logs archiveIRC Archive / Oftc / #tor / 2015 / July / 18 / 1
border0464
hi, I have setup a relay, and I now produce some bandwith data with vnstat/vnstati , problem is that vnstat listen ona networkinterface not on Tor, is it possible to make Tor use a virtual network interface ?
idk where to start, I looking for some tutorial/doc
qwerty11
it is...
kernelcorn
you'd like to measure bandwidth usage?
qwerty11
start reading about namespaces
linux namespaces that is
kernelcorn
speedometer is a great package for that. I'm sure there's a flag for binding Tor to an interface, if not you can bind to an IP address.
qwerty11
tor has its own bandwidth measurement mind you
yes you could also do that
border0464
thx
where is it ? qwerty11
qwerty11
the heartbeat
in the log
border0464
hummm ill check that
         

phantomcircuit
can someone point me in the direction of information on how entry guards are selected?
qwerty11
https://gitweb.torproject.org/torspec.git/tree/path-spec.txt#n554
phantomcircuit
qwerty11, thanks
border0464
seem absent "cat /var/log/tor/log.2 | grep heartbeat" return empty , did I have to enable something in order to get log
phantomcircuit
qwerty11, any idea how the directories determine the Guard flag?
border0464
... looks like I can't use namespace cuz im in a VPS and it's blocked form my provider
from man speedometer it take is interfaces only as arguments
qwerty11
phantomcircuit: start with set_routerstatus_from_routerinfo in dirserv.c
btw, why do you want to know?
border0464
^
qwerty11
border0464: it looks like
Heartbeat: Tor's uptime is ...
border0464
ok got it, it was | grep Heartbeat ill be good with that thx qwerty11
im gonna write a little script to switch it to json data and gonna open a beer
thx for your tume
*time
here take a virtual beer
qwerty11
:)
border0464
oh btw, any SELinux profile for tor ?
as a bonus question
qwerty11
border0464
woohoo :)
kernelcorn
phantomcircuit: relays get the Guard flag if they maintain enough stability and have enough speed to get it
corey84-
having issues keeping tor up and not failing sysD fedora22 using the default tor rpm
and tunnelling programs thru 9050 as well
ingenius
Hi
mmm
chaelle
Is using Tor legal?
Never read any topic it isn't.
But want to be sure.
ryonaloli_
what country are you from?
in the majority of countires, it is legal
chaelle
Is there a list where it isn't? And for what reasons it isn't?
         

ryonaloli_
i'm guessing some places in the middle east and maybe north/south korea or something, but i don't actally know
*actually
no idea re. the list though
chaelle
So the reasons are not because it is illegal, it is beacuse you are not censored that way?
And because of that you can be prosecuted?
ryonaloli_
i don't know. typically bypassing censorship is not automatically illegal
chaelle
But other than that Tor is not illegal at all. Am I getting all this correct?
Following some kind of 'proxy' idea, taken to the whole different realization.
ryonaloli_
right
Meike
I would appreciate any comment about the following article: https://www.recordedfuture.com/stripping-tor-anonymity/
Det regnar igen
lupine
http://www.theguardian.com/uk-news/2015/jul/17/terrorism-sympathiser-jailed-muhammad-suleman-extremist-videos-al-qaida-magazine
dat darkweb tho
Meike
I am seriously concerned about "Tor": At which extent can Tor really still be considered safe and secure?
https://www.recordedfuture.com/stripping-tor-anonymity/
reent
hi! i was trying to watch a youtube video using the tor browser. however, this does not work at all. various sources say it should work, and even the browser settings say it should be click-to-play.
what could be wrong here?
ryonaloli_
are scripts enabled?
reent
no, i try to avoid that, and the settings say it should work anyway
ryonaloli_
i've found that it does require javascript when i tried
reent
okay, this almost makes it pointless though
why do the settings state that it would work with click-to-play?
ryonaloli_
i don't know. you could use youtube-dl though, which is what i use 90% of the time since it does not require javascript
reent
ok ryonaloli_ thanks! i going to stick around if anyone else has an idea since i'd really like to view video in the browser...
TvdW
"Server managed proxy encountered a method error. (obfs3 no such transport is supported)"
why would obfs4proxy tell me this? it should support obfs3 just fine
nvm, upgrading to the latest master of obfs4 seems to work (but that's strange, as I've been running this version for months)
vm
Hey! We operate a storage facility that also has a companion online site that offers clients the ability to sell items that they're storing in their rented units. We've just added the ability to accept Bitcoin, and are now looking at enabling access via a Tor hidden service. We're going to be activating Cloudflare soon, and realized that the .onion site won't be protected by Cloudflare. How do people typically
handle this?
The last thing we'd want to do is activate a .onion site to point to our origin web server, and although we have Cloudflare activated, the .onion site would open us up to DDoS at the origin webserver.
Benjojo
Most setups of tor hidden services are vulnerable to layer 7 attacks
and due to the way that Hidden services work, there is not a huge amount you can do about it, other than make sure your app can handle it
there isnt much thoughput though hidden services anyway, so it's not like there is going to be a massive volumetric attack
just need to worry about your application not barfing up if someone sends it something bad
vm
You mean, due to the nature of Tor being slow to begin with?
Benjojo
Well, Stereotypically that is a part, but also that only TCP can go over hidden services
vm
&& the botnet performing the ddos would have to consist of nodes on the Tor network?
Benjojo
Nope, they would have to all be connected /to/ tor
vm
Phrased that wrong, thanks for correcting me.
I'd sure like to see a write-up on the Facebook implementation :)
ekh43er4
vm: if they wanted to ddos you, they would first have to have your actual ip. an onion only opens you up to software based attacks like Benjojo said
TvdW
you don't need an IP address to perform a ddos, an onion address works just as well
it just becomes a lot easier ^^
ekh43er4
riiight... same way freenet sites go down when everyone requests them at once, right?
qwerty1
lol
it's not easier
and freenet sites do not do that
the opposite actually
TvdW
it's easier because Tor can almost always handle less bandwidth than the NIC
qwerty1
"easier" or "harder" is reducing a complex situation to one dimension
it's not really helpful, in the sense that it doesn't create any new or useful insight for anyone
to do that
« prev 1 2 next »