On Wed, Jun 18, 2014 at 9:34 PM, Zack Weinberg wrote:
> If the process listening on port 80 is the Tor process, then any
> vulnerability in the HTTP service it presents to port 80 can be
> exploited for a direct attack on the relay itself. If port 80 service
> is provided by a separate program (e
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
On 06/17/2014 02:09 PM, Zack Weinberg wrote:
> Tor relays get pounded on by the script kiddies -- a degree of
> hardening is appropriate. I don't know if there are any stock
> Puppet "tighten security" modules but these are the things that I
> rem
On Wed, Jun 18, 2014 at 1:49 PM, Alexander Fortin
wrote:
> On 18. Juni 2014 at 16:26:38, Zack Weinberg (za...@cmu.edu) wrote:
>> Best practice as I understand it is that you should have an exit
>> notice on all exit relays. What I'm not sure of is whether "DirPort
>> 80 + DirPortFrontPage" is the
On 17. Juni 2014 at 23:56:43, Zack Weinberg (za...@cmu.edu) wrote:
> Tor relays get pounded on by the script kiddies -- a degree of
> hardening is appropriate
I was thinking a little more about this point, and I’m wondering how running a
Tor relay is increasing the likeliness of being hit by sc
On 18. Juni 2014 at 19:49:26, Alexander Fortin (alexander.for...@gmail.com)
wrote:
> > Yes, makes sense, and should not be too complex to implement,
> I’ll try to add this and get back here for some review. Thanks for
> the feedback
https://github.com/shaftoe/puppet-tor/tree/fixes#exit-relays
On 18. Juni 2014 at 16:26:38, Zack Weinberg (za...@cmu.edu) wrote:
> Best practice as I understand it is that you should have an exit
> notice on all exit relays. What I'm not sure of is whether "DirPort
> 80 + DirPortFrontPage" is the recommended way to accomplish that. The
> CMU Tor exit uses a s
On Wed, Jun 18, 2014 at 3:01 AM, Alexander Fortin
wrote:
> On 17. Juni 2014 at 23:56:43, Zack Weinberg (za...@cmu.edu) wrote:
>> It would be nice if exit-relay mode enabled an HTTP "exit notice" as
>> described at
>> https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment.
>
>
On 17. Juni 2014 at 23:56:43, Zack Weinberg (za...@cmu.edu) wrote:
> Why do you disable directory mirroring? It's my understanding that
> this should basically always be on.
Not sure why, I think at the beginning I wanted to use the ‘minimal’ config,
and I didn’t even now about directory services
THANK YOU
That is clear and consise and well needed.
Robert
___
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
On Sun, Jun 15, 2014 at 7:31 AM, Alexander Fortin
wrote:
>
> I’ve recently joined the Tor Project and I have been running a non exit relay
> for a few days.
>
> I’m also a Puppet user and, more in general, I try to make deploying
> applications
> on the servers I administer as easy as possibile,
On 06/17/2014 02:49 AM, Alex Jordan wrote:
>> In my dream
>> world, it would not only support Debian: Right now, most of the Tor
>> network runs on Debian, which is not ideal. We need more *BSD and
>> Solaris! And FreeDOS! :)
> Why is this not ideal? I'm not following.
> Also, do you mean Debian or
On 16. Juni 2014 at 08:56:20, Alexander Fortin (alexander.for...@gmail.com)
wrote:
> On Mon, Jun 16, 2014 at 4:40 AM, Moritz Bartl wrote:
> > You should never rely on short key IDs for anything. They can be forged
> > within minutes. When you look at
> > https://www.torproject.org/docs/debian.html
On Sunday, June 15, 2014, Moritz Bartl wrote:
>
> Personally, I think it would be great to not only have puppet modules
> spread out somewhere across the Internet, but a full-fledged
> guide/wizard that makes it easy for people to locally configure relays
> without knowing anything about Tor confi
On Mon, Jun 16, 2014 at 4:40 AM, Moritz Bartl wrote:
> Thank you for this. I've come across several Puppet and Ansible recipes
> for Tor over time, but sadly have not found time to properly review or
> even use them for our own servers yet.
Thank you for the feedback. I'm new in the Tor land but
Hi Alexander,
On 06/15/2014 01:31 PM, Alexander Fortin wrote:
> This is the work-in-progress version of the module I’m currently using to
> manage my relay:
> https://github.com/shaftoe/puppet-tor/tree/fixes
Thank you for this. I've come across several Puppet and Ansible recipes
for Tor over tim
On 15. Juni 2014 at 15:56:29, Philipp Borgers (borg...@mi.fu-berlin.de) wrote:
> Did you take a look at the existing projects?
>
> https://github.com/search?q=tor+puppet
>
> Maybe you should merge your project with one of the existing ones?
Yeah, but it’s usually easier said then done. I had a
Hi
We are not using puppet but a selfmade script.
On 2014-06-15 17:22, Nusenu wrote:
>> Did you take a look at the existing projects?
>>
>> https://github.com/search?q=tor+puppet
>>
>> Maybe you should merge your project with one of the existing ones?
> Is anyone at torservers & partners or anyon
> I’ll try now to understand what’s involved in having multiple
> instances running on the same node, but I guess there’s the need for
> a radical different approach (i.e. not following
> https://www.torproject.org/docs/debian.html.en#ubuntu as I did for
> building the module in the first place)
> Did you take a look at the existing projects?
>
> https://github.com/search?q=tor+puppet
>
> Maybe you should merge your project with one of the existing ones?
Is anyone at torservers & partners or anyone else using puppet to
manage multiple relays and could share their experience?
https://w
Did you take a look at the existing projects?
https://github.com/search?q=tor+puppet
Maybe you should merge your project with one of the existing ones?
Some things I would do/change:
* add a license ohterwise we can't contribute
* colorize the examples in the readme (```puppet)
* add a modulefi
On 15. Juni 2014 at 14:41:24, Nusenu
(bm-2d8wmevggvy76je1wxnpfo8srpzt5yg...@bitmessage.ch) wrote:
> Hi Alexander,
>
> thanks for starting this.
>
> bigger relay operators running multiple servers with many nodes will
> probably like this (just saying 'MyFamily' updates ;)
Sorry, still quite n
Hi Alexander,
thanks for starting this.
bigger relay operators running multiple servers with many nodes will
probably like this (just saying 'MyFamily' updates ;)
Which brings me to my first question:
Does the module support running multiple tor instances on a single
server?
This is something t
Hi folks,
I’ve recently joined the Tor Project and I have been running a non exit relay
for a few days.
I’m also a Puppet user and, more in general, I try to make deploying
applications on the servers I administer as easy as possibile, Tor included.
I think Tor documentation to install on a De
23 matches
Mail list logo
