[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-relays] Identifying a relay

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: [tor-relays] Identifying a relay
From: Eddie <stunnel@xxxxxxxxxxxxx>
Date: Wed, 15 Jun 2022 11:17:54 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 16 Jun 2022 02:55:43 -0400
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0) Gecko/20100101 Thunderbird/91.10.0

Have a question about how a server I connect to can tell I am running aguard/middle relay. All I can think of is that they check the publishedlist of tor nodes against the IP. Or (maybe, but unlikely) portscan theIP and probe any open ports to determine the service. Are there anyother methods that can be used.

Background: The corp my wife works for blocked our IP. The excuse theygave was that it was due to a change made by a vendor they use toidentify malicious IP addresses. I have been running the relay foralmost 5 years without any previous flagging. They also state thatrunning a middle relay is not in violation of any policy, but the vendormis-identified our relay as an exit, hence blocking it.

After changing the IP, the new IP was also blocked in less than 24hours. My feeling is that the vendor is now just using the full list oftor nodes and indiscriminately blocking everything, despite what thecorp security folks say.


I'm looking for some sort of validation I can use to counter their claims.
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Identifying a relay
  - From: Toralf Förster
- Re: [tor-relays] Identifying a relay
  - From: Felix
- Re: [tor-relays] Identifying a relay
  - From: Gary C. New via tor-relays
- Re: [tor-relays] Identifying a relay
  - From: lists

Prev by Author: Re: [tor-relays] [Workshop] Sysadmin 101 for (new) relay operators - June 4th
Next by Author: [tor-relays] Metrics shows my relay down. But it's not.
Previous by thread: [tor-relays] (No Subject)
Next by thread: Re: [tor-relays] Identifying a relay
Index(es):
- Author
- Thread