[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Middle relay IP blocking





On 8/7/2023 1:28 PM, s7r wrote:
lists@xxxxxxxxxxxxxxx wrote:
On Samstag, 5. August 2023 08:40:42 CEST Marco Predicatori wrote:
securehell@xxxxxxxxx wrote on 8/4/23 01:46:
I tried reporting a similar issue a few months ago (post wasn’t approved
by
moderator). I was running a relay from my home ISP. After a short while
certain websites became inaccessible from other computers in my home
network that shared the same public IP. After trial and error with other
IP addresses (non-Tor) I realized commercial gateway services had
blacklisted our IP address.

Same here, middle node. In order to access some sites, I have to shut down
briefly my modem in order to obtain a new IP, and for a while all goes
smoothly again.

Hi @all,

Just my 2 cents. Is this worth the hassle?
Calculate your power consumption 24x7x30 @home.

For 1-5$ you can get a VPS.
This exit has 1GB RAM and 1CPU and costs $3.50/month
https://metrics.torproject.org/rs.html#details/376DC7CAD597D3A4CBB651999CFAD0E77DC9AE8C

Search or ask for offers on LEB & LET:
https://lowendbox.com/
https://lowendtalk.com/discussion/185210/tor-relay-bridge

$websearch: cheap vps unlimited bandwidth
IONOS 1,-EUR/Month - 1GB RAM - 1vCore unlimited bandwidth - prepaid (=no contract term)
https://www.ionos.de/server/vps

Dedicated server for $15 per month: 4 Cores/4 threads - 16GB DDR3 - 5 usable IPv4  :-)
https://www.nocix.net/cart/?id=261

While all the above is true, a thing to remember is to make sure we don't end up all renting too many VPS'es or dedicated servers in the same places / same AS numbers - we need network diversity, it is a very important factor, more AS numbers, more providers, more physical locations, etc. So, running at home is super good and recommended from this perspective, provides us with the diversity we need, however not being to login to online banking to pay an electricity bill because of a middle relay is also way too annoying.. however who can afford the hassle should definitely run a middle relay or bridge at home (even Exit relay, I do run an Exit relay at my office place and I had one police visit in like 8 years or so).

The problem here is with the people who treat 1 IP address = 1 person, this assumption which is 3 decades old should disappear once and forever. I cannot imagine what kind of an IT/security expert would use a black list (haha) that contains Tor relays (double haha) and also applies same restrictions to *middle* relays (triple haha). There are so many ways to properly handle an IP address that sends robotic/unrequested traffic which are so obvious I'm not going to spam the list to enumerate them.

As much as I would like to laugh along with you, it's clearly the case from my experiences, and some of the folks in this thread, that there are some major outsourced firewall/protection companies who unfortunately do have the IT/security folks you can't imagine.  I've spoken to one senior network technician at a major US wide bank because after running a middle relay for 5 years with only minor issues, my wife who works from home for the bank was suddenly blocked from accessing the bank network.  He fully understood what a middle relay was and was quite happy for me to run one, but was unable to do anything as they had just outsourced the network "protection" and whoever they had outsourced to was classing the middle relay as a threat, and so blocking her access.

Cheers.

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays