Hi there, I was considering to run an Exit node with my own pc, however, i have some questions about exit node. 1. How can I know if there is a client specifying me as an exit node and the traffic is sent from the client to me directly(where my exit node is the first node and also the last node for the client.)? 2. If i found some clients trying to do something bad by using the method mentiond in 1., how can I stop him? Is iptables or anything else can help me to block such clients? Hope there's someone can answer me. Thank you!
On 2014-05-07 09:56:18 (+0000), Pika ohc wrote:
- How can I know if there is a client specifying me as an exit node and the
traffic is sent from the client to me directly(where my exit node is the first node and also the last node for the client.)?
That never happens so you shouldn't worry about it.
- If i found some clients trying to do something bad by using the method
mentiond in 1., how can I stop him? Is iptables or anything else can help me to block such clients?
If you fiddle with the outgoing traffic the most probable result is that you'll earn the BadExit flag. Read about it in [1] or elsewhere.
[1] https://trac.torproject.org/projects/tor/wiki/doc/badRelays
Dear David and tor-talkers, Thanks for your kindly reply. According to [1], i am still wondering if it is possbile to make the minimum route path length as 1 (which default is set to 3) and set Exitnodes to my server as default exit nodes in the clients' torrc. Moreover, if the setting I mentioned is possible, the client can send all the traffic directly to my server and ask my server(exit node) to relay to the destination, where the scenario may be as the same as that described on [1]. Sorry for asking the question again with your answer. And looking forward to the answers. :)
[1] http://tor.stackexchange.com/questions/1458/i-noticed-direct-connection-to-e... Date: Wed, 7 May 2014 13:07:12 +0200 From: tor@dserrano5.es To: tor-relays@lists.torproject.org Subject: Re: [tor-relays] About running an Exit node
On 2014-05-07 09:56:18 (+0000), Pika ohc wrote:
- How can I know if there is a client specifying me as an exit node and the
traffic is sent from the client to me directly(where my exit node is the first node and also the last node for the client.)?
That never happens so you shouldn't worry about it.
- If i found some clients trying to do something bad by using the method
mentiond in 1., how can I stop him? Is iptables or anything else can help me to block such clients?
If you fiddle with the outgoing traffic the most probable result is that you'll earn the BadExit flag. Read about it in [1] or elsewhere.
[1] https://trac.torproject.org/projects/tor/wiki/doc/badRelays
On 7 May 2014 10:09, Pika ohc pikaonthefly@outlook.com wrote:
Thanks for your kindly reply. According to [1], i am still wondering if it is possbile to make the minimum route path length as 1 (which default is set to 3) and set Exitnodes to my server as default exit nodes in the clients' torrc. Moreover, if the setting I mentioned is possible, the client can send all the traffic directly to my server and ask my server(exit node) to relay to the destination, where the scenario may be as the same as that described on [1]. Sorry for asking the question again with your answer. And looking forward to the answers. :)
An exit node checks the prior node in the path, and if it is not part of the Tor Network, will not allow a single-hop path to be built through it*. This settings can be disabled on the ExitNode (that is, you can explicitly allow that behavior) by setting ExcludeSingleHopRelays. (https://www.torproject.org/docs/tor-manual.html.en#ExcludeSingleHopRelays)
I suspect that someone could trick the Exit Node by running a tor relay and building a SingleHop circuit through your exit node from the same machine running the relay - but generally speaking this is not something you should worry about, as it affects everyone equally.
-tom
* Take these statements at a high level, and if you want to know _exactly_ how it 'checks if it's part of the network' or 'checks the prior node in the path', you should read the source.
On 14-05-07 10:37 AM, Tom Ritter wrote:
On 7 May 2014 10:09, Pika ohc pikaonthefly@outlook.com wrote:
Thanks for your kindly reply. According to [1], i am still wondering if it is possbile to make the minimum route path length as 1 (which default is set to 3) and set Exitnodes to my server as default exit nodes in the clients' torrc. Moreover, if the setting I mentioned is possible, the client can send all the traffic directly to my server and ask my server(exit node) to relay to the destination, where the scenario may be as the same as that described on [1]. Sorry for asking the question again with your answer. And looking forward to the answers. :)
An exit node checks the prior node in the path, and if it is not part of the Tor Network, will not allow a single-hop path to be built through it*. This settings can be disabled on the ExitNode (that is, you can explicitly allow that behavior) by setting ExcludeSingleHopRelays. (https://www.torproject.org/docs/tor-manual.html.en#ExcludeSingleHopRelays)
The above option is for Tor clients to say what they will use. I think the option relevant to a relay operator would be AllowSingleHopExits 0
You may also want to set RefuseUnknownExits 1 to get some level of assurance from Tor authorities that the nodes using your exit are legit.
I suspect that someone could trick the Exit Node by running a tor relay and building a SingleHop circuit through your exit node from the same machine running the relay - but generally speaking this is not something you should worry about, as it affects everyone equally.
There are historical examples of Tor clients and scripts (e.g. SOAT) that try to build single hop circuits to test various conditions on the network. You can also do it manually with the ARM Tor controller. The AllowSingleHopExits 0 setting would make these harder, as the client would have to emulate a relay well enough to fool whatever check that option runs.
However, nothing prevents someone from operating an entry guard and a middle node on two separate machines, and then having a client on another computer create a circuit through them to your exit node. You would not be able to tell that it was all from the same source. Use of the MyFamily option is optional ;)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
On 5/7/2014 12:56 PM, Pika ohc wrote:
Hi there,
I was considering to run an Exit node with my own pc, however, i have some questions about exit node.
It's very nice you want to contribute to the Tor network by running a relay. If you can spare the budget, it's always better to run a Tor exit relay at a datacenter, on a dedicated or virtual server, and that machine to have only on scope: Tor relay. If you go on this way make sure you specify to the provider that it will be a Tor relay and it will consume bandwidth more than usual.
- How can I know if there is a client specifying me as an exit
node and the traffic is sent from the client to me directly(where my exit node is the first node and also the last node for the client.)?
That is not allowed by default in Tor. You don't need to do anything to protect against this since it won't happen. An user can trick your exit node into thinking that "he" is a Tor relay too, but this will not affect you in any way and it will just have terrible anonymity impact over the so-called "attacker". This would not be something sane to do, I mean nobody would benefit anything out of doing this, it will just decrease their level of anonymity. This affects everyone so it's no cause for worrying.
- If i found some clients trying to do something bad by using the
method mentiond in 1., how can I stop him? Is iptables or anything else can help me to block such clients?
This is irrelevant. You should not do anything and you should not even monitor what the users are doing via your exit relay. Restrict what you do not want to allow by using reject argument in torrc. For example, block port 25 to prevent spam (SMTP) - this is where most abuse comes from. And if you are in a country concerned about p2p filesharing, reject high ports too commonly known to be used by bittorrent. You can find on torproject.org reduced exit policy example. Other than port 25 it's not anything else important what somebody could do to cause harm to you relay, in the real sense of the world. If you consider scanning or bruteforcing SSH or other services relevant, you should not :)
If you are an exit relay, include a valid contact email address in torrc. Run a page on port 80 of the relay's IP (DirPortFrontPage if you use DirPort on port 80) and explain that this is a Tor exit relay, explain in few words what Tor is and provide a valid contact email address so concerned people can at least send you an email. You can find this page sample just by searching on google "this is a tor exit router".
Hope there's someone can answer me. Thank you!
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
- How can I know if there is a client specifying me as an exit node and
the traffic is sent from the client to me directly(where my exit node is the first node and also the last node for the client.)? 2. If i found some clients trying to do something bad by using the method mentiond in 1., how can I stop him? Is iptables or anything else can help me to block such clients?
The other replies seem to be a bit confused.
The tor client selects the relays for the circuit himself. If somebody wants to use your exit node they don't need to connect directly to it and pretend to be a relay, they could build a circuit that would exit via your exit node. They would even stay anonymous, due to tor.
You don't need to hack the tor source for that, you can specify the exit node via the .exit notation. It's a feature.
Even if it wasn't a feature, there's nothing that can be done to prevent it, since we can't know if you got randomly or directly selected to be the exit node.
Anyway, I agree with you, somebody could increase your complaints you have to answer that way. I asked myself the same question recently. If you know somebody will do this to your exit, use another identity to run your exit or don't allow exits and run a relay instead. Running a relay is fun, too.
tl;dr: It's possible and easy to do it, but I don't think it's unlikely somebody randomly selects you to do that.
tor-relays@lists.torproject.org
-
David Serrano -
krishna e bera -
kzhm@mailtor.net -
Pika ohc -
s7r@sky-ip.org -
Tom Ritter