- tor-relays - lists.torproject.org

Re: [tor-relays] bwauth graph for August 2015
by starlight.2015q3＠binnacle.cx 31 Aug '15

31 Aug '15

In addition to reducing Unmeasured=1 relays from ~350 to ~150, the combination of the new Torflow release and addition of the Faravahar BWauth have dramatically improved the reliability and stability of bandwidth measurements of relays, for both the individual BWauth values and consensus values. This shows up most clearly in the 3-month and 1-year Atlas graphs of consensus weights.

1 0

bwauth graph for August 2015
by nusenu 30 Aug '15

30 Aug '15

Hi, I generated graphs for bwauth votes. The graph [1] shows that adding Faravahar (yellow) as 5th bwauth significantly reduced the amount of unmeasured relays (difference between red and blue), at least as long as it did provide measurements. [1] https://raw.githubusercontent.com/nusenu/tor-network-observations/master/pn…

1 0

Botnet
by Heiko Tropartz 25 Aug '15

25 Aug '15

2 1

Re: [tor-relays] How to Run High Capacity Tor Relays
by Magnus Hedemark 22 Aug '15

22 Aug '15

I think it's unfair to characterize the Tor community as a Linux club, or religious about operating systems. There is a whole big world of operating systems out there, and most (not all) have a very POSIX flavor to them that makes it pretty easy to generalize advice on running the service. The work that I'm doing right now is around packaging Tor for OmniOS (and writing doc around using them together), which is pretty obscure and has no relationship to Linux. There's definitely software out there that assumes you're building it on Linux, running it on Linux, but Tor is definitely not one of them. Windows is the only really prominent OS that I can think of off the top of my head that has no significant POSIX flavor to it. Its heritage is more from DOS and VMS than anything. It's an odd bird for people who otherwise work in POSIX platforms all of the time. Be thankful Tor runs there at all. Supporting Windows on a cross-platform app is no small feat. Maybe instead of throwing shade at the EFF, take a stab at fixing the problem yourself? The EFF is not some multi-billion dollar software company, isn't staffed with an army of engineers and tech writers looking for something to do. And, if they were, I've got doubts that the cost/benefit analysis on supporting Windows as a relay platform would turn out in your favor. If you're really dedicated to running a big Tor relay, and can't be bothered to help improve the documentation for Windows relay operators, time to learn a new tool and maybe not be so religious about running Windows for all the things? I think I've got 5 different OS's that I'm managing right now. No big deal. That's the beauty of the other side of the Windows fence. Once you learn one, it's easy to learn the rest. -M Sent from [ProtonMail](https://protonmail.ch), encrypted email based in Switzerland. -------- Original Message -------- Subject: Re: [tor-relays] How to Run High Capacity Tor Relays Time (GMT): Jul 22 2015 12:14:56 From: ben(a)reefsolutions.com To: tor-relays(a)lists.torproject.org Robert: you're right. The group in general isn't very knowledge about Windows. I'm a Windows sysadmin and spent a long time deciphering the Tor documentation on windows and it's poor. Best info was another operator who posted on the mailing list months ago. I've reached out to the website maintainers and gotten radio silence on updating the Wiki for Windows. I've added other things to the wiki though (on exits). I'm a bit perplexed on the OS religiousness since we need more inclusive for Tor relays. We need a status of liberty, and the EFF's push isn't enough. Sigh.... -Ben -----Original Message----- From: tor-relays [mailto:tor-relays-bounces@lists.torproject.org] On Behalf Of I Sent: Tuesday, July 21, 2015 8:29 PM To: tor-relays(a)lists.torproject.org Subject: Re: [tor-relays] How to Run High Capacity Tor Relays Moritz and all, I mean no offence to anyone since we're all in this for the greater good, but really approaching joining the Tor community is pretty hard if you are not a Linux wiz and know about servers or a number of other things. I have tried to look around the multitude of interconnecting links but a lot are out of sync slightly or are not clear because of presumed knowledge and understanding or are irrelevant because of evolution Wouldn't it be better to be clear and neat in the way Torservers guides are? Would someone presume the Torproject installation guide was not complete and know where to look? Robert > On 07/22/2015 01:34 AM, I wrote: >> https://www.torservers.net/wiki/setup/server has excellent guidance >> for setting-up relays seriously. >> Would those at Torproject think about linking to it from their >> installation guides? >> >> Robert > > https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines > links to it, as well as to > https://trac.torproject.org/projects/tor/wiki/doc/TorRelaySecurity . > Both these pages could use some overhaul, but they're not too bad. > > -- > Moritz Bartl _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays _______________________________________________ tor-relays mailing list tor-relays(a)lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

5 4

Google Compute Engine rejected as relay?
by Greg 22 Aug '15

22 Aug '15

Hi, I tried to spin up a relay on GCE a few days ago, and I found that it was outright rejected with a message like "Authdir is rejecting routers in this range". I don't have the IP handy now, but I could easily get another ephemeral IP. I thought I came across a thread saying that there was an attack on the tor network originating from GCE, and that's why it got blacklisted. I'm not finding that thread now. But is GCE going to be removed from the blacklist? I realize it's not a very economical place to run a relay. -Greg

5 6

Re: [tor-relays] Calling for more Exit Relays
by spiros_spiros＠freemail.gr 22 Aug '15

22 Aug '15

Στις 21 του Αυγούστου 2015, 13:21, Sharif Olorin <sio(a)tesser.org> έγραψε: >Could you estimate the number of abuse complaints you receive, or the >amount of time you need to spend responding to them - and how many >exits for how long, for context? I am the operator of exit relays in Iceland, England and Czech republic (as well as some non-exit relays where the providers are less friendly to Tor/don’t understand Tor). The nodes have been built in the last six months (financial circumstance only permitted me to start contributing recently), and I hope to run them for many years to come. As such they are all Debian Linux based with administration via Chef, so I probably spend an hour per month on the admin for all of them in total. Abuse complaints generally come in the form of automated email from Webiron and similar services, via the hosting providers. In one case, the hosting provider is happy to change the PTR record and abuse email in the WHOIS to an address that I control, so that they don’t bother forwarding the mail. I get about 5 of these per month for all of the exits, and no action is necessary. In rare cases, the hosting company based in the Czech republic asks me what steps I have taken in response to the abuse report. In this case I respond quickly with a polite message with the actions I’ve taken (blocking the host in the firewall, temporarily restricting the port in question or agreeing with the complainant that they will block the host). I spend about an hour per month on this task as well. The most frustrating part of this is when one of the exit nodes attacks a honeypot or connects to a sinkholed DNS domain, and I have to query the NIDS to make sure it is legit Tor traffic and my boxe s aren’t compromised. The other category of abuse is far more rare but takes a lot of time, and that is legal threat from a company or state entity. I’ve been very lucky and so far only had two such cases, both of which required multiple emails to be sent and staff to be educated in the purpose and functionality of Tor to make the issue go away. These cases took a few hours of work and worrying each. All of my exits have a web page on port 80 explaining that they are a Tor exit and what that means. Hope this is helpful. Spiros

4 4

Are BWauths punishing 'bad' relays? (not publishing measurements)
by nusenu 18 Aug '15

18 Aug '15

Hi, this is actually a question to BWauth ops. even though the new onionoo measured flag data is not* yet completely rolled out (since it has to be deployed for > a week to assign the flag to all relays), I would have a question since the data says that all relays in the previously detected AWS family [1] are unmeasured. I'm wondering whether this is a pure coincidence or on purpose (by BWauths) or by some other yet to be found reason? thanks! [1] https://lists.torproject.org/pipermail/tor-talk/2015-July/038623.html The "spikes" in the following table brought me two that group again. The table shows unmeasured running relays by the month they joined the network (note this is based on preliminary onionoo data) The "spikes" are caused by relays mentioned in [1]. +-----------+---------+ | joinmonth | #relays | +-----------+---------+ | 2015-07 | 3 | | 2015-06 | 4 | | 2015-05 | 2 | | 2015-04 | 12 | <<< AWS family part II | 2015-03 | 4 | | 2015-02 | 35 | <<< AWS family part I | 2015-01 | 2 | | 2014-12 | 2 | | 2014-11 | 8 | | 2014-10 | 1 | | 2014-09 | 3 | | 2014-08 | 3 | | 2014-07 | 2 | | 2014-06 | 2 | | 2014-05 | 1 | | 2014-04 | 4 | | 2014-03 | 1 | | 2014-01 | 2 | | 2013-11 | 1 | | 2013-02 | 1 | | 2012-04 | 1 | | 2012-02 | 1 | +-----------+---------+ onionoo data from 2015-08-18 18:00:00 (thecthulhu instance)

2 2

No guard flag?
by Tor Tor 18 Aug '15

18 Aug '15

Hi, I'm running a relay node [1], and it's been up for a few days over 68 days. I was thinking it would get the guard flag around then. It has yet to get the flag or have non-zero guard probability. Any idea why that is? Or what I could do to get it to be a guard? 1) https://globe.torproject.org/#/relay/741488D89B860E59D6391ACA27A157E87EB533… Thanks, G

5 5

Guidelines for lifetime of a bridge?
by Tim Sammut 17 Aug '15

17 Aug '15

Hi. Is there a guideline for how long a bridge should exist on a particular IP address? For example, does it make sense to keep a bridge on one IP address forever? Or is it better to move a bridge to a new IP address periodically, perhaps every 120 days? I ask because I saw traffic to my bridge ramp-up fairly steadily, and then quickly drop-off to a low number of clients per day. Thanks! hope you are all well t -- Tim Sammut ~ @t1msammut ~ tim(a)teamsammut.com Ford-Mozilla Fellow at Amnesty International

5 5

urras? [was: tor network "loses" ~50 relays/day due to bw auth problem]
by coderman 17 Aug '15

17 Aug '15

On 5/31/15, Jannis Wiese <mail(a)janniswiese.com> wrote: > ... > At the moment I just see urras missing from the consensus... i would like to report a missing Tor-DA to the authorities. ;) best regards,

2 1