- tor-relays - lists.torproject.org

Re: [tor-relays] Webtunnel type bridge Tor Metrics
by Dionysios K. 25 Apr '24

25 Apr '24

Hey Hiro, The issue was solved for a few hours, it was the first time since I switched to webtunnel I saw my bridge online, but now it's again marked as offline. It's the same issue again. ---------------------------------------- Apr 24, 2024 8:02:02 PM Hiro <hiro(a)torproject.org>: > Dionysios, all, > > This was an issue with rdsys and documents that weren't being synced to the vm where collector.torproject.org lives. > > For details: > > https://gitlab.torproject.org/tpo/anti-censorship/rdsys/-/issues/199 > > It should be solved now. > > Talk soon, > > -hiro > > On 4/22/24 22:13, Hiro wrote: >> Hey, >> >> On 4/20/24 17:40, Dionysios K. via tor-relays wrote: >>> Hello everyone, >>> >>> I recently switched from using obfs4 to Webtunnel from my bridge. >>> >>> Since the configuration change, the metrics website shows it as offline. >>> >>> The downtime displayed on the website is also odd as it shows a random time each time I visit, such as "1 hour 14 minutes and 10 seconds" or "2 hours 23 minutes and 30 seconds." >>> >>> However, the bridge is online. >>> >>> I am wondering if this is the correct behavior for the Webtunnel protocol. >> >> The way the metrics website "decides" if a bridge is online is based on both the results of tests from the bridge authority and bridgestrap. If the bridge is working and receiving traffic, the reason why I can think it is marked as offline is that some of those tests is failing or we are failing to process the data correctly. >> >> It could also be that something is a bit off with the bridge configuration since you changed from obfs4 to webtunnel. You could start your investigation by looking at the logs on the machine, then you could check what the bridgestrap stats say about your bridge (https://collector.torproject.org/recent/bridgestrap/) and finally check the latest status (https://collector.torproject.org/recent/bridge-descriptors/statuses/) >> >> Let me know if this helps you. I could also check the bridge myself, you could open an issue on gitlab under the relay-search project (https://gitlab.torproject.org/tpo/network-health/metrics/relay-search) or you can send me a private message (email or irc) with the hashed fingerprint and logs. >> >> Cheers, >> >> -hiro >> >> >>> >>> _______________________________________________ >>> tor-relays mailing list >>> tor-relays(a)lists.torproject.org >>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> _______________________________________________ >> tor-relays mailing list >> tor-relays(a)lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > _______________________________________________ > tor-relays mailing list > tor-relays(a)lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

2 1

DoSStreamCreation consensus parameters
by tor_appliedprivacy.net 24 Apr '24

24 Apr '24

Hello, today we saw yet another outbound flooding affecting our exit relays and we were eager to see the effect of https://gitlab.torproject.org/tpo/core/tor/-/issues/40736 but we did not see any and according to metric tor_relay_dos_total{type="stream_rejected"} the protection did not trigger. What are the consensus parameter names for these settings so we can check there current consensus values? > DoSStreamCreationEnabled 0|1|auto > Enable the stream DoS mitigation. If set to 1 (enabled), tor will > apply rate limit on the creation of new streams and dns requests > per circuit. "auto" means use the consensus parameter. If not > defined in the consensus, the value is 0. (Default: auto) > > DoSStreamCreationDefenseType NUM > This is the type of defense applied to a detected circuit or stream > for the stream mitigation. The possible values are: > > 1: No defense. > > 2: Reject the stream or resolve request. > > 3: Close the circuit creating too many streams. > > "0" means use the consensus parameter. If not defined in the > consensus, the value is 2. (Default: 0) > > DoSStreamCreationRate NUM > The allowed rate of stream creation from a single circuit per > second. Coupled with the burst (see below), if the limit is > reached, actions can be taken against the stream or circuit > (DoSStreamCreationDefenseType). If not defined or set to 0, it is > controlled by a consensus parameter. If not defined in the > consensus, the value is 100. (Default: 0) > > DoSStreamCreationBurst NUM > The allowed burst of stream creation from a circuit per second. See > the DoSStreamCreationRate for more details on this detection. If > not defined or set to 0, it is controlled by a consensus parameter. > If not defined in the consensus, the value is 300. (Default: 0) thanks! tor(a)appliedprivacy.net

1 1

I need a new VPS provider
by Landon 22 Apr '24

22 Apr '24

Hello, I am currently using gcore.com as my VPS hosting provider. I have been running a Tor bridge with them for several years now. I am supposed to be getting 200 Mbps unmetered bandwidth. However, in the past six months, my bandwidth usage has been declining a lot. It seems like they might be throttling my server. I was getting over 2000 connected clients and now I'm down to less than 600. "iftop" shows me about 30 to 60 Mbps bandwidth usage during any time of the day. Take a look... https://metrics.torproject.org/rs.html#details/4A0B065DB3CF807C6910DFEF6D9C… So, I am trying to find a Tor friendly VPS provider that offers 1 Gbps unmetered bandwidth. I found my current provider in an article describing Tor friendly providers, but I cannot locate that link. I am currently paying about 15 Euros a month for a server with 2 cores, 4 GB RAM and 100 GB SSD. I would like to pay about the same for my new service. In my search, I have found some better providers, but they don't seem to be Tor friendly. Do you have a good provider that you really like that offers inexpensive VPS? I would prefer one located in the USA if possible, but I guess it doesn't matter if the bandwidth is good. Landon

5 5

tor_bug_reached_count increase
by tor＠appliedprivacy.net 20 Apr '24

20 Apr '24

Hello, the new metricsport counter shows that some specific tor relays (2 out of 50) have a significant tor_bug_reached_count rate (around 8 per second). Do you see similar? You have to run on git main or nightly builds to see that metric. best regards, tor(a)appliedprivacy.net

3 2

issues with tor-nightly-main repo
by applied-privacy.net 19 Apr '24

19 Apr '24

Hello, the repo failed to get new updates after Version: 0.4.9.0-alpha-dev-20240415T020400Z-1~d12.bookworm+1 but we would be eager to test changes that got into main in the last few days. https://deb.torproject.org/torproject.org/dists/tor-nightly-main-bookworm/m… aarch64 build fails. Deploy job is skipped: https://gitlab.torproject.org/tpo/core/debian/tor/-/jobs https://gitlab.torproject.org/tpo/core/debian/tor/-/jobs/529032 https://gitlab.torproject.org/tpo/core/debian/tor/-/jobs/528021 https://gitlab.torproject.org/tpo/core/debian/tor/-/jobs/528040 best regards, applied-privacy.net

4 3

Request for Feedback on Relay Node Update Management
by Alessandro Greco 19 Apr '24

19 Apr '24

Dear Tor-Relays Mailing List Members, I hope this email finds you well. I'm reaching out to share some observations and pose some questions regarding the management of relay node updates, particularly concerning their impact on stability and security of the service provided. Recently, I've noticed an interesting pattern with my relay node (ID: 47B72187844C00AA5D524415E52E3BE81E63056B [1]). I've followed TorProject's recommendations [2] and configured automatic updates, which has led to frequent restarts of the node to keep the Tor software up-to-date. While this practice ensures high security by keeping the software updated, it seems to compromise the stability of the node itself. The Uptime value of my node has remained at a maximum of a few hours. This situation has prompted me to reflect on what might be the best strategy to adopt. On one hand, frequent updates ensure optimal security, while on the other hand, continuous restarts may affect the user experience for those relying on the node's stability for their Tor activities. As such, I'd like to pose some questions to the community to gather feedback and assess best practices: 1. In your opinion, is it preferable to maintain automatic updates to ensure maximum security, even if frequent restarts may compromise the node's stability? 2. Or would it be more sensible to adjust the update frequency, perhaps performing them once or twice a week, to ensure greater stability of the node without excessively compromising security? 3. Have you had similar experiences with your relay nodes? How have you addressed this challenge and what were the outcomes? Thank you in advance for your time and cooperation. Best regards, Aleff. [1] https://metrics.torproject.org/rs.html#details/47B72187844C00AA5D524415E52E… [2] https://community.torproject.org/relay/setup/guard/debian-ubuntu/updates/ --- Browse my WebSite: aleff-gitlab.gitlab.io Use my PGP Public Key: pgp.mit.edu/pks/lookup?op=get&search=0x7CFCE404A2168C85 Join to support: - Free Software Foundation! (my.fsf.org/join?referrer=6202114) - Electronic Frontier Foundation! (eff.org) - Tor-Project (torproject.org) - Signal (signal.org)

6 11

issues with tor rpm : anyone sees what I am doing wrong ?
by Carlos 15 Apr '24

15 Apr '24

Hi, lacking competence or support to build bridges under DEBIAN 12, I tried FEDORA and this feeeeeels cool. Yep yet this worry some message : Errors during downloading metadata for repository 'tor': - Status code: 404 for https://rpm.torproject.org/fedora/repodata/repomd.xml (IP: 2620:7:6002:0:466:39ff:fe7f:1826) Error: Failed to download metadata for repo 'tor': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried here is my bash script before the error that I find absolutely fine... kindly prove me wrong, please. Carlos. (would PGP encryption make sense when sending these types of emails to tor-relays(a)lists.torproject.org ? can't see the mailing list PGP publicly) dnf update dnf install dnf-automatic -y systemctl enable --now dnf-automatic-install.timer echo "[tor]" > /etc/yum.repos.d/Tor.repo echo "name=Tor for Fedora $releasever - $basearch" >> /etc/yum.repos.d/Tor.repo echo "baseurl=https://rpm.torproject.org/fedora/$releasever/$basearch" >> /etc/yum.repos.d/Tor.repo echo "enabled=1" >> /etc/yum.repos.d/Tor.repo echo "gpgcheck=1" >> /etc/yum.repos.d/Tor.repo echo "gpgkey=https://rpm.torproject.org/fedora/public_gpg.key" >> /etc/yum.repos.d/Tor.repo echo "cost=100" >> /etc/yum.repos.d/Tor.repo dnf install tor -y dnf install obfs4 -y -- PGP updated every second week : please actualize our communication every time.

3 2

Node 6E02FDEA15122A492A799A58C4C11D02637B145A is marked as down, but logs display no issues
by 0N ODV 08 Apr '24

08 Apr '24

Hi all, our node sacco.osservatorionessuno.org[1] has been marked down for more than a couple of days. It is at the latest version from Tor's Debian repository and I tried to restart both the service and the server. The process is running, and the 9001 and 9030 ports are open and succesfully reachable from the outside. The notice log I temporarily enabled to look for the issue apparently does not show any warning signs. Here is an anonymized output of the log: [notice] Tor 0.4.8.10 opening new log file. [notice] We compiled with OpenSSL XXX and we are running with OpenSSL XXX. These two versions should be binary compatible. [notice] Tor 0.4.8.10 running on Linux with Libevent XXX, OpenSSL XXX, Zlib XXX, Liblzma XXX, Libzstd XXX and Glibc XXX as libc. [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://support.torproject.org/faq/staying-anonymous/ [notice] Read configuration file "/etc/tor/torrc". [notice] Based on detected system memory, MaxMemInQueues is set to 720 MB. You can override this by setting MaxMemInQueues by hand. [notice] Opening Socks listener on 127.0.0.1:9050 [notice] Opened Socks listener connection (ready) on 127.0.0.1:9050 [notice] Opening OR listener on XXX:9001 [notice] Opened OR listener connection (ready) on XXX:9001 [notice] Opening OR listener on [XXX]:9001 [notice] Opened OR listener connection (ready) on [XXX]:9001 [notice] Opening Directory listener on XXX:9030 [notice] Opened Directory listener connection (ready) on XXX:9030 [notice] Opening Directory listener on [XXX]:9030 [notice] Opened Directory listener connection (ready) on [XXX]:9030 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip. [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6. [notice] Configured to measure statistics. Look for the *-stats files that will first be written to the data directory in 24 hours from now. [notice] Your Tor server's identity key fingerprint is 'sacco XXX' [notice] Your Tor server's identity key ed25519 fingerprint is 'sacco XXX' [notice] Bootstrapped 0% (starting): Starting [notice] Starting with guard context "default" [notice] Bootstrapped 5% (conn): Connecting to a relay [notice] Unable to find IPv4 address for ORPort 9001. You might want to specify IPv6Only to it or set an explicit address or set Address. [notice] Bootstrapped 10% (conn_done): Connected to a relay [notice] Bootstrapped 14% (handshake): Handshaking with a relay [notice] Bootstrapped 15% (handshake_done): Handshake with a relay done [notice] Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits [notice] Bootstrapped 90% (ap_handshake_done): Handshake finished with a relay to build circuits [notice] Bootstrapped 95% (circuit_create): Establishing a Tor circuit [notice] External address seen and suggested by a directory authority: XXX [notice] Bootstrapped 100% (done): Done [notice] Now checking whether IPv4 ORPort XXX:9001 is reachable... (this may take up to 20 minutes -- look for log messages indicating success) [notice] Now checking whether IPv6 ORPort [XXX]:9001 is reachable... (this may take up to 20 minutes -- look for log messages indicating success) [notice] Self-testing indicates your ORPort XXX:9001 is reachable from the outside. Excellent. [notice] Performing bandwidth self-test...done. [notice] Self-testing indicates your ORPort [XXX]:9001 is reachable from the outside. Excellent. Publishing server descriptor. [notice] Heartbeat: It seems like we are not in the cached consensus. [notice] Heartbeat: Tor's uptime is XX hours, with XX circuits open. I've sent XX and received XX. I've received XXX connections on IPv4 and XXX on IPv6. I've made XXX connections with IPv4 and XXX with IPv6. [notice] While bootstrapping, fetched this many bytes: XXX (microdescriptor fetch) [notice] While not bootstrapping, fetched this many bytes: XXX (server descriptor fetch); XXX (server descriptor upload); XXX (consensus network-status fetch); XXX (microdescriptor fetch) [notice] Circuit handshake stats since last time: X/X TAP, X/X NTor. [notice] Since startup we initiated XXX and received XXX v1 connections; initiated 0 and received 0 v2 connections; initiated XXX and received XXX v3 connections; initiated XXX and received XXX v4 connections; initiated XXX and received XXX v5 connections. [notice] Heartbeat: DoS mitigation since startup: 0 circuits killed with too many cells, 0 circuits rejected, 0 marked addresses, 0 marked addresses for max queue, 0 same address concurrent connections rejected, 0 connections rejected, 0 single hop clients refused, 0 INTRODUCE2 rejected. [notice] Your network connection speed appears to have changed. Resetting timeout to XXXms after XXX timeouts and XXX buildtimes. We would appreciate any hint on how to proceed to debug the issue in order to keep the server useful. Thank you Giuio [1] - https://metrics.torproject.org/rs.html#details/6E02FDEA15122A492A799A58C4C1…

3 3

Re: [tor-relays] R: Re: Request for Feedback on Relay Node Update Management
by denny.obreham＠a-n-o-n-y-m-e.net 04 Apr '24

04 Apr '24

You should tweak your web server as presented in this section: https://github.com/Enkidu-6/tor-ddos?tab=readme-ov-file#first-step-prep aring-your-system-for-high-number-of-connections This would most likely solve Out-Of-Memory problems I suspect you are experiencing. Denny On 04/02/2024 10:06 AM Alessandro Greco via tor-relays wrote .. My computer has: - 1 vCore CPU - 1 GB RAM - Maximum bandwidth: 1 GB/s So if I understand correctly, the problem should not be at the hardware level, right? Il mar, apr 2, 2024 alle 12:14, Frank LÃ½ via tor-relays <[1]tor-relays(a)lists.torproject.org> ha scritto: Hello Aleff, That is up to you. I strongly suspect that the hardware is the bottleneck, but detailed specifications are required in order to determine a conclusion. Tor is currently bounded by single-thread CPU performance, with a minimum recommendation of 1 GB of RAM for non-exit relays faster than 40 Mbit/s. If your hardware does not meet these RAM requirements, upgrade it, then adjust the relay bandwidth rate limit as necessary. Frank Mar 27, 2024, 7:00 AM by tor-relays(a)lists.torproject.org: > I want to thank you for all the support replies you sent in response to my previous communication. I have carefully read through all your insights and appreciate your efforts in trying to find a solution to the issue. > > After thorough consideration of the matter, I have concluded that the problem may not be due to configuration errors in the automatic updates, as initially speculated. Rather, it seems that the issue could be hardware-related, with my VPS computer potentially unable to handle a certain amount of traffic. > > It's worth noting that there are no bandwidth issues, and the connection speed is high. However, I have set a RelayBandwidthRate limit of 250 Mbits. Interestingly, despite this configuration, the Tor Metrics site detects a speed of approximately 10/13 MBytes, equivalent to about 90/110 Mbits. This led me to speculate that the machine might experience an overload of operations or connections, causing it to crash temporarily. As a result, at the time of restart, Tor Statistics records the maximum speed reached up to that point (without ever reaching the set limit). Subsequently, following this theory, the Tor service restarts automatically without causing any anomalies in the service. > > To address this situation, I have decided to reduce the RelayBandwidthRate limit from 250 Mbits to 100 Mbits, which falls within the minimum limits proposed by torproject. If this is the case, however, it is also true that it would be best to impose an upper limit of 80% when considering the bandwidth magnitude involving the crash event as the maximum point. I honestly don't know how I would be able to verify this and acquire this kind of data, probably doing trial and error is the way. Perhaps the ideal would be to lower the maximum bandwidth further to verify for sure that this is what it is? > > Currently, I am closely monitoring the situation to assess whether this modification has a positive impact on the issue. > > I will keep you updated on any progress, and I thank you once again for your support and understanding. > > Best regards, > > Aleff. > > --- > > Browse my WebSite: aleff-gitlab.gitlab.io > Use my PGP Public Key: pgp.mit.edu/pks/lookup?op=get&search=0x7CFCE404A2168C85 > Join to support: > - Free Software Foundation! (my.fsf.org/join?referrer=6202114) > - Electronic Frontier Foundation! (eff.org) > - Tor-Project (torproject.org) > - Signal (signal.org) > > martedÃ¬ 26 marzo 2024 11:21, torrelay.9puwh--- via tor-relays ha scritto: > >> Hi Alessandro, >> >> It's good to hear from you. I have a relay in a somewhat similar situation[1], although I've only just clocked it. If you're using Debian or one of its derivatives, then you can configure the unattended-upgrades package to perform a restart at a specific time if required. This means that your relay won't restart every time an upgrade is required, but will keep itself up to date. I think configuring a time for a daily restart (if upgrade required) would be a fairly good balance between stability and reliability. >> >> See what other people say or from your own experience, as Tor circuits are generally quite resilient and as long as you aren't a guard node I believe connections won't die because your relay is restarting. >> >> I would also note that Tor recommends [2] an uptime or 24/7 is nice, but not required and that restarts to the daemon or node are fine. Because of this, it might not be worth worrying too much about this issue. >> >> I hope you find some of this useful, >> Seth >> >> >> >> [1] https://metrics.torproject.org/rs.html#details/5FEB80D4DCC63180CB4D8 7C1222177BB099E55AE >> [2] https://community.torproject.org/relay/relays-requirements/ >> -------- Original Message -------- >> On 26/03/2024 08:54, Alessandro Greco via tor-relays tor-relays(a)lists.torproject.org wrote: >> >> > Dear Tor-Relays Mailing List Members, >> > >> >> > I hope this email finds you well. I'm reaching out to share some observations and pose some questions regarding the management of relay node updates, particularly concerning their impact on stability and security of the service provided. >> > >> >> > Recently, I've noticed an interesting pattern with my relay node (ID: 47B72187844C00AA5D524415E52E3BE81E63056B [1]). I've followed TorProject's recommendations [2] and configured automatic updates, which has led to frequent restarts of the node to keep the Tor software up-to-date. While this practice ensures high security by keeping the software updated, it seems to compromise the stability of the node itself. The Uptime value of my node has remained at a maximum of a few hours. >> > >> >> > This situation has prompted me to reflect on what might be the best strategy to adopt. On one hand, frequent updates ensure optimal security, while on the other hand, continuous restarts may affect the user experience for those relying on the node's stability for their Tor activities. >> > >> >> > As such, I'd like to pose some questions to the community to gather feedback and assess best practices: >> > >> >> > 1. In your opinion, is it preferable to maintain automatic updates to ensure maximum security, even if frequent restarts may compromise the node's stability? >> > 2. Or would it be more sensible to adjust the update frequency, perhaps performing them once or twice a week, to ensure greater stability of the node without excessively compromising security? >> > 3. Have you had similar experiences with your relay nodes? How have you addressed this challenge and what were the outcomes? >> > >> >> > Thank you in advance for your time and cooperation. >> > >> >> > Best regards, >> > Aleff. >> > >> >> > [1] https://metrics.torproject.org/rs.html#details/47B72187844C00AA5D524 415E52E3BE81E63056B >> > [2] https://community.torproject.org/relay/setup/guard/debian-ubuntu/upd ates/ >> > >> >> > --- >> > >> >> > Browse my WebSite: aleff-gitlab.gitlab.io >> > Use my PGP Public Key: pgp.mit.edu/pks/lookup?op=get&search=0x7CFCE404A2168C85 >> > Join to support: >> > - Free Software Foundation! (my.fsf.org/join?referrer=6202114) >> > - Electronic Frontier Foundation! (eff.org) >> > - Tor-Project (torproject.org) >> > - Signal (signal.org)_______________________________________________ >> > tor-relays mailing list >> > tor-relays(a)lists.torproject.org >> > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> >> >> >> _______________________________________________ >> tor-relays mailing list >> tor-relays(a)lists.torproject.org >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >> _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays 1. file:///tmp/.webmin/reply_mail.cgi?new=1&to=Il

2 1

User advisory to check for xz-utils backdoor
by pasture_clubbed242＠simplelogin.com 02 Apr '24

02 Apr '24

Greetings, I do not normally use mailing lists such as this one to inform subscribers of security notices, but this issue is extreme enough where it may benefit the anonymity of Tor users if relay operators are aware of it sooner. The near-universally used 'xz' compression library has been found to contain a backdoor in certain code branches. This backdoor has made it into some systems such as Debian Sid. Details regarding this backdoor are available here. https://www.openwall.com/lists/oss-security/2024/03/29/4 It is suspected that if your OpenSSH server links to the xz library, which Debian appears to do so, then this backdoor is remotely exploitable. If your OpenSSH server does not link to this library, then your system still contains many processes that run xz actions as the root user, some input of which may be less than trusted. For those needing a patch, I recommend you research your distribution's security advisory page for further information. References: Debian Sid Advisory: https://security-tracker.debian.org/tracker/CVE-2024-3094

2 1