your 'voidray' Tor relay?
by Roger Dingledine 29 Aug '19

29 Aug '19

Hi, You are running a fast Tor relay, which is great: http://rougmnvswfsmd4dq.onion/rs.html#details/C4546CF0854081F978E4183CE46E6… But that Tor version is obsolete, and because of old bugs, we will soon cut relays running those versions out of the network. Please consider upgrading! The Tor 0.3.5 long-term-stable branch will be maintained until Feb 2022: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTor… and you can see the lifetimes of other Tor versions on that table too. You can find Tor packages for your distro / OS here: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#Platformspecifi… Let us know if we can do anything to make the process easier. And lastly, I am cc'ing the new network health mailing list (which has public archives), to help us stay synced: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkHealthTeam Thanks! --Roger

1 0

Upgrade your 'tor01' Tor relay?
by Roger Dingledine 29 Aug '19

29 Aug '19

Hi William, You are running a fast Tor relay, which is great: http://rougmnvswfsmd4dq.onion/rs.html#details/D965855F77A59FBBC5D1224DFB9C1… But that Tor version is obsolete, and because of old bugs, we will soon cut relays running those versions out of the network. Please consider upgrading! The Tor 0.3.5 long-term-stable branch will be maintained until Feb 2022: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTor… and you can see the lifetimes of other Tor versions on that table too. You can find Tor packages for your distro / OS here: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#Platformspecifi… Let us know if we can do anything to make the process easier. And lastly, I am cc'ing the new network health mailing list (which has public archives), to help us stay synced: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkHealthTeam Thanks! --Roger

1 0

Upgrade your 'VERITAS' Tor relay?
by Roger Dingledine 29 Aug '19

29 Aug '19

Hi Matt, You are running a fast Tor relay, which is great: http://rougmnvswfsmd4dq.onion/rs.html#details/3D765C586CCA8B437B7697EA2CE6A… But that Tor version is obsolete, and because of old bugs, we will soon cut relays running those versions out of the network. Please consider upgrading! The Tor 0.3.5 long-term-stable branch will be maintained until Feb 2022: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTor… and you can see the lifetimes of other Tor versions on that table too. You can find Tor packages for your distro / OS here: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#Platformspecifi… Let us know if we can do anything to make the process easier. And lastly, I am cc'ing the new network health mailing list (which has public archives), to help us stay synced: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkHealthTeam Thanks! --Roger

1 0

Upgrade your 'servbr' Tor relays?
by Roger Dingledine 29 Aug '19

29 Aug '19

Hi, You are running a pile of fast Tor relays, which is great. E.g. http://rougmnvswfsmd4dq.onion/rs.html#details/3A1327AFECA8A974143DB38B533C6… http://rougmnvswfsmd4dq.onion/rs.html#details/2F1030CEFB1AC0578624FAF087B4D… http://rougmnvswfsmd4dq.onion/rs.html#details/F572B6250EB32313B9F2CA54F1002… http://rougmnvswfsmd4dq.onion/rs.html#details/166F00EA1BF27F20E8B2D7EF7FFF2… But that Tor version is obsolete, and because of old bugs, we will soon cut relays running those versions out of the network. Please consider upgrading! The Tor 0.3.5 long-term-stable branch will be maintained until Feb 2022: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTor… and you can see the lifetimes of other Tor versions on that table too. You can find Tor packages for your distro / OS here: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#Platformspecifi… Let us know if we can do anything to make the process easier. And lastly, I am cc'ing the new network health mailing list (which has public archives), to help us stay synced: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkHealthTeam Thanks! --Roger

1 0

Upgrade your Tor relay?
by Roger Dingledine 29 Aug '19

29 Aug '19

Hi netinch / zzif people, Can you forward this mail to your network operator folks, or to whoever is running the Tor relay there? :) You are running a fast Tor relay, which is great: http://rougmnvswfsmd4dq.onion/rs.html#details/16A2A93FFD900DCF3C8A5A2BE8424… But that Tor version is obsolete, and because of old bugs, we will soon cut relays running those versions out of the network. Please consider upgrading! The Tor 0.3.5 long-term-stable branch will be maintained until Feb 2022: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTor… and you can see the lifetimes of other Tor versions on that table too. You can find Tor packages for your distro / OS here: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#Platformspecifi… Let us know if we can do anything to make the process easier. And lastly, I am cc'ing the new network health mailing list (which has public archives), to help us stay synced: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkHealthTeam Thanks! --Roger

1 0

Upgrade your Tor relay 'locksat'?
by Roger Dingledine 29 Aug '19

29 Aug '19

Hi Boris, You are running a fast Tor relay, which is great: http://rougmnvswfsmd4dq.onion/rs.html#details/22210ABFA37B0CB526C73D42BADCE… But that Tor version is obsolete, and because of old bugs, we will soon cut relays running those versions out of the network. Please consider upgrading! The Tor 0.3.5 long-term-stable branch will be maintained until Feb 2022: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkTeam/CoreTor… and you can see the lifetimes of other Tor versions on that table too. You can find Tor packages for your distro / OS here: https://trac.torproject.org/projects/tor/wiki/TorRelayGuide#Platformspecifi… Let us know if we can do anything to make the process easier. And lastly, I am cc'ing the new network health mailing list (which has public archives), to help us stay synced: https://trac.torproject.org/projects/tor/wiki/org/teams/NetworkHealthTeam Thanks! --Roger

1 0

State of Bad Relay Team
by David Goulet 22 Jul '19

22 Jul '19

Hello everyone, I'm writing this email to help bootstrap more and more the network health team by outlining the status of the "bad relay team" as in where and what tools we use. After discussions at the Stockholm meeting, this is in the spirit of trying to gather information in one place (this list) and push the effort to consolidate everything we (Tor Project) have in that space to, ultimately, our Gitlab instance. We have a team already there although quite empty at the moment. https://dip.torproject.org/torproject/network-health Several tools are being used by the bad relay team. The following I would consider them in the "critical path" of the bad relay team operations: 1. Malicious HSDir Scanner This one is in a private git repository on Github. For obvious reasons, we don't make it public in order to avoid attackers gaming it. It is run regularlry by the team. I've asked the author if we can move it to dip.tpo under the network health team umbrella. Pending... This tool has dependencies on "eschalot" with custom patches to it and custom patches to "tor" as well. These need to be maintained over time and thus should also be on dip.tpo. This also need a tor relay to be run which requires the custom tor patches mentionned above and the HSDir flag (which you only get after 96 hours of uptime so can't be rebooted often...). It is an extremely important tool right now for bad HSDir detections so we should definitely keep this one well maintained and running as long as v2 .onion addresses exists. 2. Exitmap The core of this tool is public here: https://github.com/NullHypothesis/exitmap The modules are in a private repository as well. I've also asked the author if we can move this tool to dip.tpo. It is also run quite regularlry by the team. 3. DocTor DocTor is a great public that is run by atagar. Any warnings goes on the consensus-health@ mailing list. https://gitweb.torproject.org/doctor.git/ In the case of the bad relay team, custom secret modules exists and run daily. This should definitely move to dip.tpo. I have ownership of those so easy move. Overall, this is a good project to move to the Network Health team in my opinion, with atagar's permission of course. 4. Sybilwatch https://github.com/DonnchaC/sybilwatch This is an extremely useful tool to correlate relays with the same characteristics in order to find all the related relays of a detected attack. Own by Donncha and public so probably no need to have it on dip.tpo. 5. Custom Stem Scripts I made several custom Stem scripts in order to walk the consensus/descriptors and extract information which makes it much easier to find relay's information to reject/badexit. https://git.ini-tech.com/stem-scripts.git/tree Not the cleanest but very useful. I think having them on dip.tpo would be useful but not required. 6. Tes Tool written by meejah. Allows us to detect MITM attacks by relays. It is in a private git repository so if meejah wants to move it to dip.tpo, I think it would be great! Else, documenting that it exists could be enough. Other tools exists for a variety of purposes like "trnns" made by phw (https://github.com/NullHypothesis/trnns) but afaict, not in the critical path of the bad relay team. About git repositories: - dirauth-conf.git Private. Only a handful of people have commit access to this including all directory authorities (9 of them). This contains many things including the reject/badexit rules that the bad relay team submit there and the directory authorities then each take a personal decision on applying the rule or not. This is up to debate I believe if it should fall under "Network Health" umbrella or not... Difficult to say but I'm leaning towards "yes" considering that it also contains configuration files that dirauth should in theory use/apply like consensus parameters which is very "health" to me :). Now in terms of communication, several mailing list exists: - bad-relays(a)lists.torproject.org Private and with very few people. Coordination happens there for any relay rejection/badexit. It is the advertised list to report malicious relays but also to report that your relay is rejected if you are an operator that let say re-used an blacklisted IP address. It is actually hardcoded in tor code and part of the reject reason string that a directory authority will send back: *msg = "Fingerprint is marked rejected -- if you think this is a " "mistake please set a valid email address in ContactInfo and " "send an email to bad-relays(a)lists.torproject.org mentioning " "your fingerprint(s)?"; *msg = "Suspicious relay address range -- if you think this is a " "mistake please set a valid email address in ContactInfo and " "send an email to bad-relays(a)lists.torproject.org mentioning " "your address(es) and fingerprint(s)?"; - tor-network-alerts(a)lists.torproject.org Private list. Only scanners/bots email that list with alerts. So 1), 2) and 3) all are configured to email that list with their alerts. Related discussions happens on bad-relays@ - tor-consensus-health(a)lists.torproject.org Public. DocTor report detected issues to that list. No discussions. - ornetradar(a)lists.riseup.net External from TPO. Public. https://lists.riseup.net/www/info/ornetradar Events are also published here: https://nusenu.github.io/OrNetRadar/ Run by "nusenu" volunteer. It has many many detections that we use in order to make decision on bad relays. Those are the active mailing lists that the bad relay team uses/observes. I believe the above covers it all on the bad relay team side... Thing is that other volunteers might be running scanners or custom tools so the above really covers what *I* am aware of. Cheers! David -- 21BSebbtTMg1u+swxsy4Y2IVWlthi9t/XgN+FybFMe8=

1 0

Network health meeting notes are up
by Georg Koppen 13 Jul '19

13 Jul '19

Hi! Mike uploaded the meeting notes of our network health session today and I complemented them with the notes I had: https://trac.torproject.org/projects/tor/wiki/org/meetings/2019Stockholm/No… Please have a look over them and make those notes even more usable in case we forgot something or got something wrong. Thanks for the session today to everyone being there, Georg

1 0

2024

2023

2022

2021

2020

2019

network-health