[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] I'm Running A Tor Exit Node And NEVER Initiated It

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] I'm Running A Tor Exit Node And NEVER Initiated It
From: Arjen <arjenvanweelden@xxxxxxxxx>
Date: Sun, 29 May 2016 18:09:37 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 29 May 2016 12:09:52 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding; bh=iUwbfa2m3Z1DqhUtIfvH6+W6azjdtEX/cBiyIrDhzTU=; b=kV7lcwGdP64H+rP1G5rgU+iozlcnNuNy6Gi8aATFe9YUj8teHg7f2MMS78m3QYkiD2 ADyMmYFJ/0fxCpbBpbyJpixJMXYsa9MXDPTRccHuZpOq/nKchH7Go0yBVU/VLf0+qn1p /MrDAGED28NfwxEtnUyzbEvXI0SXBbNYVq6J0thr5xXv8oDN3Gbjw4tPtO4mf2c25Ydy ZnsS9c2PzAESfo20IjqIuOFT5A7//TqPli3qd5b473orrUbSsUT9cKLbRGttZD5dvR1I cZXj2O5MrVpAn1qzDNOumLFu9KGWmJXTnzlNkGuoByRRAzpwLlNTaKnkGJng5o31nTc8 JFfQ==
In-reply-to: <CA+eNGiRbXmrkWwNSiBHdz4fBJzt3p1WTwZajCsNfwkMj4x4Mxg@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <CA+eNGiRbXmrkWwNSiBHdz4fBJzt3p1WTwZajCsNfwkMj4x4Mxg@xxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.1.0

On 05/29/2016 05:28 PM, Percy Blakeney wrote:

Like I stated a few minutes ago, I am and have been running Tor from my
location yet I have nothing to do with it.  I have been sitting on this
for a while.  Before anyone comes down on me for it, you have to
understand what I've been going through with my network.  Tor is only
the tip of the iceberg.  This is as of today:

usr/share/tor/tor-service-defaults-torrc

DataDirectory /var/lib/tor
PIDFile /var/run/tor/tor.pid
RunasDaemon 1
user debian-tor
control socket /var/run/tor/control
control socket group writable 1
cookie authentication 1
cookie auth file group readable 1
cookie auth file /var/run/tor/control-authcookie
log notice file /var/log/tor/log

etc/tor/torrc

contact info 0xFFFFFFFF Random Person <nobody AT example dot com>
#Dirport 80 No Listen
#Dirport 127.0.0.1:9091 <http://127.0.0.1:9091> No Advertise
#Dirport front page /etc/tor/tor-exit-notice.html
#Exit Policy Accept *:6660-6667, reject *:* #allow irc ports but no more
#accept *:119 # accept nntp as well as default exit policy

The hashes (#) in from of the lines are part of the default inlinedocumentation in the torrc file, and should have no effect because theyare comments.It looks like you or someone with root access installed Tor on yourcomputer. You did not send enough of the torrc file to see if it isconfigured as an exit. It could just be the default configuration aftera "sudo apt-get install tor"...

If you just want to remove Tor from your machine (which runs Debian?),you could just do: sudo apt-get remove tor

However, that might remove any clues as to who installed Tor and why.

var/lib/tor

lock-Mon 16 May 2016 09:48:32 PM EDT (File content is not visible to me)
cached-certs-Mon 16 May 2016 09:48:32 PM EDT (File content is not
visible to me)
cached-microdescs-Mon 16 May 2016 10:18:34 PM EDT (File content is not
visible to me)
cached-microdescs.new-Mon 16 May 2016 10:18:34 PM EDT (File content is
not visible to me)
state-Wed 25 May 2016 04:36:02 AM EDT (This one IS visible)
cached-microdesc-consensus-Sun 29 May 2016 09:17:15 AM EDT (File content
is not visible to me)

The contents of the files and logs might only be readable by root, sousing sudo might help to read them.

tor.pid-32156

/var/lib/tor/state

#Tor state file last generated on 2016-05-25 04:36:02 local time
#Other times below are in UTC
#You *do not* need to edit this file.

EntryGuard Jans 50586E25BE067FD1F739998550EDDCB1A14CA5B2 DirCache
EntryGuardAddedBy 50586E25BE067FD1F739998550EDDCB1A14CA5B2  0.2.4.27
2016-04-28 16:16:20

THERE'S WAY more to the above file but I'm not sure what I should and
shouldn't share on here.  As a matter of fact, I'm not sure what half of
this stuff means so I've spent the last few months trying to educate
myself on as much of this as possible.  Like I said, I am MORE than
willing to talk to anyone out there who may be able to help.


_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

Follow-Ups:
- Re: [tor-relays] I'm Running A Tor Exit Node And NEVER Initiated It
  - From: Percy Blakeney

References:
- [tor-relays] I'm Running A Tor Exit Node And NEVER Initiated It
  - From: Percy Blakeney

Prev by Author: Re: [tor-relays] I'm Running A Tor Exit Node And NEVER Initiated It
Next by Author: [tor-relays] [Fwd: Re: I'm Running A Tor Exit But Never Initiated It]
Previous by thread: Re: [tor-relays] I'm Running A Tor Exit Node And NEVER Initiated It
Next by thread: Re: [tor-relays] I'm Running A Tor Exit Node And NEVER Initiated It
Index(es):
- Author
- Thread