- tor-relays - lists.torproject.org

Tor Relay Operators Meetup Jan 28
by George 27 Jan '23

27 Jan '23

Tomorrow is the next Tor relay operator meetup will happen on January 28 at 19:00 UTC! We're drafting the agenda here: - pad: https://pad.riseup.net/p/tor-relay-op-meetup-j28-keep - onionsite: http://kfahv6wfkbezjyg4r6mlhpmieydbebr5vkok5r34ya464gqz6c44bnyd.onion/p/tor… Feel free to add topics and/or questions. Room Link - https://tor.meet.coop/gus-og0-x74-dzn g

1 0

Proposal: increase max number of relays per IP
by mail＠nothingtohide.nl 23 Jan '23

23 Jan '23

Hello! Running a high bandwidth Tor server requires a lot of IPv4 addresses, while IPv4 addresses are becoming quite scarce and very expensive. For this reason we started the process to get the current limit of two relays per IPv4 address increased to reduce the cost of running high bandwidth Tor servers. You can find our proposal on Tor's Gitlab: https://gitlab.torproject.org/tpo/core/tor/-/issues/40744. If you would like to support this proposal, let us know and we add your domain/nick to the issue :). This topic will also be on the agenda of the Tor Relay Operator Meetup on 2023-01-28 19:00 UTC: https://lists.torproject.org/pipermail/tor-relays/2023-January/020973.html. See you there! - https://applied-privacy.net/ https://artikel10.org/ https://nothingtohide.nl/

1 0

bridge going down
by Anonforpeace 21 Jan '23

21 Jan '23

Hello: I have recently built a Tor Bridge (nickname is h4ck3rspace) and when it first went up, it was up to about two weeks and then it went down. So I brought it up again and ever since, it routinely goes down every 1 to 3 nights, between 8p and 10p EST. I've never seen this type of behavior before. Is there a way to know why it keeps going down so often, and subsequently how to prevent it? My area doesn't suffer from power outages and each time I restart Tor I wait to make sure it says that it is visible externally and that it will be published. Any help is greatly appreciated. Thank you Sent with [Proton Mail](https://proton.me/) secure email.

1 0

backports obfs4proxy unsigned
by tor 15 Jan '23

15 Jan '23

the backport of obfs4proxy seems to be unsigned I needed to use: deb [trusted=yes] http://deb.debian.org/debian bullseye-backports main

2 1

obfs4proxy ubuntu jammy arm64
by tor 14 Jan '23

14 Jan '23

Hello I'm running ubuntu, jammy, arm64. When I run: machine@user_1:~$ sudo apt-get install obfs4proxy Reading package lists... Done Building dependency tree... Done Reading state information... Done obfs4proxy is already the newest version (0.0.13-1). 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Where do I get version 14? -m On Fri, Jan 13, 2023 at 7:00 AM <tor-relays-request(a)lists.torproject.org> wrote: > Send tor-relays mailing list submissions to > tor-relays(a)lists.torproject.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > or, via email, send a message with subject or body 'help' to > tor-relays-request(a)lists.torproject.org > > You can reach the person managing the list at > tor-relays-owner(a)lists.torproject.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of tor-relays digest..." > > > Today's Topics: > > 1. obfs4proxy on arm64 (tor) > 2. Re: obfs4proxy on arm64 (meskio) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 12 Jan 2023 18:11:40 -0500 > From: tor <tor(a)kevinandmatt.com> > To: tor-relays(a)lists.torproject.org > Subject: [tor-relays] obfs4proxy on arm64 > Message-ID: > <CAE8TgqTFidzSHmS+u2h5OBfwaS2xaK_tqc3ddh6jcm4= > OdgRLA(a)mail.gmail.com> > Content-Type: text/plain; charset="utf-8" > > Hi > Where do I find the updated version of obfs4proxy for arm64? > -m > > On Wed, Jan 11, 2023 at 7:00 AM <tor-relays-request(a)lists.torproject.org> > wrote: > > > Send tor-relays mailing list submissions to > > tor-relays(a)lists.torproject.org > > > > To subscribe or unsubscribe via the World Wide Web, visit > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > > or, via email, send a message with subject or body 'help' to > > tor-relays-request(a)lists.torproject.org > > > > You can reach the person managing the list at > > tor-relays-owner(a)lists.torproject.org > > > > When replying, please edit your Subject line so it is more specific > > than "Re: Contents of tor-relays digest..." > > > > > > Today's Topics: > > > > 1. Re: security update for obfs4proxy (meskio) > > > > > > ---------------------------------------------------------------------- > > > > Message: 1 > > Date: Tue, 10 Jan 2023 19:51:49 +0100 > > From: meskio <meskio(a)torproject.org> > > To: tor-relays <tor-relays(a)lists.torproject.org> > > Subject: Re: [tor-relays] security update for obfs4proxy > > Message-ID: <167337670907.1540.14665065923373201554@localhost> > > Content-Type: text/plain; charset="utf-8" > > > > We have made public the details of the distinguishability bugs that were > > affecting obfs4: > > https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/91 > > > > > https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/obfs… > > > > Most bridges are already upgraded, thank you all bridge operators for the > > work > > here. > > > > Quoting meskio (2022-10-14 11:28:44) > > > Hello, > > > > > > The latest version of obfs4proxy (0.0.14) comes with an important > > security fix. > > > If you are running a obfs4 Tor bridge please upgrade as soon as > possible. > > > > > > If you use debian you can find the Debian package in stable-backports: > > > https://packages.debian.org/stable-backports/obfs4proxy > > > > > > If you use docker you'll find the latest version in docker hub: > > > https://hub.docker.com/r/thetorproject/obfs4-bridge/ > > > > > > Or you can find the source code in the upstream repository: > > > https://gitlab.com/yawning/obfs4 > > > > > > If you need help upgrading your relay, please use this mailing list or > > the Tor > > > Forum: > > > https://forum.torproject.net/c/support/relay-operator/17 > > > > > > We appreciate a lot your effort and time! > > > > > > Thank you > > > > -- > > meskio | https://meskio.net/ > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > My contact info: https://meskio.net/crypto.txt > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > > Nos vamos a Croatan. > >

3 4

obfs4proxy on arm64
by tor 13 Jan '23

13 Jan '23

Hi Where do I find the updated version of obfs4proxy for arm64? -m On Wed, Jan 11, 2023 at 7:00 AM <tor-relays-request(a)lists.torproject.org> wrote: > Send tor-relays mailing list submissions to > tor-relays(a)lists.torproject.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > or, via email, send a message with subject or body 'help' to > tor-relays-request(a)lists.torproject.org > > You can reach the person managing the list at > tor-relays-owner(a)lists.torproject.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of tor-relays digest..." > > > Today's Topics: > > 1. Re: security update for obfs4proxy (meskio) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 10 Jan 2023 19:51:49 +0100 > From: meskio <meskio(a)torproject.org> > To: tor-relays <tor-relays(a)lists.torproject.org> > Subject: Re: [tor-relays] security update for obfs4proxy > Message-ID: <167337670907.1540.14665065923373201554@localhost> > Content-Type: text/plain; charset="utf-8" > > We have made public the details of the distinguishability bugs that were > affecting obfs4: > https://gitlab.torproject.org/tpo/anti-censorship/team/-/issues/91 > > https://gitlab.torproject.org/tpo/anti-censorship/pluggable-transports/obfs… > > Most bridges are already upgraded, thank you all bridge operators for the > work > here. > > Quoting meskio (2022-10-14 11:28:44) > > Hello, > > > > The latest version of obfs4proxy (0.0.14) comes with an important > security fix. > > If you are running a obfs4 Tor bridge please upgrade as soon as possible. > > > > If you use debian you can find the Debian package in stable-backports: > > https://packages.debian.org/stable-backports/obfs4proxy > > > > If you use docker you'll find the latest version in docker hub: > > https://hub.docker.com/r/thetorproject/obfs4-bridge/ > > > > Or you can find the source code in the upstream repository: > > https://gitlab.com/yawning/obfs4 > > > > If you need help upgrading your relay, please use this mailing list or > the Tor > > Forum: > > https://forum.torproject.net/c/support/relay-operator/17 > > > > We appreciate a lot your effort and time! > > > > Thank you > > -- > meskio | https://meskio.net/ > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > My contact info: https://meskio.net/crypto.txt > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Nos vamos a Croatan. >

2 1

security update for obfs4proxy
by meskio 10 Jan '23

10 Jan '23

Hello, The latest version of obfs4proxy (0.0.14) comes with an important security fix. If you are running a obfs4 Tor bridge please upgrade as soon as possible. If you use debian you can find the Debian package in stable-backports: https://packages.debian.org/stable-backports/obfs4proxy If you use docker you'll find the latest version in docker hub: https://hub.docker.com/r/thetorproject/obfs4-bridge/ Or you can find the source code in the upstream repository: https://gitlab.com/yawning/obfs4 If you need help upgrading your relay, please use this mailing list or the Tor Forum: https://forum.torproject.net/c/support/relay-operator/17 We appreciate a lot your effort and time! Thank you -- meskio | https://meskio.net/ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- My contact info: https://meskio.net/crypto.txt -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Nos vamos a Croatan.

4 12

Netcraft spam
by jvoisin 10 Jan '23

10 Jan '23

Hello everyone, at Nos-Oignons[1], we're getting spammed, not only on abuse(a)nos-oignons.net, but also on our contact email, and so is our hoster and its upstream but Netcraft[2]. Of course, we started by diligently answering the emails, but now it does feel like a waste of everybody's time. We told them we're hosting tor nodes, and that there is little we can do to prevent morons from abusing the network and using our relays for bad things™, but the netcraft spam keeps coming, annoying everyone. Is this something other operators have seen too or are we alone? If so, is there anything that can be done to make them understand what's going on? Than,s 1. https://nos-oignons.net 2. https://www.netcraft.com/cybercrime/countermeasures/ -- Julien (jvoisin) Voisin GPG: 04D041E8171901CC dustri.org

4 3

I think I'm available 24/7
by fastliftednloud 09 Jan '23

09 Jan '23

I apologize for my newbie-ness. I'm game to do my part and operate a relay, something simple for a technologically simple guy, like a guard or middle relay. I'm about ready to try and install for operation on my windows PC. The resources say that if you want to operate a relay on windows you need to be available 24/7. I think I am, could someone confirm this for me please. I live where I work, I run a family farm so I work outside but I rarely leave the property and I can clock in and out as I see fit. This leads me to believe I'm G2G but I want to make sure of this before I start working on a relay install only to waste my time. Thanks for any useful info and while I'm here, sup people? I'm the new guy.

2 1

Short heads up (was: Re: Another attempt against Tor DDoS)
by Frank Steinborn 09 Jan '23

09 Jan '23

Hi friends, I made some smaller tweaks over the last few hours which should especially help relays on nearly OOM or thrashing situations (making use of Zswap + MGLRU if available). The rules themselves are just the same, so no changes there. Merry christmas, Frank ------- Original Message ------- On Sunday, December 4th, 2022 at 11:25 PM, Frank Steinborn <steinex(a)nognu.de> wrote: > > > Hi, > > I want to show you my anti DDoS solution for my relays (aswell ;-). It works without ipset, but with a mix of the recent and hashlimit iptables modules. > > What is does: > * If one IP address tries to make 7 SYN connection attempts per second, they are locked out for 300 seconds. If they try another connection in that timeframe, the timer is reset and they are locked out for another 300 seconds. > * Threre are no more SYNs allowed if 4 connections are already in use to the ORPort. > > It works very well for me. Other solutons are far more aggressive but I feel my solution works perfectly against the attacks, even if they are not that aggresive. > > On top of that, I feel its more easy to implement into ones existing firewall solution. > > You can find the repo here: https://github.com/steinex/tor-ddos > > Feel free to give it a shot and feedback would be much appreciated! > > Greetings, > steinex

3 2