Tor and NNTP

Wesley Kenzie wkenzie at shaw.ca
Fri Nov 3 23:59:28 UTC 2006


You could also use our Real-Time Tor Detection service at showmyip.com or
ippages.com.  Non-subscribers get data that is at most 1 hour old:
subscribers get data that is at most 1 minute old.

Try http://www.ippages.com/xml/?ip=123.456.789.001&get=tor (or https:// if
you prefer) where 123.456.789.001 is the IP address of your visitor.  We
will have a simple text and SOAP interface available soon.  You can add
other &get= parameter values besides "tor" such as country, host, isp, org,
state, reverse_host, etc.

. . . . .
Wesley Kenzie
WebMaster
https://www.ippages.com/lookups/
http://www.showmyip.com/
http://www.privacy-ecosystem.com/
MSN: support at privacy-ecosystem.com
ICQ: 210115340
AIM: privacyeco
Blog: http://privacy-ecosystem.blogspot.com/
 



-----Original Message-----
From: owner-or-talk at freehaven.net [mailto:owner-or-talk at freehaven.net] On
Behalf Of Aioe
Sent: November 3, 2006 7:57 AM
To: or-talk at seul.org
Subject: Tor and NNTP


I'm the owner of a large *public* news server (see http://news.aioe.org/ )  
which allows a (restricted)  read and write access to USENET groups without 
requiring an authentication. I'm also a novice with Tor. An increasing
number 
of tor users is choosing my server for reading and posting on USENET. 
In order to avoid SYN DDOS and floods, my server accepts only a determinate 
number of daily connections and bytes per IP. Trespassers are banned for a 
day. While a single (end) proxy serves a single client the total activity 
generated on my host by that tor router usually remains under this limit. 
When more than a client uses the same proxy, often that tor router exceeds 
those values because the barrier is calibrated assuming a single client per 
IP. Every IP can also post only 25 messages per day which is a reasonable 
limit for a single client but it isn't enough when multiple users share the 
same IP.
Therefore sometimes some tor proxy is banned from my server due an excessive

number of connections, bytes or posts.
I need a (server side) way to separate the tor users from the other ones: is

this possible?
I'm supposing to setup an "hidden service" which redirects all tor users to
a 
non default *local* NNTP port in order to treat them differently from the 
other clients. In this way, when the tor users access the server from the 
main DNS system (as nntp.aioe.org) they're still subjected to the standard 
rules that are applied to all clients but when they use the .onion domain a 
different (less restrictive) policy can be applied to them.  Is this a right

way? 
If so, does tor allow to be configured in order to handle only my "hidden 
service" without providing any other tor service (my ISP doesn't like proxy 
and i've not much bandwidth)?

greetings

Paolo Amoroso (Aioe)




More information about the tor-talk mailing list