logs archiveIRC Archive / Oftc / #tor / 2010 / April / 29 / 1
bubbles|
how do i configure the port polipo listens on?
darrob
bubbles|: in polipo's config file
bubbles|
yes, buti can't find the line for the port in there
or is it "allowedports" ?
http://www.pps.jussieu.fr/~jch/software/polipo/manual/Allowed-ports.html#Allowed-ports
darrob
then you can add it. btw, if you're using polipo with tor i suggest you go get the polipo config provided (in the wiki i think).
it's "proxyPort"
bubbles|
what wiki?
ok, everything runs fast again now using polipo :D
are there any downsides to using polipo?
dandon
bubbles|: what was your problem?
bubbles|
i was using tor directly in firefox (with socks) and it was unbearably slow
BarkerJr
if I restart my relay every few days, will that help it become a guard faster?
Sebastian_
that should hurt it.
         

BarkerJr
ok, then I think the fastest way to become a guard will be to change its fingerprint
I need to get it to guard status to get its cpu usage down
Sebastian_
hm
maybe try restarting it once
maybe we have a regression
nsa
or: arma committed revision 22251 (/website/trunk/en): bump nathan up on the people page
dr|z3d
http://planete.inria.fr/bluebear
(the vulnerability of bittorrent)
(With specific reference to Tor)
BarkerJr
good, maybe torrent users will leave :P
arma
right.
we should probably update whatever docs people wrote on the wiki that suggested using tor for tracker connections
my suggestions were always "stop doing any of that", but other people had other suggestions. turns out they were poor suggestions.
dr|z3d
Indeed. Now seems a germane time to recommend people really, really don't use Tor for bittorrent. :)
BarkerJr
right, it's as bad as using tor for google
arma
worse. using tor for google isn't so bad, really.
as long as you keep your cookies separate
BarkerJr
"Any tor user foolish enough to use google, even through tor, simply deserves whatever abuse or obstacles he/she runs into."
arma
i don't buy that at all
(well, ok, maybe a bit, but mostly not)
dandon
is this a quote?
blackpaw
What's wrong with using Tor and google?
phobos
maybe nothing, maybe everything
that quote is from tor-relays
blackpaw
Is Tor security tested on a regular basis?
misc
what do you call "security tested" ?
phobos
define security tested
r2wj
haha
phobos
lots of people fuzz the binaries and try to break the core design of tor
dandon
phobos: tor-relays?
did you guys already read those .fr papers
         

misc
i quickly read it, but it focused mostly on bittorrent protocol
dandon
yeah well they are talking about dht and ports and how you can correlate it..
phobos
there is a paper published somewhere about how bittorrent tor users are fairly easy to identify their actual ip by doing some bittorrent manipulation
blackpaw
Fuzzing, staring at the source code, sending miscofigured packets, bribe relay operators with donuts
misc
blackpaw: why bribes relays operators when you can simply become one
phobos
because if you bribe enough of them you can collude to watch an entire circuit
or just fire up 2000 relays as a mix of non-exit and exit nodes and win
misc
i think hosting provider are cheaper than the number of donuts needed to satisfy my stomach in order to bribe me, that's why no one ever offered me anything
blackpaw
Wow, you must require a lot of donuts.
phobos
http://arxiv.org/abs/1004.1267v1 that's the paper i was thinking of about deanonymizing bittorrent-tor users
nsa
or: arma committed revision 22252 (/website/trunk/en): we sure could use some designs for defenses too
or: arma committed revision 22253 (/website/trunk/en): lots of people have been asking for this paper location. link it
or: from another place too.
DC13
can some one help me set up Tor i keep getting "no valid UPnP internet gateway device found
"
arma
what are you trying to do?
DC13
set up a relay
arma
great. what OS? are you behind a firewall of some sort?
DC13
win7 and sadly att router and nod32 firewall
arma
what is a nod32 firewall?
DC13
eset smart security
arma
"eset"?
DC13
arma
ok. is there a linksys router or something in there too? or is your computer attached directly to your att modem?
DC13
the att is a router/modem
arma
ok. you have potentially two things you need to do. first is to allow incoming connections to the port you chose in vidalia, in your eset software firewall
DC13
ok
arma
you may also have some other sort of firewall in your windows that tries to prevent you from running programs or from listening for incoming connections or other stuff. recent windowses try to make it harder for you to do things.
DC13
windows firewall is disabled
arma
the second is that you may need to configure your att router to do port forwarding. does it show up on http://portforward.com/ ?
i say 'may' because i don't know whether your att router is just connecting your computer to the internet, or if it's filtering incoming connections by default
i would suggest to unclick the "try upnp" button in vidalia, since your router doesn't seem to support it,
and then try to allow incoming connections in your software firewall, and see if vidalia likes it. meaning, see if the log messages in vidalia say that your tor found itself reachable.
if so, you're a winner. if not, you'll need to work on the at&t router part of the equation.
man, i wish port forwarding were easier.
Tas
maybe with IPv6
dr|z3d
If port forwarding were easier, the bad guys would have figured out ways to fu*k us even harder by now. :)
DC13
back now i have no pc firewall and trying to port forward on the router
arma
great
what sort of router is it?
DC13
2Wire, Inc.
model 3800HGB-B
arma
there it is on portforward.com
DC13
i have port 9030 and 443 TCP and UDP all forwarded
arma
great
dr|z3d
Hang on. No need for UDP forwarding at all.
DC13
still says no valid UPnP-enabled internet gateway devices found
arma
(true, you can simplify by leaving udp out)
right. your router doesn't support upnp. that's fine. vidalia tries upnp just in case it's on.
you can unclick the checkbox in vidalia if you want the complaint to go away
the checkbox is called "attempt to automatically configure port forwarding"
DC13
ok
done
arma
ok. so your router is forwarding the port, and your software firewall is off, and you have vidalia configured to make tor a relay. check your 'message window' in vidalia to see what tor is saying.
DC13
basic says tor software is running
arma
and advanced?
should say something like "Now checking whether ORPort .. is reachable"
zowie. you have debug-level logs on. you will miss the interesting stuff.
you should change your logs to just notice and warn and err
DC13
done
arma
ok. simplest is to stop your tor and start it again, so you can see the log messages better this time
(easy to do from vidalia's control panel)
Tryst
speaking of logs in my exit node i just uncommented the part about notice logs. will the warn included besides the usual notices?
arma
tryst: i don't understand the question
dr|z3d
He wants to know what the nature of warn level logs is, arma.
Oh. notice level logs.
(Action) imbibes more caffeine.
Tryst
that's it.lol thanks for clarifying it for me.
dr|z3d
"what sort of info can I expect to see in notice level logs?"
(Action) smiles.
arma
in general, you should listen to notice, warn, and err
if you listen only to warn and err, some of the things you hear may not make sense, because they were supposed to go with a notice log
generally notice is pretty quiet
Tryst
so you mean just uncommenting Log notice file /log/tor/notices.log will just give me the usual stuff general infos? without the warn and err?
arma
dc13: i'm afraid you're now in the position where you think you've set everything up correctly, but there's something you didn't actually configure correctly. that could be some other program your computer is running that tries to keep you safe without telling you about itself. or it could be some problem with forwarding on the router..
dc13: oh ho! i just connected to you.
DC13
o i just restarted it
arma
which 'it'?
DC13
vidalia
arma
ok
your message window should have some good news for you
DC13
sweet it says relay is on
arma
woo
DC13
thank you
dr|z3d
Congratulations all round!
arma
have you set an exit policy?
DC13
it will run 24/7
this is my seed box
and my web site server
i have then all checked
just to piss my isp off more
is there a way to see me in the network map? to know if im on or if people are connected to me
Tryst
seed and tor? for sure your isp will really get pissed off. throttling here they come.
arma
in a few hours, you will show up on websites like http://trunk.torstatus.kgprog.com/index.php
you may also like reading https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment
DC13
tryst i do alittle over 4TB up and about 1TB down each month still havent seen a email yet so i guess im doing something right.
Tryst
thats good.me im more worried about throttling than those email warnings :(
dr|z3d
DC13: google for atagar + arm and grab that script.. gives you a good dashboard for your relay's activity.
Tryst
do that atagar and arm have debs?
dr|z3d
It's a python script, so, no.
dc1333
so far att has been good to me but i pay them 328 a month
dr|z3d
Tryst: It's just arm.. atagar is the author.
arma
dr|z3d: i don't think arm is very happy on windows
i mean, it could be made to be happy. but you'd need to do more contortions to set a tor control password, tell arm, tell vidalia, etc
dr|z3d
Ah, Windows.. well, Tryst might make use of it, DC13, possibly not.
That said, someone willing to run arm on Windows and document the process of getting it to work might be helpful.. :)
arma
if you have vidalia, you don't need arm so much
dr|z3d
I've not used arm, but doesn't it offer useful stats on bandwidth and data transfer absent from Vidalia?
arma
vidalia's bandwidth graph does those
Tryst
whats tis Safelogging do?
dr|z3d
Ah, true. I'd forgotten all about the bandwidth graph.
arma
probably not quite as well.. somebody should fix that :)
dr|z3d
Safelogging ensures you don't leak destinations in your logs.
Where you see "scrubbed" in your logs, that's safelogging.
Tryst
ah ok. so its better to keep it to 1?
arma
yes
Tryst
going back to notices just having notices.log is enough? i will get those warn and err with it already? or i have to do something else to have those warn and err?
nsa
or: arma committed revision 22254 (/projects/articles): mention the 'index on censorship' thing
arma
tryst: depends on your log line
dr|z3d
Tryst: Notice, Info, Warn.. those 3 cover most use cases. Just _don't_ enable debugging!
Tryst
ah so i have to add that line for Warn?
arma
tryst: it's quite likely that the line you have now gives you notice, warn, and err.
dr|z3d
Info is quite verbose.. you may wish to not see those log entries.
arma
there's no need to do info unless you're actually trying to debug tor or help us debug it
Tryst
oh so arma i don't have to have additional line like #Log warn file /var/log/tor/warn.log?
arma
tryst: nope.
Tryst
ok
dr|z3d
"choosing a doomed exit at random" *chuckle*
Tryst
i read in the docs that choosing specific entry/exit nodes is not advisable. not adviasable in a sense that it could compromise anonymty?
arma
tryst: yes.
AstralStorm
actually, not
because it makes the path longer
the only problem is that you're becoming vulnerable to a slow and expensive partitioning attack
as long as you don't use that exit for everything, security should be fine
info log level can compromise security if you don't axe the logs
(assuming someone gets them)
Tryst
how do install this arm?
arma
read its readme?
dandon
exit
Tryst
not so familiar with this things :( how do i call and run? im using debian? is there any debs for this?
Runa
Tryst: no debs yet
Tryst
oh.so theres no way i can install this?
by the way thanks Runa for helpingme this last several days if not weeks :)
Runa
Tryst: it is a python script, so (using the terminal) you can run it by typing 'python foo.py', where foo.py is the name of the script in the directory.
Tryst
meaning just upload this and just call it? that's it?
Runa
should be, yeah. I haven't tested it myself, though.
Tryst
vhant tested it in debian or in general?
Runa
at all :)
Tryst
foo.py? cant find it in svn
Runa
Tryst: download arm from http://www.atagar.com/arm/, extract with 'tar jxvf arm-r21062d.tar.bz2'
Tryst: you should then have a directory named 'arm', where you have 'arm.py'. You can then run it by typing 'python arm.py'
Tryst: also, read the README :)
arma
Tryst
i cant find that arm-r21062d.tar.bz2
Tas
the white arrow down in the blue circle is a link to it
« prev 1 2 3 next »