Re: [tor-relays] which DirPort should be advertised ?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 07/05/2016 04:01 AM, Tim Wilson-Brown - teor wrote: > In 0.2.8.3-aplha, "clients, onion services, and bridge relays always use an > encrypted begindir connection for directory requests". > Encrypted beginner connections are made over the ORPort. > This means that in 0.2.8 clients no longer use any DirPort, and relays only > use the IPv4 DirPort. > IPv6 clients and bridge clients use the IPv6 ORPort. > > In 0.2.7 and before, clients and relays only use the IPv4 DirPort. > IPv6 bridge clients use the IPv6 ORPort. Understood - so in the long run a DirPort is only used to serve the DirPortFrontPage - -- Toralf PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7 -BEGIN PGP SIGNATURE- Version: GnuPG v2 iF4EAREIAAYFAld7fHoACgkQxOrN3gB26U5PwgD/ckqsFJksXLfBHlEtcEMgHizG MIbwXnbSdKOrV4i7DyQA/1Z9dQkMybP3GBuFOZUEOiA92nR4I3417415eYWrEnOc =mMXm -END PGP SIGNATURE- ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] which DirPort should be advertised ?
> On 5 Jul 2016, at 19:23, Toralf Förster wrote: > > Signed PGP part > On 07/05/2016 04:01 AM, Tim Wilson-Brown - teor wrote: > > In 0.2.8.3-aplha, "clients, onion services, and bridge relays always use an > > encrypted begindir connection for directory requests". > > Encrypted beginner connections are made over the ORPort. > > This means that in 0.2.8 clients no longer use any DirPort, and relays only > > use the IPv4 DirPort. > > IPv6 clients and bridge clients use the IPv6 ORPort. > > > > In 0.2.7 and before, clients and relays only use the IPv4 DirPort. > > IPv6 bridge clients use the IPv6 ORPort. > > Understood - so in the long run a DirPort is only used to serve the > DirPortFrontPage The IPv4 DirPort is used by relays and authorities. This isn't going to change any time soon. > > -- > Toralf > PGP: C4EACDDE 0076E94E, OTR: 420E74C8 30246EE7 > > ___ > tor-relays mailing list > tor-relays@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays Tim Wilson-Brown (teor) teor2345 at gmail dot com PGP 968F094B ricochet:ekmygaiu4rzgsk6n signature.asc Description: Message signed with OpenPGP using GPGMail ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] suspicious "Relay127001" relays
91 at the moment and they will soon gain more flags. https://sourceforge.net/p/nepenthes/wiki/Home/ Seems like some sort of honeypot. Most seem to be from AWS & Linode & Leaseweb USA. On July 3, 2016 10:59:00 AM GMT+02:00, nusenu wrote: >some new ones: >http://article.gmane.org/gmane.network.onion-routing.ornetradar/1468 > > > > > > >___ >tor-relays mailing list >tor-relays@lists.torproject.org >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- PGP : 29A4CE52___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] suspicious "Relay127001" relays
On 05.07.2016 13:31, Xza wrote: > 91 at the moment and they will soon gain more flags. > https://sourceforge.net/p/nepenthes/wiki/Home/ > Seems like some sort of honeypot. > Most seem to be from AWS & Linode & Leaseweb USA. How does the process work to exclude nodes from the network? If I understood the documentation correctly, as a node operator I can't blacklist hosts individually (unless I'm putting them into MyFamily, which I don't want to). ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] suspicious "Relay127001" relays
It's up to directory authority operators to deal with suspicious/rogue/misconfigured relays by marking them as invalid/rejected/badexit. Relay operators are not supposed to decide what other relays they may be put in a circuit with (apart from notifying the network which nodes belong to the same operator using MyFamily as you mention). FYI, *clients* do have the ability to exclude nodes using the ExcludeNodes directive. On 5 July 2016 16:46:18 CEST, simon wrote: >On 05.07.2016 13:31, Xza wrote: >> 91 at the moment and they will soon gain more flags. >> https://sourceforge.net/p/nepenthes/wiki/Home/ >> Seems like some sort of honeypot. >> Most seem to be from AWS & Linode & Leaseweb USA. > >How does the process work to exclude nodes from the network? > >If I understood the documentation correctly, as a node operator I can't >blacklist hosts individually (unless I'm putting them into MyFamily, >which I don't want to). >___ >tor-relays mailing list >tor-relays@lists.torproject.org >https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays -- Sent from my Android device with K-9 Mail. Please excuse my brevity.___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] suspicious "Relay127001" relays
On Tue, Jul 05, 2016 at 05:10:49PM +0200, Niklas K. wrote: > It's up to directory authority operators to deal with > suspicious/rogue/misconfigured relays by marking them as > invalid/rejected/badexit. > > Relay operators are not supposed to decide what other relays they may be put > in a circuit with (apart from notifying the network which nodes belong to the > same operator using MyFamily as you mention). > > FYI, *clients* do have the ability to exclude nodes using the ExcludeNodes > directive. In good news, 91 new high speed exits means Tor network should be truly blazing for a while :) ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] suspicious "Relay127001" relays
> In good news, 91 new high speed exits means Tor network should be > truly blazing for a while :) these are non-exits relays (currently) currently 93 relays (89 running): https://gist.githubusercontent.com/nusenu/0478362226f1b74744bec8700c4a3732/raw/e8a5ed82061a2b6a83f982964794ef79c067f005/Relay127001_93-relays_2016-07.txt a few total stats for these relays: 58 unique /16 netblocks 26 unique ASes (20 unique organizations) aggregated CW fraction: 0.1529% (as of 2016-07-05 22:00) (if that doesn't tell you much, that is about at the 99th position of the current CW ranking list but that is anything but static https://raw.githubusercontent.com/ornetstats/stats/master/o/main_operators_by_cw.txt ) signature.asc Description: OpenPGP digital signature ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Re: [tor-relays] suspicious "Relay127001" relays
> It's up to directory authority operators to deal with > suspicious/rogue/misconfigured relays by marking them as > invalid/rejected/badexit. So... what's going on in this particular case and what are the directory authorities going to do, if anything? As a relay operator near the top of the CW list, I continue to be somewhat uncomfortable with the lack of transparency regarding the directory authority decisions. It would be nice if the decision making process around these types of events was a bit more transparent. ___ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
