On 3/3/11 12:50 PM, Moritz Bartl wrote:
Hi,
On 03.03.2011 12:29, Fabio Pietrosanti (naif) wrote:
Still i would like to point out a *practical* feeling that i got from a lot of person i tried to say "hey, run an exit node!".
I fully accept and understand your point. That's exactly why I started Torservers.net, so you can "run" a Tor exit without having to bother with complaints. That's the "low maintainance Tor exit" you are talking about. :)
You right, but a lot of nerds are willing to do 'something fun' by installing and running a TOR node and less committed to only providing financial support trough donation. The feeling of the gratification and satisfaction of doing something good (and fun) come also from your hands-on hacking by playing out with the technology. You see your graph of bandwidth that satisfy you, you do some basic maintenance task like upgrading tor and you got also gratification for the fact that you installed/manage and it works ;-) . Additionally you are taking "some risks" and you tell that you run your tor node to your friends, speaking about it, etc, etc (sounds like a psycoanalitical point of part of a nerd attitude in the participation to oss/freedom of speech/anonimity projects).
Centralization IS bad. That's why the purpose of Torservers.net is to also want to encourage other people to follow our example, form organizations etc. We were able to find a pro-bono lawyer, our headquarters are based in his office etc, and bandwidth bought in bulk is much cheaper. Hopefully I can publish some more guides, but a few are already available in our wiki: https://www.torservers.net/wiki/
And that's a really cool approach! I find that creating a model of organization with the goal to build up the knowledge and tool to allow an easier fork of similar community it's a very intelligent move! Here in italy german hackers are really perceived like "very cool in the organization". German production quality :-)
e.g. the complete server setup we use: https://www.torservers.net/wiki/setup/server
Some person tried to run an exit node, then they got their internet connection disconnected due to high number of claim.
Most people are better of by running a node with a very limited exit policy. I get NO complaints whasoever for the exit that only allows 22, 53 and 443, for example.
With ssh i got several portscan notice (at least once per week), but most of them are on port 80 sweeping networks for web attacks. I keep that ExitPolicy of https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment even if just now i temporary disabled ssh in the meantime trying to find a good way to detect outgoing portscan.
With standard iptables related tools i am not finding a reasonable (from system administration point of view) way to be able to detect OUTGOING portscan originating from your own host.
Almost most tools and techniques are for detecting INGOING portscan and filtering the source of the portscan. But here WE are the source of the portscan, we cannot just block outself!
That's an interesting technical issue to be analyzed and solved!
Be Public: Spend a couple of bucks on printouts, flyers, whatever. Distribute them. Go out, hold workshops. Write an excellent blog. In general: SHOW your opinion. FIGHT propaganda. Our world is in such a bad shape because people stay quiet, not because too few people run exits.
You right but also a lot of things may depend on your time availability or just your attitude. You may find difficult to organize public activities or even non-nerd activity requiring to go around, organize people, goods, doing the startup and management of a local community can be a difficult (or just annoying) task for a lot of people. Part the hacking environments maybe just be out of time availability (due to work for example) or just lazy.
etc etc.
In such condition I DO NOT WANT any traffic to go to italian networks,
Italy has worse problems than someone trying to run an exit. Work on those. Make people understand that looking at half-naked women on government TV isn't something that helps.
You can still form an organization that lobbies for Tor, organizes local Tor user groups, coding sessions etc. This is time much better spent than fighting for the right to run some [relatively] small exit.
Eh, damn, that's a cool things but you really need to be able to dedicate and if you don't have enough time (like me) you keep spending your remaining free time at home just at night (after work) or during the weekend. That's a pain!
In past i've done several groups organization but it still require a very important effort that if you can't afford it will not work (still have few time trying to start www.globaleaks.org.
So, i am finding some fun stuff to do related with tor in my not-that-much-free-time (damn!) that i think could be useful.
Again, I understand your thoughts. For example, a list of public bittorrent trackers that lead to DMCA complaints would be excellent to have. Unfortunately, we don't have an ISP that allows us to test this.
Mmmm to setup something like this it would be probably interesting.
However my point is to work around the fact that the current ExitPolicy method is relatively weak if you want to properly fine tune what a person, as tor exit-node, would allow to get out from the node.
-naif http://infosecurity.ch