Dear bad-relays,
Would you consider banning the following Exits / Guards?
They have an incorrect ContactInfo, which uses the domain of a legitimate relay operator, torworld.org. This may be an attempt to evade automated sybil analysis, as may their variant ContactInfos.
They also don't have MyFamily set, which allows them to collect Guard and Exit traffic from the same clients.
38FCC78FA24743674B902018708656144B1F2C9C Endymion e @ torworld.org - 187SRPJHhgJe1ZtdN68wA7Fah8zyWFooii 7088D485934E8A403B81531F8C90BDC75FA43C98 Basil e @ torworld.org 539FE1D1E6118F4807AB24EDE6E8055BE34F4F5E SurfingAOL e@torworld.org 3D512D9ACD9A6056ED6EA20C46406FA5A6788321 Gigi e [at] torworld.org 1E1FF55109A19DE6442F80FF7901D7FBB6E241FA LOLHillary e AT TorWorld.org 0966A24977A0B0DB62546C6F18F9578D97FE86F0 Cajun e [AT] torworld.org
Details below:
On 19 Jan 2017, at 08:44, Paul pa011@web.de wrote:
I recently got this answer from "torworld.org" -see below.
They told me that a relay https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A67883... with contact "e @torworld" is not operated by them.
As nusenu showed at the end of the message some days ago somebody with a similar contact address was running 5 at the time, currently 6 relays.
Some questions I like to ask:
Why is somebody running relays with the contact domain of another party?
Is there a way that mails ever reach e@torworld.org?
Why not giving a correct MyFamily set-up when running 6 relays?
5 of 6 relays have a Guard status - let me remind on a recent discussion "How can we trust the guards?" ?
Regards Paul
-------- Weitergeleitete Nachricht -------- Return-Path: abuse@torworld.org
Subject: Re: [tor-relays] 'MyFamily' .... torworld.org To: pa011 pa011@web.de From: Abuse TorWorld abuse@torworld.org Date: Thu, 12 Jan 2017 10:54:58 -0800
Hello,
This Exit node is not affiliated with us.
"https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A67883..."
All the nodes we'll operate will have this "abuse [AT] torworld.org - BTC 17iwdtpmgHdPt15twdT2sUcdeKgz9PTNMQ" In their contact info area, and when the website is back up. You can check to see a list of current Tor nodes we operate etc.
As for the MyFamily for the Guard/Middle nodes; Lunar operates/runs those. So you'll have to get in contact with him if you want to talk about his MyFamily setup.
Take care,
On 1/10/2017 1:16 PM, pa011 wrote:
Am 10.01.2017 um 21:01 schrieb nusenu:
pa011:
Could you explain please why names like torworld.org, torservers.net, online de, etc. are not aggregated in one position on https://raw.githubusercontent.com/ornetstats/stats/master/o/main_exit_operat...
https://github.com/ornetstats/stats writes:
Relays are aggregated based on effective families.
So they are not setting MyFamily properly or someone else is using their contactInfo.
Maybe I should rename the files to main_..._families.txt
Better would be a warning: Family currently worth nothing !!
torservers.net: https://atlas.torproject.org/#details/ABF7FBF389C9A747938B639B20E80620B460B2... -> no one of the given family is blue, so yes the family seems wrong
zwiebeln online de: https://atlas.torproject.org/#details/0E2773CF5609FD7FA52837E53DF4B0D47F0D15... -> all the family members are blue, counting 27 , which is slightly more than your 2 lines added together this morning
torworld.org : https://atlas.torproject.org/#details/3D512D9ACD9A6056ED6EA20C46406FA5A67883... -> currently 12 big Exits - no Family given at all at https://torstatus.rueckgr.at/index.php
Am 15.01.2017 um 01:02 schrieb nusenu:
Hi e AT torworld.org,
thanks for running 5 relays!
Please do not forget to set the MyFamily parameter in your torrc configuration to tell clients your relays belong to a single operator.
If you need help with the MyFamily option let us know.
thanks, nusenu https://github.com/nusenu/ansible-relayor
+---------------------+------------+------+----------------+ | contact | nickname | exit | eMyFamilyCount | +---------------------+------------+------+----------------+ | e @ torworld.org | Basil | 1 | NULL | | e AT TorWorld.org | LOLHillary | 1 | NULL | | e [AT] torworld.org | Cajun | 0 | NULL | | e [at] torworld.org | Gigi | 1 | NULL | | e@torworld.org | SurfingAOL | 1 | NULL | +---------------------+------------+------+----------------+
https://raw.githubusercontent.com/ornetstats/stats/master/o/potentially_dang...
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
T
-- Tim Wilson-Brown (teor)
teor2345 at gmail dot com PGP C855 6CED 5D90 A0C5 29F6 4D43 450C BA7F 968F 094B ricochet:ekmygaiu4rzgsk6n xmpp: teor at torproject dot org ------------------------------------------------------------------------