andrew | 2 Jan 16:49 2013
Picon

Re: Wordpress blocking Tor?

On Mon, Dec 31, 2012 at 03:50:35AM -0800, michaelwprx <at> yahoo.com.au wrote 0.6K bytes in 0 lines about:
: There is a Wordpress blog I like to read anonymously, but Wordpress seems to have started blocking access
from the more popular Tor nodes sometime in the last week. I don't know if this is all of Wordpress, or just
the blog I'm trying to access.

I suspect some sort of blocklist was updated recently to include tor
exits, as I keep running into sites which won't let me do a simple HTTP
GET (read) at all. I get simple messages like this:

"Access denied. Your IP address [173.254.216.67] is blacklisted. If
you feel this is in error please contact your hosting providers abuse
department."

--

-- 
Andrew
http://tpo.is/contact
pgp 0x6B4D6475
Rashid Khan | 2 Jan 19:24 2013
Picon

Newbie Contributor

Hey!

First of all, Happy New Year's to everyone. I am a sophomore student doing
majors in Computer Science. I would love to get involved with the TOR
Project, in terms of code development. I have taken a semester course on
C++ and Data Structures & Algorithms.

The problem I face is, I don't know where to begin with. Right now, I will
be able to give around 10 - 12 hours a week for the development. Strong
guidance is required.

Thanks!

Cheers

- Rashid
Eugen Leitl | 2 Jan 22:41 2013

Tor bridge available over Hyperboria


http://www.reddit.com/r/darknetplan/comments/15sxwv/i_have_made_a_tor_bridge_available_over/c7pwd89

[–]HyperGrundy[S] 2 points 29 minutes ago*

Sure! First a warning: Tor will leak your IPv4 internet address to clients using your bridge even if they are
connecting only through cjdns, so don't set this up if you don't want your cjdns node's public internet IP
to be freely available to other cjdns users. I'm hoping Tor will fix that eventually. :P

Here it is:

First, set yourself up a working cjdns node. I used a Debian box, so the details will reflect that.

Second, install the latest Tor on your node. Not the Tor Browser Bundle, that's a GUI client, you need just
the server software. I used the information here to add the Tor repositories to my sources.list so that I
always have it up to date and just ran "apt-get install tor". Links for other distros/OSes are on the left of
that page, buy why would you want those when you can use Debian? :)

Third, edit the /etc/tor/torrc file to have these key lines:
SocksPort 0                #No socks proxy, this is a relay/bridge only

#You need this line to force Tor to bind to be aware of your internet IP, otherwise it won't be
#able to route out to the rest of the Tor network: (Tor should fix that)
ORPort <Your public internet IP> NoListen    #"NoListen" means that it won't actually listen for connections.

ORPort [<Your cjdns node IPv6 address in brackets>]:<port>    #Bind and listen for clients.

OutboundBindAddress <Your public internet IP>    # This line may not be necessary for you, I don't know.

ExitPolicy reject *:*            #Don't be an exit node (unless you *know* what you're doing!)
(Continue reading)

hikki | 3 Jan 01:32 2013
Picon

DDoS attack prevention at entry nodes?

When someone wants to DDoS attack a hidden service, he needs to do this trough his entry nodes.

Would it be possible to add prevention of such attacks on all entry nodes in the code? If a guy sends an unormal
amount of requests to his entry nodes, the entry nodes halt his connection for like 10-30 seconds or something?
grarpamp | 3 Jan 07:00 2013
Picon

Re: DDoS attack prevention at entry nodes?

> Would it be possible to add prevention of such attacks on all entry nodes in the code?

1) Client sessions to HS usually traverse one circuit
2) That circuit is encrypted from eavesdropping.
So no, not really possible to manage that.

The client could do it, but people would disable that code.
The most an entry can really do is limit bandwidth or circuit count.
Bandwidth is cheaper on Tor right now, whereas transactions more expensive.
Because of this transaction cost, 'DDoS'ing a beefy HS is pretty
hard to do without help. There are some big hidden services out there that
don't seem to have much trouble being well used by user traffic.
If you're experiencing an issue with your HS, try some standard
remedies:
1) Use accounts and limits
2) Set connection limits
3) Save or buy bandwidth
4) Distribute load / cpu
David Fifield | 4 Jan 06:35 2013

Re: Pluggable Transports metrics?

On Tue, Dec 18, 2012 at 08:43:02PM -0800, David Fifield wrote:
> On Sat, Dec 15, 2012 at 08:11:08PM +0100, Sebastian G. <bastik.tor> wrote:
> > For Flashproxy could there be a metric how many flash proxies
> > (JavaScript Web socket proxies running on volunteer machines) have been
> > available at a given time? (Maybe a graph over time.)
> > 
> > The last can be probably provided by the facilitator. Numbers don't have
> > to be accurate. (Is there a way to figure out how many Web socket
> > proxies are available and is this even desirable to disclose?)
> 
> I don't have this data in an automated way, but I was able to construct
> a graph from the facilitator log. (The facilitator logs when a proxy
> connects to it, but not the IP address, so this might be counting some
> duplicates.)
> 
> https://people.torproject.org/~dcf/graphs/flashproxy-count-2012-08-30--2012-12-18.png
> 
> Over the last three months it looks like we usually have between 20 and
> 40 proxies.

Here's another graph showing a recent huge increase in proxy capacity,
probably a result of attention following CCC.

https://people.torproject.org/~dcf/graphs/flashproxy-count-2012-08-30--2013-01-04.png

It looks like there is something limiting the number of proxies to
around 150, perhaps an Apache configuration. I will check it out but
I've also increased the facilitator polling interval.

David Fifield
(Continue reading)

Lucia Liljegren | 4 Jan 15:24 2013

Wordpress blocking Tor?

Andrew said he encountered this sort of ban message at a wordpress:
> "Access denied. Your IP address [173.254.216.67] is blacklisted. Ifyou feel this is in error please
contact your hosting providers abuse department."

I don't know if Wordpress.com is banning TOR. Plugins exist to assist self hosted bloggers who want to block
TOR.  But It's not surprising IP 173.254.216.67 would be blocked for some reason. It is on numerous
blacklist for forum and comment spam: 

http://www.stopforumspam.com/ipcheck/173.254.216.67

http://www.projecthoneypot.org/ip_173.254.216.67
http://spam-ip.com/lookup-342620-173.254.216.67.html
http://www.mywot.com/en/scorecard/173.254.216.67
http://rbls.org/173.254.216.67

The types of malicious access ranges from forum or comment spam to "llegal 3rd party exploits, including
proxies, worms and trojan exploits  ".  

If you can connect with some TOR addresses but not this one, it may just be this IP blocked.  If you can't
connect with any TOR IPs, it's likely TOR specific. Otherwise, you'll have to ask the admin.

Lucia
Griffin Boyce | 4 Jan 23:30 2013
Picon

Cupcake: browser extension for flash proxies

Hi all,

  Made this extension for Google Chrome to extend the concept of the Flash Proxy, and make it easy for users to create bridges.  (and as a result cause a bunch of fairly robust bridges to be made).  The concept could be used in addons for FireFox, Opera, or Safari as well, since they all allow processes to run in the background.

Benefits:
* Allows people to opt-in to becoming flash proxies, rather than current opt-out model
* Works in Chrome OS
* Takes all guesswork out of making a bridge
* Flash proxies made with Cupcake have a substantially longer uptime than those using site visitors
* Uses less memory than either Tor BB or Vidalia

Source code: https://github.com/glamrock/cupcake

Now that I've tested it and it seems to work well, I'd love to get input and suggestions on it. If it's useful, I'll submit it to the Chrome Web Store. Right now it uses the Stanford project site's embed page. If there's much interest in this, I'll switch to a dedicated site since it's maybe not fair to send that many requests to them ^_^;

Input, ideas, and tomatoes welcome =)

Best,
Griffin Boyce

--
"What do you think Indians are supposed to look like?
What's the real difference between an eagle feather fan
and a pink necktie? Not much."
~Sherman Alexie

PGP Key etc: https://www.noisebridge.net/wiki/User:Fontaine
_______________________________________________
tor-dev mailing list
tor-dev@...
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
David Fifield | 4 Jan 23:57 2013

Re: [tor-dev] Cupcake: browser extension for flash proxies

On Fri, Jan 04, 2013 at 05:30:50PM -0500, Griffin Boyce wrote:
>   Made this extension for Google Chrome to extend the concept of the Flash
> Proxy, and make it easy for users to create bridges.  (and as a result cause a
> bunch of fairly robust bridges to be made).  The concept could be used in
> addons for FireFox, Opera, or Safari as well, since they all allow processes to
> run in the background.
> 
> Benefits:
> * Allows people to opt-in to becoming flash proxies, rather than current
> opt-out model
> * Works in Chrome OS
> * Takes all guesswork out of making a bridge
> * Flash proxies made with Cupcake have a substantially longer uptime than those
> using site visitors
> * Uses less memory than either Tor BB or Vidalia
> 
> Source code: https://github.com/glamrock/cupcake

Thank you for doing this. Would you please add this information to the
ticket at https://trac.torproject.org/projects/tor/ticket/7721? This is
the ticket for creating a browser addon. You can create an account or
use the anonymous account cypherpunks:writecode. There are people
watching the ticket who will be interested in helping you test.

We will probably be moving to an all-opt-in model for flash proxy. Your
addon should send the flashproxy-allow=1 cookie, if it doesn't already,
so that it will continue to work by default when we make that change.

> Now that I've tested it and it seems to work well, I'd love to get input and
> suggestions on it. If it's useful, I'll submit it to the Chrome Web
> Store. Right now it uses the Stanford project site's embed page. If there's
> much interest in this, I'll switch to a dedicated site since it's maybe not
> fair to send that many requests to them ^_^;

At this point, it will help if you can keep it pointing to the same
embed page. As we are on the verge of deployment, we may need to make
changes to the proxy program quickly.

David Fifield
_______________________________________________
tor-talk mailing list
tor-talk <at> lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Griffin Boyce | 4 Jan 23:59 2013
Picon

Re: [tor-dev] Cupcake: browser extension for flash proxies

On Fri, Jan 4, 2013 at 5:42 PM, David Fifield <dcf <at> cs.stanford.edu> wrote:

>
> Thank you for doing this. Would you please add this information to the
> ticket at https://trac.torproject.org/projects/tor/ticket/7721? This is
> the ticket for creating a browser addon. You can create an account or
> use the anonymous account cypherpunks:writecode. There are people
> watching the ticket who will be interested in helping you test.
>

No sweat - didn't realize that there was a thread about it already.
https://trac.torproject.org/projects/tor/ticket/7721#comment:5

> We will probably be moving to an all-opt-in model for flash proxy. Your
> addon should send the flashproxy-allow=1 cookie, if it doesn't already

It doesn't, but I'll make that update

> At this point, it will help if you can keep it pointing to the same
> embed page. As we are on the verge of deployment, we may need to make
> changes to the proxy program quickly.
>
> David Fifield
>

Sounds good to me. I don't think it would be too difficult to get a couple
thousand users through the Chrome Web Store.

Best,
Griffin Boyce

Gmane