Considering setting up an exit, need advice
Hello everyone, I'm thinking about setting up an exit here at my university here in the US. My ISP has no problem with Tor relays on the fast connections, but I haven't inquired about exits. I'd be running the exit on a surplus computer that I have control over in a lab in one of the main buildings. How do I ask my ISP about it? I'll be doing some research as to what ports I can open to contribute yet avoid being flooded by complaints, but if anyone has any tips I'd appreciate it. Would it be a good idea to copy the exit policy of the node at MIT? Is there a way to configure the Linux firewall so that only Tor has Internet access, in order to help show that I wasn't behind anything that comes out of the exit? I'm basically just looking to get started here if this is feasible, and looking for advice.
Hi! A good place to start is probably here: https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy https://www.torservers.net/wiki/setup/server Best, dope457 On 23.1.2014 19:29, Jesse Victors wrote:
Hello everyone,
I'm thinking about setting up an exit here at my university here in the US. My ISP has no problem with Tor relays on the fast connections, but I haven't inquired about exits. I'd be running the exit on a surplus computer that I have control over in a lab in one of the main buildings. How do I ask my ISP about it? I'll be doing some research as to what ports I can open to contribute yet avoid being flooded by complaints, but if anyone has any tips I'd appreciate it. Would it be a good idea to copy the exit policy of the node at MIT? Is there a way to configure the Linux firewall so that only Tor has Internet access, in order to help show that I wasn't behind anything that comes out of the exit? I'm basically just looking to get started here if this is feasible, and looking for advice.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Schools are like work... either it's a free for all or requires permission and signoff. Especially for anything that can take heat, like an exit. To avoid issues, check with your administration... both the network people and the people you report to policy/class wise. Neither are hard to find or talk with. Thanks for running a relay. Also... https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays-universitie...
On 01/23/2014 07:29 PM, Jesse Victors wrote:
I'm thinking about setting up an exit here at my university here in the US.
Cool!
I'll be doing some research as to what ports I can open to contribute yet avoid being flooded by complaints, but if anyone has any tips I'd appreciate it.
It will already be very helpful if you just pick a small subset from the Reduced Exit Policy. https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy
Would it be a good idea to copy the exit policy of the node at MIT? Is there a way to configure the Linux firewall so that only Tor has Internet access, in order to help show that I wasn't behind anything that comes out of the exit?
I don't think that that will help much or is worth the effort. You could have done Bad Stuff, then (re)configured the firewall.
I'm basically just looking to get started here if this is feasible, and looking for advice.
I hope you have seen both https://trac.torproject.org/projects/tor/wiki/doc/TorExitGuidelines as well as https://trac.torproject.org/projects/tor/wiki/doc/TorGuideUniversities . In short, look up the abuse contact of your (future) exit relay, and make new friends there. And find a professor that supports you. -- Moritz Bartl https://www.torservers.net/
Jesse Victors <jvictors@jessevictors.com> wrote:
I'm thinking about setting up an exit here at my university here in the US. My ISP has no problem with Tor relays on the fast connections, but I haven't inquired about exits. I'd be running the exit on a surplus computer that I have control over in a lab in one of the main buildings. How do I ask my ISP about it? I'll be doing some research as to what
Get out your campus phone book and look up their number. For all practical purposes, a university is its own ISP. Call your campus networking staff. They are good people to be acquainted with anyway for many practical reasons.
ports I can open to contribute yet avoid being flooded by complaints, but if anyone has any tips I'd appreciate it. Would it be a good idea to copy the exit policy of the node at MIT? Is there a way to configure the Linux firewall so that only Tor has Internet access, in order to help show that I wasn't behind anything that comes out of the exit? I'm
Probably not. For one thing, you would then be restricted to using sneakernet to install new versions of tor.
basically just looking to get started here if this is feasible, and looking for advice.
You have two approaches from which to choose. One is to call them up, explain what you'd like to do, and ask their advice on how to do it without breaking any university rules. Networking staffs at university are not ordinarily concerned with content, but might be interested in how much traffic (i.e., network capacity) you hope to tie up with your relay. The other approach is based on the widely held belief that it is often better to ask for forgiveness than permission. :-) Scott Bennett, Comm. ASMELG, CFIAG ********************************************************************** * Internet: bennett at sdf.org *or* bennett at freeshell.org * *--------------------------------------------------------------------* * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * * -- Gov. John Hancock, New York Journal, 28 January 1790 * **********************************************************************
Thanks guys for the tips. I followed the docs and suggestions here and on the blog/website, carefully worded an email to them, and sent it off earlier today. They just got back with me and they were on board with the idea! They even gave me some tips on setting it up, and were considering setting up a guard of their own as part of their infrastructure. So I think my exit will be going up sometime this week, thanks for the help! Things are looking really positive here, so I'm really happy. :) Jesse V.
On Mon, Jan 27, 2014 at 09:57:18PM -0700, Jesse Victors wrote:
Thanks guys for the tips. I followed the docs and suggestions here and on the blog/website, carefully worded an email to them, and sent it off earlier today. They just got back with me and they were on board with the idea! They even gave me some tips on setting it up, and were considering setting up a guard of their own as part of their infrastructure. So I think my exit will be going up sometime this week, thanks for the help! Things are looking really positive here, so I'm really happy. :)
Great! My next suggestion would be to set up a meeting with them in person, so they can see that you're an actual human who is reasonable and rational. Then if anything comes up in the future that makes them hesitate, you'll already have a relationship with them. (And if you happen to pass a news stand on the way, you could pick up a copy of Business Week and give it to them, so they can use it to persuade other people on their side. :) --Roger
participants (6)
-
dope457 -
grarpamp -
Jesse Victors -
Moritz Bartl -
Roger Dingledine -
Scott Bennett