There are often silly filters and SSH WARNING OMG type of things people
do individually that are generally moot. That was probably the context.
No time to cover various scenarios therein.
Here, we're considering aggregating the entire network as one to see about
what may be going on as a whole. Be
Sorry for the spam. One more link to a tuning guide that I have found useful:
https://access.redhat.com/sites/default/files/attachments/20150325_network_performance_tuning.pdf
On Sat, Nov 25, 2017 at 10:04 PM, Igor Mitrofanov
wrote:
> After reading every paper and post on sysctl.conf and iptable
After reading every paper and post on sysctl.conf and iptables tuning
I could find, and reading some kernel code, I have come to a
conclusion that, while there are a few settings to tune (can share
mine, but your mileage *will* vary), most of the defaults are actually
not broken in the latest kerne
Do not enable net.ipv4.tcp_tw_recycle:
https://vincent.bernat.im/en/blog/2014-tcp-time-wait-state-linux#netipv4tcp_tw_recycle
For ip_local_port_range, make one number even and the other one odd
(i.e. 1024 and 65535). Not sure if this is still required, but won't
hurt to include port 1024.
Conside
grarpamp wrote:
> On Fri, Nov 24, 2017 at 6:23 PM, wrote:
> > Was anyone else's exit being synflooded yesterday and today?
>
> There could be a combined monitoring array deployed
> among all nodes that might start to answer these questions.
> And further alert on all sorts of interesting networ
>Well, it's still going on, and is pretty much ruining Libero :( . Running
>CentOS 6, here.
>
>When it's happening it can look like this:
>
># netstat -n | grep -c SYN
>17696
I run a fast exit and can offer some advice:
1) mitigate bug #18580 (also #21394); is a DNS denial-of-service and
could
Hi,
> Arisbe:>> I looked up my relays and bridges on Atlas using their nickname,
> IP>>
address or fingerprint. I bookmarked these look-ups so that I could>>
easily access the Atlas data for my nodes going forward.
No URLs have changed (planning to change them in the near future but
nothing chan
> On 26 Nov 2017, at 07:14, grarpamp wrote:
>
> The subject of this new thread is detecting network
> attack upon tor network / relays itself.
Nick Mathewson has mentioned wanting to do this for Tor protocol
violations. But we need a privacy-preserving aggregation scheme in
Tor so we can do the
Arisbe:
> I looked up my relays and bridges on Atlas using their nickname, IP
> address or fingerprint. I bookmarked these look-ups so that I could
> easily access the Atlas data for my nodes going forward.
>
> I took the same tack with Tor|Metrics: I navigated
> Home>>Services>>Relay Search>>
The subject of this new thread is detecting network
attack upon tor network / relays itself.
You report is users using tor's exits / exit traffic
from relays, which would be excluded from such
monitoring, most absolutely in any identifiable manner.
If the exit traffic bothers you, exitpolicy reje
I went and added a reject for exit to port and HUPed the process.
Maybe this is the fix! :)
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
Well, it's still going on, and is pretty much ruining Libero :( .
Running CentOS 6, here.
Actually, I think from what I'm seeing that it may not exactly be a
synflood targeting Libero. I think Libero may be being (ab)used to do
massive portscanning or similar.
Image should be visible below -
On Fri, Nov 24, 2017 at 6:23 PM, wrote:
> Was anyone else's exit being synflooded yesterday and today?
There could be a combined monitoring array deployed
among all nodes that might start to answer these questions.
And further alert on all sorts of interesting network attacks
launched at Tor. So
>> The trouble now
>> is too many are sites apply blanket bans on Tor exits.
> Starting with tor 0.3.0.x if your exit relay has multiple public IP
> addresses you can use one of them for exiting only without the need of
> an additional VPN (which degrades performance)
Depending on setup, shufflin
syncookies and -m connlimit limiting /24 always worked for me. some
players with access to /24 can be pretty annoying sometimes.
x9p
> Was anyone else's exit being synflooded yesterday and today? I put
> some iptables code in to help, it might have mitigated it.
>
> I'm pretty sure our exit "Lib
Dr Gerard Bulger:
> Direct Exit to a different IP.
>
> I naively thought that the proxy lines in torrc could to that via an
> https proxy. Alas that's not what that line is for!
>
> I got an impression from earlier chats a while ago that exiting to a
> non-advertised IP was regarded as simply
Direct Exit to a different IP.
I naively thought that the proxy lines in torrc could to that via an https
proxy. Alas that's not what that line is for!
I got an impression from earlier chats a while ago that exiting to a
non-advertised IP was regarded as simply not cricket, in that the interne
Hi,
I want to tell that the issue is no longer exists. I can now visit ebay,
ikea, ect. without a problem.
It was like grarpamp said, there was a bunch of malicious software on
one of my Computers. Very shameful, there was no virus detection installed.
Therefore my tor relay was not the pro
Same happened to me. ISP sent me 2 messages in 10 minutes about outgoing
8Kpps/4Mbps flood and then quickly frozen my VPS.
2017-11-25 2:02 GMT+02:00 Paul Templeton :
> Happening to middles as well - I get black hold all the time - ISP has
> auto rules.
>
> Paul
>
> - Original Message -
>
I looked up my relays and bridges on Atlas using their nickname, IP
address or fingerprint. I bookmarked these look-ups so that I could
easily access the Atlas data for my nodes going forward.
I took the same tack with Tor|Metrics: I navigated
Home>>Services>>Relay Search>>(node ID)
This r
On 25 Nov 2017, at 17:36, Arisbe wrote:
In the immediate past I monitored both my relays and my bridges through atlas. So, now with Tor Metrics, I don't see my bridges. Am I doing something wrong or are they not in the data base?
How do you search for your relays and bridges?
T
21 matches
Mail list logo
