[tor-talk] 'cached-descriptors' replaced with 'cached-microdescs'
I noticed TBB-2.3.25-1 is using 'cached-microdescs' which removes the end-user's ability to choose exitnodes based on each server's exit policy. example of informations in obsolete 'cached-descriptors': router name and IP address platform uptime bandwidth reject *:25 reject *:119 reject *:135-139 reject *:445 reject *:563 reject *:1214 reject *:4661-4666 reject *:6346-6429 reject *:6699 reject *:6881-6999 accept *:* Is this informations still available somewhere else? Maybe a torproject.org URL? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] 'cached-descriptors' replaced with 'cached-microdescs'
On 12/12/12 3:23 PM, basmati kasaar wrote: > I noticed TBB-2.3.25-1 is using 'cached-microdescs' which removes the > end-user's ability to choose exitnodes based on each server's exit > policy. > > example of informations in obsolete 'cached-descriptors': > > router name and IP address > platform > uptime > bandwidth > > reject *:25 > reject *:119 > reject *:135-139 > reject *:445 > reject *:563 > reject *:1214 > reject *:4661-4666 > reject *:6346-6429 > reject *:6699 > reject *:6881-6999 > accept *:* > > Is this informations still available somewhere else? Maybe a torproject.org > URL? Yes, see https://atlas.torproject.org/ Best, Karsten ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] 'cached-descriptors' replaced with 'cached-microdescs'
>- Original Message - >From: Karsten Loesing >To: basmati kasaar >Cc: tor-talk@lists.torproject.org >Sent: Wed, 12 Dec 2012 20:22:43 +0530 (IST) >Subject: Re: [tor-talk] 'cached-descriptors' replaced with 'cached-microdescs' > > > >Yes, see https://atlas.torproject.org/ > >Best, >Karsten 'atlas.torproject.org' appears to contain very, very little useful informations and no informations on specific exit port availability per router. Would it be so difficult to make available on torproject.org like was on serifos 6 yrs ago? http://web.archive.org/web/20060718235801/http://serifos.eecs.harvard.edu/cgi-bin/exit.pl Thank you. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] 'cached-descriptors' replaced with 'cached-microdescs'
On 12/12/12 7:09 PM, basmati kasaar wrote: > 'atlas.torproject.org' appears to contain very, very little useful > informations and no informations on specific exit port availability > per router. Actually, it does have full exit policies of all relays. Try typing a relay nickname or fingerprint in the search field and select the relay from the results table that you're interested in. Best, Karsten ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] 'cached-descriptors' replaced with 'cached-microdescs'
On Wed, Dec 12, 2012 at 4:23 PM, basmati kasaar wrote: > Is this informations still available somewhere else? Maybe a torproject.org > URL? UseMicrodescriptors 0? -- Maxim Kammerer Liberté Linux: http://dee.su/liberte ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] 'cached-descriptors' replaced with 'cached-microdescs'
On Wed, 12 Dec 2012 23:39:38 +0530 (IST) basmati kasaar wrote: > 'atlas.torproject.org' appears to contain very, very little useful > informations and no informations on specific exit port availability > per router. The full exit policy is on atlas, here's a current exit relay: https://atlas.torproject.org/#details/4E377F91D326552AAE818D5A17BC3EF79639C2CD In general, the current tbb package upgraded tor from 2.2 to 2.3. This is a major new version in the tor world. What you're seeing in current tbb with tor 2.3 is that microdescriptors are now live and stable. These were implemented to reduce tor's bandwidth usage. The specification and motivation are here, https://gitweb.torproject.org/torspec.git/blob/HEAD:/proposals/158-microdescriptors.txt > Would it be so difficult to make available on torproject.org like was > on serifos 6 yrs ago? > > http://web.archive.org/web/20060718235801/http://serifos.eecs.harvard.edu/cgi-bin/exit.pl Yes. It's a bad idea. If someone wants to run that script themselves, great. You'll also notice someone at harvard.edu ran it, not us. Creating single points of failure on which the world of tor users relies is bad for everyone all around. We already have this problem with check.torproject.org. We're working to replace check.torproject.org with a safe, local solution. -- Andrew http://tpo.is/contact pgp 0x6B4D6475 ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] 'cached-descriptors' replaced with 'cached-microdescs'
If you use the cached-consensus then why not just set 'FetchUselessDescriptors 1' in your torrc? ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] There is some rotten in the state of Denmark
Good evening torrizens, I have been looking through the relay descriptors for signs of malicious exit policy configurations and have found that the Tor network appears to be infested by a sniffer plague. No worries, though, a friendly Torrorist is here to help. Thanks to the attached mineral script you will be able to enumerate all the Tor relays that appear to have a malicious configuration. By malicious configuration I mean that their fish_percent is > 50%. fish_percent = (number_of_fishy_protocols / total_allowed_ports) * 100 number_of_fishy_protocols is how many plaintext protocols they are allowing to exit to, in the script this is only set to FTP, HTTP, and POP3, (23, 80, 110). The script is in ruby and can be run like so: $ ruby findtherot.rb Some of the results are false positives as they are exit enclaves, but you should be able to fine tune it to your best of needs. Here is a run of it on the current list of descriptors: --- BEGIN RUN --- Finished reading file - There is some rotten in Denmark! - Fingerprint: 18D3E7B7EAD5C3487B6AE158D949D719F0346F9F Nickname: g0blin Contact: tor-e...@g0blin.co.uk Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 78.46.112.248:* * accept *:80 * reject *:* - There is some rotten in Denmark! - Fingerprint: 7A4E1E0E0448DDD0ED14A9DDF0680AB0C643CDE3 Nickname: Unnamed Contact: Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 91.215.109.195:* * accept *:80 * reject *:* - There is some rotten in Denmark! - Fingerprint: 3CA16AC8D03F7691DB7FB3496A44A4BCD4AB17B5 Nickname: Unnamed Contact: Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 220.233.93.31:* * accept *:80 * reject *:* - There is some rotten in Denmark! - Fingerprint: 5B529E24CC63C9BEB910C22BCB2789AE5C69D9D9 Nickname: PrivacyRepublic11 Contact: Privacy Republic < tor-nodes��AT privacyrepublic do torg > Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 5.135.54.11:* * accept *:80 * accept *:110 * reject *:* - There is some rotten in Denmark! - Fingerprint: 70B5EB8EAC13FD914E6CA1E80691025BCAA2E9D8 Nickname: PrivacyRepublic01 Contact: Privacy Republic < tor-nodes��AT privacyrepublic dotorg > Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 94.23.73.182:* * accept *:80 * accept *:110 * reject *:* - There is some rotten in Denmark! - Fingerprint: 716E6F8D18D9D9BE260C69BA7A772E634C895B93 Nickname: Unnamed Contact: Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 78.30.241.238:* * accept *:80 * reject *:* - There is some rotten in Denmark! - Fingerprint: 613E352EAABBB449B2D5E4C0A634D801854C2759 Nickname: Unnamed Contact: Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 58.8.240.111:* * accept *:80 * reject *:* - There is some rotten in Denmark! - Fingerprint: 8B97603E4991ADB5A97DEFFD52CDD9ECDD4AF885 Nickname: bolobolo1 Contact: Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 79.112.33.40:* * accept *:80 * reject *:* - There is some rotten in Denmark! - Fingerprint: 7C390BF3E0A1755BC57E23774CF16C9889399360 Nickname: Unnamed Contact: Exit Policy: * reject 0.0.0.0/8:* * reject 169.254.0.0/16:* * reject 127.0.0.0/8:* * reject 192.168.0.0/16:* * reject 10.0.0.0/8:* * reject 172.16.0.0/12:* * reject 142.166.216.56:* * accept *:80 * reject *:* - There is some rotten in Denmark! - Fingerprint: 1D790438D572968C6D94AA8EC1A89E5C0AA3B27A Nickname: PrivacyRepublic02 Contact: Pr
