- tor-relays - lists.torproject.org

Good vsp providers
by Fabian A. Santiago 20 Jan '18

20 Jan '18

Does anyone here use a vsp hosting provider which offers unlimited bandwidth usage at a reasonable cost monthly? Would need to run / offer Ubuntu. Country is of little importance. Thanks. -- Thanks, Fabian S. OpenPGP: 3C3FA072ACCB7AC5DB0F723455502B0EEB9070FC

6 20

Re: [tor-relays] [OrNetRadar] AS: "DigitalOcean, LLC" - 2018-01-16
by nusenu 19 Jan '18

19 Jan '18

I propose to reject these new DigitalOcean relays (no contact/MyFamily) +---------------------+------------------------------------------+-------------+---------+----------+----------+---------+ | first_seen | fingerprint | tor_version | or_port | dir_port | nickname | contact | +---------------------+------------------------------------------+-------------+---------+----------+----------+---------+ | 2018-01-16 01:00:00 | FD94F9A1FB940786691A7B8A266DCA50C6AE28F1 | 0.2.9.11 | 443 | 80 | Unnamed | NULL | | 2018-01-16 02:00:00 | 314E00247E8A661F3FB583275AD3F7B5466EFC99 | 0.2.9.11 | 443 | 80 | Unnamed | NULL | | 2018-01-16 03:00:00 | 0DDD78A986EDECA1E6FD36F8C4ACEFBCB95A90D7 | 0.2.9.11 | 443 | 80 | Unnamed | NULL | | 2018-01-16 03:00:00 | 3137D94063BA0F5D92BAD71EC4F452CA875D81D3 | 0.2.9.11 | 443 | 80 | Unnamed | NULL | | 2018-01-16 03:00:00 | AF1D8F02C0949E9755C0DF9C6761FBBF7AAB62C2 | 0.2.9.11 | 443 | 80 | Unnamed | NULL | | 2018-01-16 04:00:00 | 5C0C3F106C81BDA139DB1B5CD11E3E8E00C2ECF5 | 0.2.9.11 | 443 | 80 | Unnamed | NULL | | 2018-01-16 04:00:00 | B901626F9F7CD538B8B7812223F6614B1CFBDD78 | 0.2.9.11 | 443 | 80 | Unnamed | NULL | | 2018-01-16 04:00:00 | 26F2EE549E1BAE4979E15A432DBB63FC5148B31C | 0.2.9.11 | 443 | 80 | Unnamed | NULL | +---------------------+------------------------------------------+-------------+---------+----------+----------+---------+ ornetradar(a)riseup.net: > 2018-01-16 > > | Up | Ext | JoinTime | IP | CC | ORp | Dirp | Version | Contact | Nickname | eFamMembers | > |------+-------+------------+----------------+------+-------+--------+-----------+-----------+------------+---------------| > | 1 | 0 | 00:16:46 | 138.197.99.49 | us | 443 | 80 | 0.2.9.11 | None | Unnamed | 1 | > | 1 | 0 | 01:09:43 | 165.227.25.219 | us | 443 | 80 | 0.2.9.11 | None | Unnamed | 1 | > | 1 | 0 | 02:07:50 | 178.62.240.100 | nl | 443 | 80 | 0.2.9.11 | None | Unnamed | 1 | > | 1 | 0 | 02:11:33 | 159.89.192.117 | sg | 443 | 80 | 0.2.9.11 | None | Unnamed | 1 | > | 1 | 0 | 02:15:04 | 178.62.33.87 | gb | 443 | 80 | 0.2.9.11 | None | Unnamed | 1 | > | 1 | 0 | 02:53:44 | 139.59.135.196 | de | 443 | 80 | 0.2.9.11 | None | Unnamed | 1 | > | 1 | 0 | 02:56:53 | 165.227.38.141 | ca | 443 | 80 | 0.2.9.11 | None | Unnamed | 1 | > | 1 | 0 | 03:00:57 | 139.59.89.46 | in | 443 | 80 | 0.2.9.11 | None | Unnamed | 1 | > > https://nusenu.github.io/OrNetRadar/2018/01/16/a2 -- https://mastodon.social/@nusenu twitter: @nusenu_

5 9

Re: [tor-relays] Tor 0.3.2.9 Linux - too slow to handle this many circuit creation requests
by rush23＠gmx.net 19 Jan '18

19 Jan '18

1 0

Tor 0.3.2.9 Linux - first period fine, since today lots of: Your computer is too slow to handle this many circuit creation requests!
by Stijn Jonker 18 Jan '18

18 Jan '18

Hi All, Is this a "known" issue, my non-exit relay has been running for over a year, and although with the recent issues (attack / network issue or the likes) with some ipfilter kunfu it managed to get through the storm pretty well. Now all of a sudden since early today my logs are flooded with: Jan 18 11:34:44 tornode Tor[65839]: Your computer is too slow to handle this many circuit creation requests! Please consider using the MaxAdvertisedBandwidth config option or choosing a more restricted exit policy. [204844 similar message(s) suppressed in last 60 seconds] First message is at Jan 18 07:17:13, last just Jan 18 11:37:44, when adding the # of circuits up, total in ~4 hours: 18033820 being 18 Million, which feels a bit much, but don't have any figures to compare. On the current hardware this never seemed to be an issue, not even by far it was normally (according to ESXi) at ~400-500mhz, now it's using 2 vCPU's at ~4000Mhz. Now of course I can lower the bandwidth, but if these are low bandwidth circuits then lowering the bandwidth from 10Mbyte/sec (peak 12,5Mbyte/sec) to a lower value might actually not resolve it. Anybody seeing this as well and/or ideas / advice etc? Stijn

4 3

The Onion Box v4.1
by Ralph Wetzel 18 Jan '18

18 Jan '18

5 8

tor 0.3.2.9 reached deb.torproject.org and FreeBSD repos
by nusenu 17 Jan '18

17 Jan '18

Since this has been a common question in the last few days.. -- https://mastodon.social/@nusenu twitter: @nusenu_

2 1

Re: [tor-relays] Assigning BadExit to Exits failing to resolve hostnames starting on 2018-01-15
by nusenu 17 Jan '18

17 Jan '18

> Hello, > > Arthur and I have been emailing affected exit operators for a while > now and many operators fixed their exits but some minor number or exits > remain broken (even some that are running good tor versions). > > I believe it is reasonable to assign the BadExit flag to exits failing 100% > of DNS resolution attempts and have a CW > 200 (or any other value you like, > I just would not bother about exits with a CW of 20) starting with 2018-01-15, > if we did send them an email about the problem (if they have a contactInfo set). > > https://arthuredelstein.net/exits/ These are 4 exits failing 100% of DNS resolution attempts based on Arthur's scan data from 2018-01-16 05:10:00 UTC +------------------------------------------+-------------+-------+----------------------------------------------------+ | fingerprint | tor_version | CW | contact | +------------------------------------------+-------------+-------+----------------------------------------------------+ | 6F6586F1631CAC1115B9561656E7664D386B7F4B | 0.3.1.9 | 404 | Ins0mnia Shells <orwell1984.info AT gmail dot com> | | 34D3AF8DC4CF68BDEA354D21C24EFB2EAFD7191F | 0.3.1.7 | 2040 | tor(a)krosnov.org | | 92E3764D5485DC4AC01178271FB5A8A2D90DA9FF | 0.3.1.9 | 16700 | Random Person <tor-admin(a)portaltodark.world> | | 60A7451D512B647C0D05A2063CA7F329311347B5 | 0.2.5.16 | 21200 | NULL | +------------------------------------------+-------------+-------+----------------------------------------------------+ -- https://mastodon.social/@nusenu twitter: @nusenu_

1 0

Has the storm passed?
by Ana Lucia Cortez 16 Jan '18

16 Jan '18

About 36 hours ago I tentatively disabled all my firewall rules who where limiting connections to my relay. Everything looks pretty normal, I see no spikes, no errors, no failures. > Jan 15 10:18:36 Tor-relay: > Heartbeat: > Tor's uptime is 4 days 18:00 hours, > with 36,596 circuits open. > I've sent 4,962.80 GB > and received 4,935.38 GB. > Circuit handshake stats since last time: > 244,441 / 244,441 TAP, > 10,558,601 / 10,558,601 NTor. > Since startup, > we have initiated > 0 v1 connections, > 0 v2 connections, > 2 v3 connections, and > 71,189 v4 connections; > and received > 1 v1 connections, > 31,976 v2 connections, > 53,960 v3 connections, and > 755,679 v4 connections. While I still see a lot of Hetzners & Co. in my top 30 connections, they seem to behave better. > Conn Subnet AS Org > 18 46.188.***.0/17 AS8334 2COM Co ltd. > 17 192.243.***.0/20 AS39572 Internet Service Solution Corp. (ISSC-11) > 14 24.60.***.0/14 AS7922 Comcast Cable Communications, LLC (CCCS) > 13 192.99.***.0/16 AS16276 OVH Hosting, Inc. (HO-2) > 12 212.109.***.0/23 AS29182 CJSC Server WebDC colocation > 11 213.239.***.0/18 AS24940 Hetzner Online AG > 10 95.65.***.0/17 AS31252 SC STARNET SRL > 10 213.239.***.0/18 AS24940 Hetzner Online AG > 9 139.59.***.0/16 DigitalOcean, LLC (AP) > 9 163.172.***.0/16 AS12876 Online SAS -- Relay:32E7AAF1F602814D699BEF6761AD03E387758D49

3 2

could Tor devs provide an update on DOS attacks?
by starlight.2017q4＠binnacle.cx 16 Jan '18

16 Jan '18

I realize we're in the middle of the Christmas / New Year dead week, but it would be great one of the developers could says something (anything) about the ongoing denial-of-service attacks. My node crashed a second time a fews days back, and while the second iteration of hardening appears have held, I see many others crack under the stress. If one opens a control channel and issues setevents extended orconn volumes of 650 ORCONN ... LAUNCHED ID=nnnn 650 ORCONN ... FAILED REASON=CONNECTREFUSED NCIRCS=x ID=nnnn messages appear. First I though these were operators with some new mitigation, but finally realized the relays are crashed and have not yet dropped off the consensus.

3 6

When is 0.3.2.9 available to download?
by Gary Smith 15 Jan '18

15 Jan '18

Hi, Firstly, on 9th of this month, tor 0.3.2.9 was released, I was wondering when it is available the official repos via apt-get? I'd rather not compile from source because its on a its on a pi and will takes ages and I will be effectively loosing auto-updates for tor. I have been testing the 0.3.2.8-alpha in a VM for a while and I am looking forward to using the new stable release. Confusingly, https://www.torproject.org/download/download.html reports that the latest stable version number (0.3.2.9) is greater than the alpha (0.3.2.8-rc) am I missing something? Secondly, I think the "Raspbian is not Debian" warning should be removed from https://www.torproject.org/docs/debian.html.en which while technically true gives users a false impression as tor will indeed work fine on a Raspberry Pi 2 / 3 (armhf not armel like Pi 1). Thanks.

2 2