[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Tor Relay Web Ports



Thanks for the links and reply, I appreciate it, that answers my question on web ports. How about Bitcoin ports 8333 to help other BTC nodes sync? Is this port also risky to open? Thanks again...



Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Thursday, May 21, 2020 5:21 AM, William Kane <ttallink@xxxxxxxxxxxxxx> wrote:

> P.S: If you were not asking about relays on OVH, my bad - had their
> company name stuck in my head due to your previous posts to the
> mailing list.
> 

> 2020-05-20 21:07 GMT, William Kane ttallink@xxxxxxxxxxxxxx:
> 

> > Port 53 over TCP (DNS) seems useless, it won't be used at all or only
> > very rarely - your exit already resolves domain names for your
> > clients, this is why it's recommended to have a local recursive
> > resolver installed instead of passing on DNS requests to remote
> > services such as Google or Cloudflare DNS, due to the possibility of
> > correlation and anonymity compromising attacks:
> > https://medium.com/@nusenu/who-controls-tors-dns-traffic-a74a7632e8ca
> > https://medium.com/@nusenu/what-fraction-of-tors-dns-traffic-goes-to-google-and-cloudflare-492229ccfd42
> > If you open up 80 and 443, expect to receive a lot of abuse mails
> > related to brute-forcing or exploit attempts, and having to deal with
> > the occasional douche-bag downloading child porn from a clear-net
> > hoster and confused law enforcement agencies.
> > If that doesn't bother you or your hoster (in the case of OVH, it
> > will, I can guarantee you that), then go ahead.
> > OVH is a bad provider though, over-congested network due to all the
> > seed boxes, bad peering, many Tor nodes already hosted there, etc.
> > All that means please don't host another node there, instead go for a
> > small provider, ideally also in a country which does not host a lot of
> > Tor nodes already, see if they host only a handful of Tor nodes,
> > ideally colocate, get your own IP range and ask them to modify the
> > abuse address for the range to an address you control.
> > After that is all done, you can safely ignore most abuse reports
> > unless they actually have a case against you, which, in most countries
> > is not possible due to network providers being protected from
> > liability by the law.
> > Hope this helps.
> > 2020-05-20 7:24 GMT, mnlph74 mnlph74@xxxxxxxxxxxxxx:
> > 

> > > Hi, I'm running a non-exit relay for quite some time now and I would like
> > > to
> > > open ports 53, 80, 443 (web ports) to be more useful.
> > > How do you handle fraudulent complaints? What is the best approach to
> > > this
> > > situation? Thank you for your help.
> > > Sent with ProtonMail Secure Email.
> 

> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Attachment: publickey - mnlph74@protonmail.com - 0xA7D18794.asc
Description: application/pgp-keys

Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays