« Gumby got a new driveGot another brain for Orac »

I took The EFF Tor Challenge

06/05/11

  09:52:32 pm, by The Dreamer   , 1090 words  
Categories: General, Software, Networking, Android

I took The EFF Tor Challenge

Link: http://www.eff.org/torchallenge

But, then this morning things were all bad.... Freenode had K-Lined me. Because it found that I was running an exit relay for Tor. But, I wasn't using Tor for my IRC connection. Other than to quickly test some stuff, I wasn't using my Tor relay. It was just to respond to the challenge.

But, Freenode responded that I was banned because I was running an exit relay and it didn't matter that I wasn't using Tor to connect to them. What they said was that I would then have to connect to the using Tor if I was going to run an exit relay. OTOH, they want people to run bridge relays to help lend bandwidth to Tor and Freenode....

http://freenode.net/irc_servers.shtml#tor

We appreciate your accessing Freenode via the Tor hidden service. If you'd like to help us maintain quality access, please consider providing "middleman" bandwidth to the Tor network. Just set your host up as a Tor server and specify how much bandwidth you want to provide.

Just don't be an exit....guess that makes sure the bandwidth on Tor is available to Freenode and other hidden services, but not other stuff?

They said once I stop running the Tor exit relay, it would take some time for me to stop showing up as one and they would check once a day before they removed the ban. Even though I decided to go and change to just bridge, I wanted to get back onto IRC sooner than that....

So I set about using Tor to get to Freenode. They had sent an additional tidbit of: http://blog.freenode.net/2010/01/connecting-to-freenode-using-tor-sasl/ on how to get to FreeNode using Tor.... Though it was still rather lacking.

First I added cap_sasl.pl to my scripts directory, and then had to apt-get the necessary perl modules to get it to load. The first hard part was trying to figure out what it wanted for the SASL part. The example was "/sasl set localhost username password" Not sure what username and what password its looking for, though I figured password was my NickServ password. But, what username, the username on my machine, or the username associated with my nick, or the nick itself. Later I found other examples...and localhost became network...though which network. Evidently whatever I named it in irssi. In my case 'FreeNode'. Things still weren't working, and the errors were less than helpful. First I though no on the SSL...then there was a comment on the blog post for longer time out.

Finally I turned on debugging in my tor setup and saw that it wasn't finding "p4fsi4ockecnea71.onion", after some careful examination....I realized that's because I should be trying to connect to "p4fsi4ockecnea7l.onion". Probably don't need the SSL anyways. Now it was connecting, but after a long process it would fail.

It said supported mechanisms were PLAIN and DH-BLOWFISH, and the first example I had started with used DH-BLOWFISH. But, once I switched to PLAIN it worked. I then put things all back the way they were in the rest of my configs (except that I didn't set autoconnect back on), disconnected with the intent that when 'Orac' rebooted after putting in the new video card, it wold reconnect me and be all there.

Well, 'Orac' rebooted more than a few times in trying to get the card to work, but it never tried to connect to FreeNode. I then remembered that I had forgotten to change the autoconnect back.

Guess things are good again for now.

It is kind of an annoying problem that when relay bandwidth is used up, it also stops working as a client. That may require some additional work later....we'll see.

Hmmm, though I do run my irssi through an ssh tunnel and connect to FreeNode using SSL largely for privacy reasons....so maybe going Tor is really the way to go....

Pages: · 2

2 comments

Comment from: The Dreamer [Member]  

The example in torrc has section for exit relay, and section for bridge only. But, says nothing about how to be a middle relay. And, searching on the torproject site didn’t get any answers.

But, my best guess is if you don’t set bridge only and have no exits…then your a middle.

06/11/11 @ 13:20
Comment from: The Dreamer [Member]  

So, it seems because I’ve implemented the draconian measures on my exit relay to satisfy FreeNode (not only can I not allow exists to common IRC ports, but I can’t allow exits to the web [80 & 443])…. But, once I removed the allow for 80 and 443, I found that I’m no longer listed as an Exit.

Since my port 443 is available for ORPort, I can still be useful…except that there isn’t a major need for bridges, even though I heard of one person finding themselves behind a restrictive firewall that only allowed port 80/443.

I guess I’ll take out the rest of the ExitPolicy lines and just be a middle.

Was kind of curious on the bandwidth this would consume, but there doesn’t seem to be a way to have Accounting for the sake of Accounting….and not limiting. Though minimum bandwidth also needs to be 50kB/s to allow publishing DIRPort. Might go back to setting a limit, was just curious to see under what conditions a DIRPort gets published.

07/03/11 @ 17:43
Now instead of subjecting some poor random forum to a long rambling thought, I will try to consolidate those things into this blog where they can be more easily ignored profess to be collected thoughts from my mind.

Latest Poopli Updaters -- http://lkc.me/poop

bloglovin

There are 20 years 1 month 28 days 4 hours 4 minutes and 15 seconds until the end of time.
And, it has been 4 years 10 months 30 days 9 hours 58 minutes and 41 seconds since The Doctor saved us all from the end of the World!

Search

November 2017
Mon Tue Wed Thu Fri Sat Sun
 << <   > >>
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30      
Google

Linkblog

  XML Feeds

Who's Online?

  • Guest Users: 1
This seal is issued to lawrencechen.net by StopTheHacker Inc.
CMS software

hosted by
Green Web Hosting! This site hosted by DreamHost.

monitored by
Monitored by eXternalTest
SiteUptime Web Site Monitoring Service
website uptime