[tor-talk] Following best-practices for tor exit-node on RIPE
Moritz Bartl
moritz at torservers.net
Wed Aug 24 15:06:59 UTC 2011
Am 22.08.2011 12:08, schrieb Alexandre Girard:
> I'm trying to open a new tor exit node on tetaneutral.net - associative
> ISP in Toulouse, France - and I've got a question after reading the
> best-practices available on this page:
> https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
>
> On point 5, it describe how to change the contact email on an IP.
>
> Tetaneutral has a range of IP, and we can use 1 IP for the tor exit
> node. The description about the contact mail concerns ARIN, does someone
> know how to do it on RIPE?
Thank you for your question. Now I finally forced myself to update the
wiki entry at https://www.torservers.net/wiki/hoster/inquiry
Here's the new section on RIPE:
With RIPE, it works even better than with ARIN as most people respect
the WHOIS entry there without going directly for the upstream record. In
our experience, this happens a lot with ARIN. But - my guess is due to
some stricter regulations by RIPE - less ISPs are willing to reassign
RIPE IPs.
Some reports, like Shadowserver reports, get sent to the AS, so WHOIS
does not help against those. With luck you can get your ISP to ignore or
auto-forward them to you.
If you don't have "mtner" and "person" handles for your Tor exits, use
the wizard at https://apps.db.ripe.net/startup/ or manually create them
at https://apps.db.ripe.net/webupdates/select-type.html
You need at least one mtner and one "person" handle. Tell your ISP to
create an "inetnum" record linking those handles. You should suggest
apprioriate "desc", "remarks" and "country" entries. RIPE does not
require this country to be the location of your server, nor your
location. Your ISP might want either your location or the servers
location in there. If you want to confuse GeoIP, you can specify another
country. It is also possible to list more than one country, but be aware
that it takes several months for GeoIP services to pick up changes (if
they ever do) and that you won't be able to edit the "inetnum" record
yourself.
Maintainer record example:
http://apps.db.ripe.net/whois/lookup/ripe/mntner/ZWIEBELFREUNDE.html
Person example:
http://apps.db.ripe.net/whois/lookup/ripe/person-role/MB22990-RIPE.html
inetnum example:
https://apps.db.ripe.net/dbweb/search/query.html?searchtext=77.247.181.160
Additional RIPE Documentation for ISPs (if they don't know how to do
their stuff, helps sometimes to pass this on):
*
http://www.ripe.net/lir-services/resource-management/faq/internet-resources#faq_22
* http://www.ripe.net/ripe/docs/ripe-489
Hope this helps! Let me know if it works, feel free to add more info to
the wiki page (world editable).
--
Moritz Bartl
https://www.torservers.net/
More information about the tor-talk
mailing list