[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Small server, not much bandwidth



On Thu, Apr 10, 2014 at 06:24:00PM +0100, John Williams wrote:
> 1. Is such a small bandwidth going to make a worthwhile contribution?

Yes probably. Can't hurt, might help! :)

> 2. What port number should I run obfsproxy on, to minimize the chance
> of it being blocked from potential users? I'm running other stuff on the
> obvious choices (22,80,443) and I've only got 1 IP address.

For obfsproxy, my current intuition is that it's best to (let it) pick
a random high-numbered port.

People who see an unrecognized protocol on a recognized port will think
it's weird. People who see an unrecognized protocol on an unrecognized
port will not be sure what to make of it.

> 3. If I run obfsproxy, should I open the regular tor port 9001 to the
> internet also? Or will that get me onto blacklists of "known tor
> bridges" and cause my whole IP address to be blocked?

Alas, if you don't open the ORPort to the Internet also, your bridge
won't find itself reachable, so it won't publish to the bridge
directory authority, and so bridges.torproject.org won't give out your
bridge address automatically:
https://trac.torproject.org/projects/tor/ticket/7349
So it is fine to leave ORPort closed if you're giving the bridge
address out manually, but if you want the automated system to do it,
you need ORPort reachable.

Fortunately, in practice China censors by IP:port, not by blacklisting
the whole IP address, for now.

--Roger

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk