[tor-relays] [Fwd: Re: I'm Running A Tor Exit But Never Initiated It]
Gumby
info at gumbyzee.torzone.net
Tue May 31 19:30:25 UTC 2016
So exactly why is he unable to kill the process? Even as su ? But also,
if this is all taking place, what spook "agency" is doing the install,
where a new drive gets the same and spreads?
Where did the install iso get downloaded from, and did the hash get
checked?
Me
On 05/31/2016 03:16 PM, Greg Moss wrote:
>
> Wow – I’m looking to see if mine has been taken over. How do I find
> that file below on mine?
>
> *From:*tor-relays [mailto:tor-relays-bounces at lists.torproject.org] *On
> Behalf Of *Percy Blakeney
> *Sent:* Tuesday, May 31, 2016 12:07 PM
> *To:* tor-relays at lists.torproject.org
> *Subject:* Re: [tor-relays] [Fwd: Re: I'm Running A Tor Exit But Never
> Initiated It]
>
> And this:
>
> # Tor state file last generated on 2016-05-31 14:31:06 local time
> # Other times below are in UTC
> # You *do not* need to edit this file.
>
> EntryGuard Jans 50586E25BE067FD1F739998550EDDCB1A14CA5B2 DirCache
> EntryGuardUnlistedSince 2016-05-31 18:00:11
> EntryGuardAddedBy 50586E25BE067FD1F739998550EDDCB1A14CA5B2 0.2.4.27
> 2016-04-28 16:16:20
> EntryGuardPathBias 104.000000 104.000000 100.000000 4.000000 0.000000
> 0.000000
> EntryGuard Unnamed B2CB9E5C80367C9026A806EC4801E22425AA7E8A DirCache
> EntryGuardAddedBy B2CB9E5C80367C9026A806EC4801E22425AA7E8A 0.2.4.27
> 2016-04-20 04:00:54
> EntryGuardPathBias 5.000000 4.000000 4.000000 0.000000 0.000000 0.000000
> EntryGuard Unnamed 1DE193C88576C3B377CEFCDB6E6E8B91F195D252 DirCache
> EntryGuardUnlistedSince 2016-05-17 01:51:36
> EntryGuardAddedBy 1DE193C88576C3B377CEFCDB6E6E8B91F195D252 0.2.4.27
> 2016-04-20 10:24:57
> EntryGuard CatRelay12 ADE45DA3A6D318FEB07E2E099BCCCFEA8ADAC8DC DirCache
> EntryGuardAddedBy ADE45DA3A6D318FEB07E2E099BCCCFEA8ADAC8DC 0.2.4.27
> 2016-04-22 14:09:45
> TorVersion Tor 0.2.4.27 (git-412e3f7dc9c6c01a)
> LastWritten 2016-05-31 18:31:06
> TotalBuildTimes 108
> CircuitBuildTimeBin 325 3
> CircuitBuildTimeBin 375 1
> CircuitBuildTimeBin 425 18
> CircuitBuildTimeBin 475 22
> CircuitBuildTimeBin 525 9
> CircuitBuildTimeBin 575 13
> CircuitBuildTimeBin 625 5
> CircuitBuildTimeBin 675 8
> CircuitBuildTimeBin 725 4
> CircuitBuildTimeBin 775 4
> CircuitBuildTimeBin 825 4
> CircuitBuildTimeBin 875 3
> CircuitBuildTimeBin 925 2
> CircuitBuildTimeBin 975 2
> CircuitBuildTimeBin 1025 3
> CircuitBuildTimeBin 1075 1
> CircuitBuildTimeBin 1125 1
> CircuitBuildTimeBin 1175 1
> CircuitBuildTimeBin 1275 1
> CircuitBuildTimeBin 1375 1
> CircuitBuildTimeBin 1525 1
> CircuitBuildTimeBin 2275 1
>
>
>
>
> On Tue, May 31, 2016 at 3:02 PM, Percy Blakeney <di99in5 at gmail.com
> <mailto:di99in5 at gmail.com>> wrote:
>
> I'm not offended in the least. No worries. The only reason I'm
> contacting anyone about this is the sheer fact Tor folders, files
> and connections are running through my systems and connection.
> Otherwise, I would have kept all of this to myself. Tor is
> extremely important and my fear is that someone out there maybe
> attempting to disguise themselves to enter it. I'm far from being
> IT savvy, however, I've spent the last six or so months trying to
> read everything I can possibly read to get a better understanding
> as to what's going on. Now, according to my Dell and Acer which
> both run Mint, when I try to install Tor I'm told I already have
> it. When I try to run Tor I'm told I don't have it. When I try
> to remove it, it comes back. However, I have a Lenovo with
> Windows10 on it. With that computer I was able to install the Tor
> browser with no problems. So here I am with one laptop that has
> the browser installed while my other two computers show that I'm
> running a relay. If this is nothing to be concerned over then
> that's that but I would like to make sure from possibly the
> friendly people here just in case. This is what I have as of today:
>
>
> May 31 07:35:23.000 [notice] Tor 0.2.4.27 (git-412e3f7dc9c6c01a)
> opening new log file.
> May 31 09:48:33.000 [notice] Heartbeat: Tor's uptime is 14 days
> 12:00 hours, with 0 circuits open. I've sent 6.34 MB and received
> 138.42 MB.
> May 31 09:48:33.000 [notice] Average packaged cell fullness: 77.895%
> May 31 09:48:33.000 [notice] TLS write overhead: 7%
> May 31 12:42:51.000 [notice] Tor 0.2.4.27 (git-412e3f7dc9c6c01a)
> opening log file.
> May 31 12:42:53.000 [notice] Bootstrapped 5%: Connecting to
> directory server.
> May 31 12:42:53.000 [notice] Bootstrapped 45%: Asking for relay
> descriptors.
> May 31 12:42:53.000 [notice] Bootstrapped 50%: Loading relay
> descriptors.
> May 31 12:42:53.000 [notice] I learned some more directory
> information, but not enough to build a circuit: We need more
> microdescriptors: we have 0/7013, and can only build 0% of likely
> paths. (We have 0% of guards bw, 0% of midpoint bw, and 0% of exit
> bw.)
> May 31 12:42:53.000 [notice] Bootstrapped 51%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 53%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 54%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 56%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 57%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 59%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 60%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 62%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 63%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 65%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 66%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 68%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 69%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 71%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 72%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 74%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 75%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 77%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] Bootstrapped 78%: Loading relay
> descriptors.
> May 31 12:42:54.000 [notice] I learned some more directory
> information, but not enough to build a circuit: We need more
> microdescriptors: we have 3220/7013, and can only build 11% of
> likely paths. (We have 48% of guards bw, 48% of midpoint bw, and
> 49% of exit bw.)
> May 31 12:42:56.000 [notice] We now have enough directory
> information to build circuits.
> May 31 12:42:56.000 [notice] Bootstrapped 80%: Connecting to the
> Tor network.
> May 31 12:42:56.000 [notice] Bootstrapped 90%: Establishing a Tor
> circuit.
> May 31 12:42:57.000 [notice] Tor has successfully opened a
> circuit. Looks like client functionality is working.
> May 31 12:42:57.000 [notice] Bootstrapped 100%: Done.
>
>
>
>
> May 30 07:35:20.000 [notice] Tor 0.2.4.27 (git-412e3f7dc9c6c01a)
> opening new log file.
> May 30 09:48:33.000 [notice] Heartbeat: Tor's uptime is 13 days
> 12:00 hours, with 0 circuits open. I've sent 6.00 MB and received
> 128.80 MB.
> May 30 09:48:33.000 [notice] Average packaged cell fullness: 78.591%
> May 30 09:48:33.000 [notice] TLS write overhead: 7%
> May 30 15:48:33.000 [notice] Heartbeat: Tor's uptime is 13 days
> 18:00 hours, with 0 circuits open. I've sent 6.06 MB and received
> 130.60 MB.
> May 30 15:48:33.000 [notice] Average packaged cell fullness: 78.468%
> May 30 15:48:33.000 [notice] TLS write overhead: 7%
> May 30 21:48:33.000 [notice] Heartbeat: Tor's uptime is 14 days
> 0:00 hours, with 0 circuits open. I've sent 6.19 MB and received
> 134.22 MB.
> May 30 21:48:33.000 [notice] Average packaged cell fullness: 78.172%
> May 30 21:48:33.000 [notice] TLS write overhead: 7%
> May 31 03:48:33.000 [notice] Heartbeat: Tor's uptime is 14 days
> 6:00 hours, with 0 circuits open. I've sent 6.25 MB and received
> 136.02 MB.
> May 31 03:48:33.000 [notice] Average packaged cell fullness: 78.053%
> May 31 03:48:33.000 [notice] TLS write overhead: 7%
> May 31 07:35:23.000 [notice] Received reload signal (hup).
> Reloading config and resetting internal state.
> May 31 07:35:23.000 [notice] Read configuration file
> "/usr/share/tor/tor-service-defaults-torrc".
> May 31 07:35:23.000 [notice] Read configuration file "/etc/tor/torrc".
>
>
> On Tue, May 31, 2016 at 2:12 PM, Gumby <info at gumbyzee.torzone.net
> <mailto:info at gumbyzee.torzone.net>> wrote:
>
> I am a tech, a good one, who also runs 2 relays from my shop.
> I have found in client PC's many hidden things - such as
> proxys running for malware delivery. They were totally unaware
> except for slow and losing disk space. (Finding Tor running is
> a bit too extreme) I've also had two clients that were
> "absolutely" sure that someone was out to get them -
> cyber-stalking in their eyes. I actually did all of the
> suggestions made prior - new drive, reset or new router, even
> walked the home and perimeter looking for connections. I was
> positive of my security (30 years doing this) but they were
> calm for less than 4 weeks then started again. Their spouses,
> to their credit, stayed quiet and just rolled their eyes.
> Could a malicious technician do this? Hell yeah - most of us
> could do it dozens of times and they'd never know. We have too
> much moral decency, but.... others don't.
> More than likely, it is a scenario as christian states ....
> too much overload somewhere.
> Or a troll, we hope not.
>
> Me
>
>
> On 05/30/2016 04:27 PM, Christian wrote:
>
> -------- Weitergeleitete Nachricht --------
>
> Von: Christian Adam <hirnwurst at t-online.de
> <mailto:hirnwurst at t-online.de>>
> An: tor-relays at lists.torproject.org
> <mailto:tor-relays at lists.torproject.org>
> Betreff: Re: [tor-relays] I'm Running A Tor Exit But
> Never Initiated
> It
> Datum: Mon, 30 May 2016 22:14:51 +0200
>
> Dear Percy,
>
> I read all of your messages very carefully and,
> please, believe me, I
> don't mean to be rude, but just want to provide you a
> little bit of
> relief.
>
> First of all, I have to share that I AM in fact a
> schizophrenic for 16
> years now, but fully therapied to the extent I do a
> job as a system
> administrator and get certified for being a data
> security officer this
> week.
> This won't reveal any competence on my side, but gives
> a clue about my
> functional level which is, after all, related to sanity.
>
> << snip >>
>
> Given my experience with newbie users, paranoia and system
> administration, what you wrote seemed quite normal and
> you didn't
> provide (as far as I remember) any unusual technical
> details.
>
> Maybe what just happened was a lack of informed
> consent resulting in a
> tasteless prank.
>
> I don't want to do injustice to you, but since Edward
> Snowden, we're all
> used to question every system crash and honestly, our
> times seem to be
> hysterical and violence-saturated.
>
> The rule is simple. When a user thinks he's infected,
> he's almost always
> not.
> If he's infected, he wouldn't notice.
>
> Hugs, I hope you find peace again soon.
>
> Please don't feel offended, I only told my story based
> on the facts you
> gave.
>
> And kind regards,
>
> christian
>
>
> Am Montag, den 30.05.2016, 13:25 +0200 schrieb
> Christian Pietsch:
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> <mailto:tor-relays at lists.torproject.org>
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> <mailto:tor-relays at lists.torproject.org>
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20160531/5373876f/attachment-0001.html>
More information about the tor-relays
mailing list