On 08/07/2017 10:53 PM, Dennis Emory Hannon wrote:
> No attitude or hurt feelings. What’s different from my servers compared
> to others? Probably nothing at all….this is just a hobby of mine. One
> would think if I wanted to collect information I would just run an exit
> node myself since I have t
On 10/22/2016 08:02 PM, Tristan wrote:
> Would it be acceptable to configure unattended-upgrades to automatically
> reboot the system when required? I already have it configured to check
> for and install all updates to Ubuntu and Tor once a day, but I still
> need to manually reboot to apply kerne
On 10/21/2016 06:23 PM, Tristan wrote:
> And?
>
> Honestly, the way people create names and websites for these things,
> you'd think it's a fund-raiser for something, not a critical security bug.
Tristan, they know this. They are even good-natured enough to make fun
of it themselves. From http://
On 10/17/2016 12:34 PM, Hoshpak wrote:
>> # chattr +i /etc/resolv.conf
>>
>> Exact it works fine :)
>
> Please only do this if your are sure your server is not running in a
> Virtuozzo/OpenVZ container environment. On Virtuozzo, the startup
> procedure includes scripts that rewrite resolv.conf and
On 10/16/2016 04:54 PM, Petrusko wrote:
> Thx for this share.
>
> But I'm not sure how Unbound is "speaking" with the roots DNS servers...
> Somewhere I've read that DNS queries can be forwarded by a "man in the
> middle", and the server operator can't be sure about this :s
> An ISP is able to do
ut into mission-critical roles, so they may
have a possibility of standing up to the job. If not, a low-end old
laptop will have AES acceleration. Something to consider.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
You can add Pulse Servers to the list. I think they are happy as long as
you don't use an excessive amount of bandwidth per month. A rough
estimate of the maximum is 10 TB per month per tier, but less is better.
--
Jesse V
signature.asc
Description: OpenPGP digital sign
querying DNS root servers is slow.
https://www.dnscrypt.org/ can also be useful for preventing interception.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://li
On 03/18/2016 02:02 PM, Dhalgren Tor wrote:
> This issue is a PIA and if it continues I'll give up on 'unbound' and
> follow the previous operator, switching to bind9 despite the lesser
> performance.
Could you try switching to a different upstream DNS provider?
--
an meet your criteria. They give you a Xeon-class
CPU and a 1 Gbits link, but there's a clause about reasonable use, so
typically it's best to keep it under 100 Mbits unless you buy a higher
tier. Servers are in CA and UK. I don't remember what container they use
though.
--
Jes
e DNS entry, and you
eliminate a significant amount of spam and attacks by using a reduced
exit policy, especially if you get rid of the standard ports for SSH and
Telnet traffic. A custom landing page doesn't hurt either; mine looks
like this: http://198.50.200.131/
--
Jess
issue like this, you probably need to try to talk to someone
above the average tech support responder, since they are trained to how
to diagnose and repair common issues, and "Netflix is blocking non-exit
Tor relays" certainly isn't high on that list.
--
Jes
g us know. I guess I heard incorrectly.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
was messing with packet
forwarding on a personal machine and had duplicated packets (which
manifested itself as log warnings, double ping replies, and slow
performance) until I fixed my iptables rules.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
__
obe.torproject.org. The choice
of Atlas or Globe is a personal preference. I prefer Globe, but both are
far better than torstatus.blutmagie.de
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lis
On 01/22/2016 05:59 PM, Roots Babilonia wrote:
> Please send me bridges
>
This is not the place to ask for bridges.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
bly even one they wrote themselves. It just makes the
whole network more friendly for the rest of the Internet.
It's "Tor", not "TOR".
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
to
On 01/10/2016 09:00 AM, Peter Garner wrote:
> I just download the source code and do a build. It takes a while but at least
> you can grab a coffee!
It's generally a better idea to use software repositories, primarily
because it's easier to stay up-to-date.
--
Jesse V
filesystem standards, near as I can tell. See
https://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproj
roject.org/#/relay/C1B80BA2D97C33851DE08FD061F531A129705988
It will be a few days before it sees more traffic, since it's a very new
relay at this point.
With a speed like that, you might consider switching to an obfs4 bridge
rather than a relay. You'll probably contribute more to the ne
//blog.torproject.org/blog/facebook-hidden-services-and-https-certs
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
aintained, so you may want to examine forks,
but I've had success with Shallot as it is.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 12/30/2015 08:24 AM, OM Healing wrote:
> Me too fuck, I can't get off this thing either.
> Please!!!
Use https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
You can always unsubscribe yourself, same as most other mailing lists.
--
Jesse V
signature.asc
Descripti
t-of-band method, so in that case you
don't need an SSL cert. This can sometimes be superior to trusting the
centralized CA model, but I agree that the points you've listed are
useful applications as well.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
s have added an
HTTPS cert but I think that's mostly for a publicity stunt than anything
else.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
ng up a fallback nameserver for redundancy as you
pointed out.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On 12/20/2015 04:11 PM, Jesse V wrote:
> On 12/20/2015 03:47 PM, Green Dream wrote:
>>> Weasel and velope on #tor-project suggested that I remove DNSCrypt
>>> entirely and let Unbound be a recursive resolver against the root DNS
>>> servers, which I have now don
red this?
Certainly. My configuration files are here:
https://gist.github.com/Jesse-V/66fe794bf1b9e4ccf852 Unbound does most
of the hard work already and by default queries authoritative DNS
servers. My configuration is based on the manpage, Fedora's default
Unbound configuration, and the optimiz
e and DNSSEC. Although
DNSSEC doesn't provide confidentiality for DNS queries, it does provide
authentication and integrity checks. Unbound with a large cache and
DNSSEC re-enabled is probably superior to Unbound+DNSCrypt without
DNSSEC. The point still stands though; you can secure and optimize
he clearnet somewhere. It's probably not a good
idea to build infinite loops through the Tor network.
--
Jesse V
signature.asc
Description: OpenPGP digital signature
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproj
://github.com/jedisct1/dnscrypt-proxy#installation may be helpful here.
3) I modified Unbound's configuration per the instructions in
https://www.dnscrypt.org/#dnscrypt-proxy. For the sake of convenience,
you can find my configuration here:
https://gist.github.com/Jesse-V/675b7ec87eca864887e6 I t
da
and the UK and have really low prices on VPSs, which I'm trying to
understand. I've been trying to learn more but I think they have a
pretty small setup (apparently the owner does tech support) and
documentation is limited.
Does anyone have any experience or opinions on them?
--
Jess
32 matches
Mail list logo
