[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Exit policy question

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Exit policy question
From: tagnaq <tagnaq@xxxxxxxxx>
Date: Fri, 03 Jun 2011 15:13:15 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 03 Jun 2011 09:13:25 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:message-id:date:from:mime-version:to:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=k4JbBeKIoNhArLqELcsy4QBNr8GmmMdKNQnMxiELkdI=; b=JO218LiuWAdqnNi+94pam3D0MK2n4eMtYd6KLHHeWZ89KBkj7BkLwHn8E89qKIcPV8 vm24vj5h8i0Q18/4ui7to++y4oziCcP9S09kxRsOswDKYtLFJ05XYdofQETb8fHR2ILu dbZwlCwzUl7Bb2Ev84DB5caO1fDvwfEH/4e24=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; b=Pn/llAfXD5JAYr0qFNzJy6uHK/3UJusTXjGaBcSpQdNF7X2BY+iSDfC5at0YJqmIIt ou04T12yZP0El7qj63krhgwngnBj7ZCc7VvWZWIcMMQMyiBo42emeYqGWIZx3/T49ZBl 7CI48kIxXCVHhhmHHYi4jC18WDC3DRQAmdFI0=
In-reply-to: <4DE8D769.80408@xxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for support and questions about running Tor relays \(exit, non-exit, bridge\)." <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <B243443DF316414B99208874D2E409240362EF@xxxxxxxxxxxxxxxx> <2462C2A3-B186-4ABD-85D4-49C3772C9705@xxxxxxxxx> <4DE8D769.80408@xxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

On 06/03/2011 02:45 PM, Jesus Cea wrote:
> I run a TOR node in OVH (France). They shutdown my server several times
> because it was "hacked" in the sense of "we don't think a server should
> make outgoing port 443 connections". After a lof of complains and
> arguments, and a dozen of shutdowns, I restricted my node to NON-EXIT.
> And filter my 443 outgoing at FW level, because even connecting to port
> 443 of other TOR nodes were considered "you have a compromised machine".

I suppose most of the circuits attempts through your relay will break
because 7 out of the 10 fastest relays have their ORPort set to 443.
(in total ~30% of relays have ORPort set to 443)

Your relay won't be able to publish its descriptor to all directory
authorities.
Would be nice to add a detection for such firewalled relays to the scanner.

You might be interested into this (long term) feature request:
https://trac.torproject.org/projects/tor/ticket/3028

-----BEGIN PGP SIGNATURE-----

iF4EAREKAAYFAk3o3esACgkQyM26BSNOM7aLqAD/VGVNBZ4U7hzbqXk+QT2XY4Fe
fEbKnrW7KsWE5fOVqD4A/35s1J9m09Vl4kXRa26BANJuWmQROMXllh/h7yhATKL9
=HVUb
-----END PGP SIGNATURE-----
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] Exit policy question
  - From: Jesus Cea

References:
- [tor-relays] Exit policy question
  - From: George Gemelos
- Re: [tor-relays] Exit policy question
  - From: Justin Aplin
- Re: [tor-relays] Exit policy question
  - From: Jesus Cea

Prev by Author: [tor-relays] tor-relay+polipo+firefox much slower than TBB - why?
Next by Author: Re: [tor-relays] firewalled relays (was: Exit policy question)
Previous by thread: Re: [tor-relays] Exit policy question
Next by thread: Re: [tor-relays] Exit policy question
Index(es):
- Author
- Thread