Re: [tor-relays] Possible problem with NYX

Subject: Re: [tor-relays] Possible problem with NYX

From: Nathaniel Suchy <me@xxxxxxxxxxx>

Date: Mon, 3 Sep 2018 16:19:18 -0400

Delivery-date: Mon, 03 Sep 2018 16:19:52 -0400

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=lunorian.is; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=Ycg2ybjVd9XR7Ug9I7L/qk7VcsPRLh2ff/VvanrhGYY=; b=clygXS5jTWHKXSX8peQaYpeRJGIwgW//J/pKSkPcxs0O/Clt6/fOV4eWQI9Xl/ErTk HI156tWcUv4xrzYYcQokT9M//rr0Z4jZwy8R1JgEjJe8j3YNJVKu3y3dfjRXx30U/wa6 N4eQNn3SyGmO67kiuRNyF+KqeSk48/etwoHj9/pXH/4Efxx7Syk8cYuulV6iSLyMhywy sFf/226eF+DV37E/uFWUkP+9vKzVf6bMzLyd6Rs7zaR5SL4BrP5JlPMA2C9VCM54qEPt 6JS2RyLXGb49DMSNQCnhM+qJY1qHKqaOWrONZb7c5RG+xr+07IqUcBgQ7fkUxqeSIXWy yT7Q==

In-reply-to: <7a6e7d31-3416-b81d-c373-73673b7944b7@cni.net>

List-archive: <http://lists.torproject.org/pipermail/tor-relays/>

List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>

List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>

List-post: <mailto:tor-relays@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>

References: <7a6e7d31-3416-b81d-c373-73673b7944b7@cni.net>

Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>

You have to decide a balance of usefulness to a legitimate operator and privacy concerns. I could just as easily run Wireshark or TCPDump on my relays and get client IP Addresses that way. You are trusting most operators, like me, are the good guys. Of course a client IP isn’t very useful without a way to associate exit traffic to them.

Cordially,

Nathaniel

On Mon, Sep 3, 2018 at 4:14 PM arisbe <arisbe@xxxxxxx> wrote:

Hello ops,

Today I noticed something on NYX that I find disturbing. Page 2 (list
of inbound/outbound connections) showed me the IP address of an inbound
connection on one of my bridges! Not the authority. This is crazy as
these are indicated as <scrubbed>:port for the users protection! I have
never seen this before and haven't seen it since. Of course, on low
usage bridges, the connection IP address can possibly be disseminated
from netstat but that's not the point. It's my sense that this should
never happen. I get chills imagining this happening on a guard relay
operated by an antagonist ! !

I'm using the default NYX configuration on Ubuntu server 18.04.1 LTS,
Tor 0.3.3.9.

Arisbe

--
One person's moral compass is another person's face in the dirt.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays