logs archiveIRC Archive / Oftc / #tor / 2010 / May / 11 / 1
krytzz
hi, i set up a tor relay on a new server and set orport 9001 etc, running for a few days now, but it has no active connections, its a dedicated server, does anybody have a hint how to debug this?
i also tested with nc that the orport is reachable
mfo
krytzz: what version?
and openssl and os
krytzz
ah already got it... sorry, was an iptables issue :x
mfo
ok
I had an openssl issue before
krytzz
ah ok
now it works, another relay yay
BarkerJr
:)
Kal
Wow, is it just me or ISPs in China and HK are breaking Tor by using distorting/anonymous proxy for SSL connections?
JC_Yang
what's the matter? tremendous amount access to some nodes?
mikeperry
what's a distorting anonymous proxy?
         

dr|z3d
Presumably he means an invisible proxy expressly for ssl connections?
I guess he's suggesting the Chinese are doing some mitm attacks.
Kal
The Tor network isn't getting my correct WAN IP address.
phobos
even if you set it in torrc manually?
Kal
(for testing relay reachability)
phobos
some ISPs have async routing
which screws up reachability testing
Kal
awww
keb
Kal do you have a static ip address
Kal
keb: no
meh, I solved the problem using dynamic dns
keb
what if you use a dynamic dns thing
:)
Kal
Sometimes, I feel the urge to mail thousands upon thousands of letters with the words "Resistance is Futile" to the department of the Chinese government responsible for information control.
phobos
I think you'll find a person at your door inviting you to tea as a response.
keb
i heard most of the spam in the world is sent from chinese servers
Kal
keb: I wouldn't be surprised.
keb
if they can't stop that, how is their firewall working so dang well lol
phobos
I think most of it comes from the US actually
via botnets
http://en.wikipedia.org/wiki/Spam_%28electronic%29
i lied, brazil, US, india, south korea are top 4
china is #7
keb
oic
Kal
It will probably depends on the way the statistics are built.
do they only count internation spam? or inland spam as well?
phobos
no idea, but i s'pose we should get back on topic
dr|z3d
Yeah. *chuckle*
Naughty, naughty boys. :P
keb
i over a year of running a tor relay i have gotten 2 complaints about it being used for spam
*in
and a single email was mentioned in each
         

Kal
keb: are you running as an exit node?
keb
yeah
phobos
this 100tb.com place does have some cheap bandwidth
i wonder how tolerant they'd be of another blutmagie
keb
and good conditions if that fellow suggesting sponsored relays is right
Kal
oh, those prices are per month, lol.
Sebastian
400/month for a 1Gb link... hm.
phobos
200/mo for 100tb transit
keb
well i could get 1Gb speed for $100/month but cant afford the transfer that would generate
yeah
Sebastian
I mean unmetered 1Gb link
keb
nice
phobos
ugh, but those OS choices...
Sebastian
100tb transit isn't that much when you have a 1Gb pipe
keb
i'd settle for 100 for 0.25Gb
phobos
just set accountingmax 100tb
I wonder what this person will do if the FSB offers $1000/mo for 3 servers
dr|z3d
Where did the FSB enter the equation, phobos?
(Action) chuckles.
You're pulling out the conspiracy stops this evening!
phobos
just thinking of a random govt agency that would make people think twice
also could have said MSS, CIA
dr|z3d
Mossad would have been most apt :)
keb
why not the govt of china
phobos
mss is ministry of state security in china
keb
oic
well intelligence-related procurement is usually done through a front company anyway
phobos
FluffyBunny, Inc
keb
nobody would suspect
phobos
who doesn't like fluffy bunnies?
dr|z3d
Glen Close..
(Action) winks.
krit
google never seems to load from tor exits
dr|z3d
https://ssl.scroogle.org
krit
looking
i think it would be a good idea to remove tor exit nodes list
why should the list be maintained ?
dr|z3d
That's how it works.
krit
i know
keb
anyone wanting it can just run a node to get it
krit
how do some identify that its a tor exit node ?
if we have a list, then its more easier for them to block
if there is no list, then harder
dr|z3d
Which is exactly the point.
We're not in the business of making it difficult. We're in the business of making it trivial, and transparent. :)
Google for Tor DNSEL for further info.
krit
ok
why isn't one of the goals to promote privacy ? and to make it difficult for those that might violate it ?
dr|z3d
The whole system is predicated on knowing the nodes.
Feel free to draft and submit a proposal if you think you have a better idea :)
krit
"the whole system" predicated ?
i mean its ok for someone running tor, but why publish the list on a website - is it ?
dr|z3d
Can we help you with a support issue? If not, please take this to #nottor.
krit
ok
i posted this earlier, the strict exitnodes doesn't work and I have seen a bug submitted for exclude nodes not working, but not exactly for stric exitnodes
is this a known issue
keb
if its a bug then it is
dr|z3d
Do you see any error in the logs?
Is your geoip db working?
Give us a bit more info.. you're not supplying much.
krit
yes
i can use it fine
but except it goes to different exit node
dr|z3d
Logs??
krit
sorry, was looking for log, but did not find anything specific
can you suggest what to look for ?
dr|z3d
And what version?
krit
it just opens up routes regardless of the exit node often
i mean right now always
dr|z3d
stable or dev?
krit
used to work before
let me check
its stable only
0.2.1.25 tor, 0.0.14 vidalia
dr|z3d
Not sure StrictNodes is supported on stable. Perhaps try dev?
You might try stopping/starting Tor first and seeing if you don't get an error message to that effect.
It'll appear right after startup.
krit
ok
it is StrictExitNodes
you mean that not StrictNodes correct ?
dr|z3d
I believe the syntax changed.
krit
oh
with 0.2.1.25 ?
dr|z3d
StrictNodes is what it is for dev builds, at least.
krit
ok
dr|z3d
If the syntax is wrong, logs will say.
krit
i see this in the log, but i also see that it did open an route with that exit node
May 10 17:47:20.578 [Warning] No specified exit routers seem to be running, and StrictExitNodes is set: can't choose an exit.
May 10 17:47:20.593 [Warning] failed to choose an exit server
i am going to try again
dr|z3d
hang on.
what exit nodes are you specifying?
krit
some randomly chosen ones from the list in vidalia
dr|z3d
Ah.
Well..
Not all nodes listed in Vidalia are exit nodes..
krit
ok
it worked for th same before
so it is a valid exit node
dr|z3d
Maybe all the nodes you've specified _are_ down.
krit
if the name appears on the list, doe sit mean the node is up and running ?
dr|z3d
Sure, it should do. Are you seeing flags in Vidalia?
and how are you specifying those nodes? by name or fingerprint?
krit
name
dunno what is fingerprint
dr|z3d
names are not unique, fingerprints are.
krit
oh ok
if the name is unique in the list, i guess iti s ?
dr|z3d
select a node in the node list sub-panel..
krit
thats what i did
dr|z3d
then right click on it, copy -> fingerprint.
add those fingerprints to your node list, prefixing each with $
ie. lose the names, replace with fingerprints.
krit
i right click
but see only zoom to server
maybe old vidalia ?
i will get new vidalia and try (i use windows)
dr|z3d
No!
In the lefthand column.. where the flags are.
That feature's been present for a _long time_.
krit
thats where i clicked
dr|z3d
You have no copy option in that menu??
krit
no :) i think its old vidalia
dr|z3d
I guess you must have a very old copy of Vidalia if that's the case. :)
krit
yes
keb
current is 0.2.8
krit
is any benfit of vidalia new version (other than these ? )
ok
dr|z3d
Plenty.
krit
i tried upgrade, but not work
anything related to speed improvement ?
dr|z3d
Uninstall, then install the new version.
Speed? Of what? Vidalia?
(Action) chuckles.
It's about features, not speed.
Vidalia, that is.
krit
ok
i mean of the connection
or if i understand correctly maybe vidalia is just gui nterface
nevermind my question :)
dr|z3d
There may well be speedups if you install the dev build of Tor, however.
krit
ok
is there a way tor servers would know that you are using tor ?
is there any central server that every client first connects to get some information ?
dr|z3d
There are directory servers, sure.
Not entirely sure I understand your question, though.
krit
ok, how many directory servers are there roughly ?
dr|z3d
Tor servers know you're using Tor when you pass through them.
krit
yes, that i understand
but its all decentralized so they can't tell if they are entry or intermediate node also correct ?
dr|z3d
As a client, that's really all they get to know.
Wrong.
krit
can you explain ?
dr|z3d
Each node in the circuit has a defined role and knows its role.
They handle traffic in different ways.
« prev 1 2 next »