[tor-relays] Exit policy question

Mike Perry mikeperry at fscked.org
Thu Jun 2 23:29:13 UTC 2011


Thus spake George Gemelos (gmg at gemelos.com):

> >On Thu, Jun 02, 2011 at 05:22:13PM +0000, George Gemelos wrote:
> >>  Is there a further reduced set that might be better, in the
> >>  sense of
> >>avoiding complaints, and still remain useful as an exit node?
> >
> >You could get your toes wet by "accept *:80, accept *:443, reject
> >*:*".  That would let people browse the web through you, which is
> >very useful, while somewhat reducing the variety of abuse
> >complaints you might get.
> >
> >Then if it goes well for a while, you could open up a few more
> >ports.
> >
> >Also, if later your ISP decides that it's getting too much mail and
> >asks you to quit it, you can tell them about the time you allowed
> >only web browsing and they didn't mind -- then you have something
> >to fall back to that isn't just being a non-exit.
> 
> I was actually thinking of just allowing 80 and 443.  My only
> concern was that I was not sure how useful an exit node with just 80
> and 443 would be. 

For the current consensus, according to the extra-info documents
parsed by:
https://gitweb.torproject.org/torflow.git/blob_plain/HEAD:/NetworkScanners/statsplitter.py
nodes running the default policy have a port bytecount breakdown like:

 Default exit blutmagie4 read 604.3M
   80: 68.6% other: 25.8% 443: 3.1% 51413: 0.6% 55315: 0.5% 59776: 0.3% 
 Default exit blutmagie4 wrote 96.2M
   other: 81.4% 80: 12.1% 443: 3.4% 51413: 1.5% 44596: 1.4% 4000: 0.1% 

 Default exit rainbowwarrior read 736.8M
   other: 70.2% 80: 24.6% 443: 1.1% 51413: 1.1% 6881: 1.0% 35691: 0.5% 
 Default exit rainbowwarrior wrote 277.0M
   other: 92.1% 51413: 1.9% 80: 1.8% 6881: 1.4% 33526: 1.0% 4662: 1.0% 

 Default exit politkovskaja read 520.5M
   other: 72.6% 80: 23.6% 443: 1.0% 51413: 0.9% 6881: 0.7% 54909: 0.4% 
 Default exit politkovskaja wrote 192.4M
   other: 92.0% 4662: 1.7% 80: 1.6% 6881: 1.4% 51413: 1.3% 6995: 0.6% 


Where as nodes running the reduced exit policy have a port bytecount
breakdown like:

 Misc Exit raidz read 327.3M
   80: 92.0% 443: 4.6% 8333: 1.4% 8080: 0.7% 563: 0.4% 81: 0.4% 
 Misc Exit raidz wrote 11.6M
   80: 65.4% 443: 21.5% 8333: 10.5% other: 2.3% 8080: 0.2% 563: 0.1% 

 Misc Exit zeller read 315.4M
   80: 94.6% 443: 4.4% 8080: 0.3% 81: 0.2% 8000: 0.2% other: 0.1% 
 Misc Exit zeller wrote 11.2M
   80: 71.6% 443: 22.4% 21: 4.5% other: 0.9% 8000: 0.3% 8333: 0.2% 

 Misc Exit Amunet2 read 182.1M
   80: 93.4% 443: 5.4% 8080: 0.6% other: 0.2% 81: 0.2% 995: 0.1% 
 Misc Exit Amunet2 wrote 6.3M
   80: 71.6% 443: 26.5% other: 1.1% 22: 0.6% 8080: 0.1% 995: 0.0% 


So if you've already committed to the reduced exit policy, 95%+ of the
traffic will be 80+443. 


P.S. Odd that the blutmagie nodes all appear to be reading quite a
lot of port 80 data when compared to other default exits. Perhaps some
scrapers have hardcoded them as their favorite exits?

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20110602/126027e6/attachment.pgp>


More information about the tor-relays mailing list