silivrenion Posted September 3, 2006 Posted September 3, 2006 I run as an exit node for the Tor network, because I support anonymous internet practices, and the freedom of the people behind the Great Firewall of China and other restrictive locations. However, I woke up this morning to find my IRC log gives a gloomy message :: * Connect retry #1 208.98.24.4 (6667) - -vertex.hak5.org- *** Looking up your hostname... - -vertex.hak5.org- *** Found your hostname (cached) - -vertex.hak5.org- *** Checking ident... - -vertex.hak5.org- *** No ident response; username prefixed with ~ - -vertex.hak5.org- *** If you are having problems connecting due to ping timeouts, please type /quote pong AAA82881 or /raw pong AAA82881 now. - -vertex.hak5.org- *** You are banned from Hak5IRC (Your IP, 24.147.xxx.xx, is in our TOR Server List.. http://www.sectoor.de/tor.php?ip=24.147.xxx.xx) - Closing Link: Silivrenion[c-24-147-xxx-xx.hsd1.ma.comcast.net] (User has been banned from Hak5IRC (Your IP, 24.147.xxx.xx, is in our TOR Server List.. http://www.sectoor.de/tor.php?ip=24.147.xxx.xx)) - * Disconnected As a supporter of anonymous internet, and despite the fact that I promised owine I would not connect through the Tor network to irc.hak5.org, I was banned simply because of a service I run on my network. Understandably, all services are susceptible to attack, and some server admins can ban those services at least temporarily until the attacks subside, but blocking all nodes hampers the reach of the entire Tor internet project. With internet neutrality rights being questioned today, Tor may be a white flag of hope in the distance for many people. I don't mean to sound like a politician or anything, I just want to be able to support the projects I believe in, while being able to connect to hak5 IRC. Freenode resolved a lot of these issues by implementing a whitelist of Tor users which are known to be 1. credible and trustworthy, 2. representative of the online Tor population, 3. under control of their exit node's traffic and bandwidth policies. Maybe this is a solution applicable here? Authentication wise, I am not interested in anonymity myself to the Hak5 network. I only care about the anonymity of others, so I contribute my bandwidth. Is this a reason to ban me, when I carefully maintain my bandwidth and flood controls and try my best to provide a suitable service for everyone? If there's any authentication that can be done to verify my actual identity on the server, I'd do it. Heck, I'd call the phone or write snail mail if it meant the ability to talk on Hak5. Owine mentioned on the IRC of an SSL connection to the IRC, but I wasn't able to make a connection to it. Is this my hope for connection? Please allow me to support my projects which I believe in while being able to communicate on my favorite channel. Please whitelist my IP and other trusted Tor exit nodes, or remove the sectoor DNSBL ban, or provide a way for people who serve as exit nodes, but aren't connected through the Tor network to be able to use irc.hak5.org. I've been a fan of Hak5 up to this point, please don't give me a reason to change that now. Quote
cooper Posted September 3, 2006 Posted September 3, 2006 I think the trick is to either become friends with an IRC server admin, who can set things up so that you're granted access regardless. Another way out is to not allow Tor to grant outbound connections for IRC server ports (6660-6669). I had the same thing before and figued it was too much of a hassle so I just removed Tor from the system altogether. It was too slow to be useful anyways. Quote
PoyBoy Posted September 3, 2006 Posted September 3, 2006 there should be some subscription tor severs (like 1 dollar a month for 15) That would speed things up Quote
silivrenion Posted September 3, 2006 Author Posted September 3, 2006 Where would the money go? Supporting EFF and Tor, or somewhere else? Monopolizing on an open source product seems wrong on so many levels... -.- Quote
blizz Posted September 3, 2006 Posted September 3, 2006 There are commercials darknets (e.g. relakks) around. Tor should remain free, they should just ban any p2p traffic *grrr* Quote
silivrenion Posted September 3, 2006 Author Posted September 3, 2006 I personally use the default exit policies on my exit node, but if there's abuse I hear about on freenode #tor, I remove those ports. Quote
blizz Posted September 3, 2006 Posted September 3, 2006 What are the default policies like? Sorry, I'm not really into tor yet.. Quote
silivrenion Posted September 3, 2006 Author Posted September 3, 2006 tor.eff.org :: How do Tor exit policies work?Each Tor server has an exit policy that specifies what sort of outbound connections are allowed or refused from that server. The exit policies are propagated to the client via the directory, so clients will automatically avoid picking exit nodes that would refuse to exit to their intended destination. This way each server can decide the services, hosts, and networks he wants to allow connections to, based on abuse potential and his own situation. wiki.noreply.org :: By default, your server allows access to many popular services, but restricts some (such as port 25) due to abuse potential. You can edit your torrc to make your exit policy more or less restrictive. If you want to avoid most if not all abuse potential, set it to "reject *:*". This is called being a "middleman" node. http://wiki.noreply.org/noreply/TheOnionRo...AQ#DefaultPorts :: 4.15. Is there a list of default exit ports?The default open ports are listed below but keep in mind that, any port or ports can be opened by the server operator by configuring it in torrc or modifying the source code. But the default according to tor.1.in from the source code release tor-0.1.0.8-rc is: reject 0.0.0.0/8 //Reject non-routable IP's requests reject 169.254.0.0/16 //Reject non-routable IP's requests reject 127.0.0.0/8 //Reject non-routable IP's requests reject 192.168.0.0/16 //Reject non-routable IP's requests reject 10.0.0.0/8 //Reject non-routable IP's requests reject 172.16.0.0/12 //Reject non-routable IP's requests reject *:25 //Reject SMTP for anti-spam purposes reject *:119 //Reject NNTP (News Network Transfer Protocol) reject *:135-139 //Reject NetBIOS (File sharing for older versions of windows) reject *:445 //Reject Microsoft-DS (a.k.a NetBIOS for newer NT versions) reject *:1214 //Reject Kazaa reject *:4661-4666 //Reject eDonkey network reject *:6346-6429 //Reject Gnutella networks reject *:6699 //Reject Napster reject *:6881-6999 //Reject (Dark Star) deltasource & Bittorent network accept *:*" //Accept the rest of 65535 possible ports Thanks to [WWW] http://www.seifried.org for port references. Quote
tx Posted September 3, 2006 Posted September 3, 2006 Not wanting to cause argument here, And im sure there are plenty of reasons why it is like this... But should a IPTV show, based partially around hacking, and that even does segments on tor and its uses, block tor access to its IRC? I can see in an IRC like this, the ability to connect and talk to the people in there annonymously would be a great advantage to some people. Comments? Quote
PoyBoy Posted September 3, 2006 Posted September 3, 2006 thats the thing, the money goes to bandwidth Quote
silivrenion Posted September 3, 2006 Author Posted September 3, 2006 yeah, its slightly strange that we're introduced to tor in Hak5 Episode 10, yet IRC has it banned. :S Quote
cooper Posted September 3, 2006 Posted September 3, 2006 It's a standard thing in IRC server software that your machine is scanned for proxies. Aside from the admin's personal wishes, I think this is the type of setting that you have to explicitly deactivate since in most circumstances you want to keep this stuff enabled. Plus, like I said, if your Tor exit node blocks the IRC portrange things are cool as far as IRC is concerned. And I can't recall Hak.5 coming out saying 'Use Tor to IRC anonymously'. 'Surf' perhaps, but not 'chat'. Quote
moonlit Posted September 3, 2006 Posted September 3, 2006 And I can't recall Hak.5 coming out saying 'Use Tor to IRC anonymously'. 'Surf' perhaps, but not 'chat'. This is what I was saying in IRC when we discussed this; just because Hak5 says that TOR is cool that doesn't mean they have to allow users to connect to IRC via it... They also said Metasploit is cool but that doesn't mean they should leave the gate open for you got go right in and start remote-accessing all their boxes... Quote
Technologique Posted September 4, 2006 Posted September 4, 2006 They also said Metasploit is cool but that doesn't mean they should leave the gate open for you got go right in and start remote-accessing all their boxes... Dude, when did they say it was cool? All I can recall is a lot of "Script Kiddie" being hurled around at the mere mention of Metasploit, and Nmap... but then again, I have been ver' ver' drunk between then and now.. Quote
moonlit Posted September 4, 2006 Posted September 4, 2006 Dude, when did they say it was cool? All I can recall is a lot of "Script Kiddie" being hurled around at the mere mention of Metasploit, and Nmap... but then again, I have been ver' ver' drunk between then and now.. 'Tis true but they've said it's very useful and to be honest, it might get used by skiddies but if you know why you're using it, what it does, how it does it and you're not using it for any reason that's either pointless, illegal or 'just to piss off my ex-gf's boyfriend' then it's cool/not skiddie. :) Quote
Darren Kitchen Posted September 4, 2006 Posted September 4, 2006 yeah, its slightly strange that we're introduced to tor in Hak5 Episode 10, yet IRC has it banned. :S First off I need to apologize for the late response on this matter. I just got back from our trip to Canada and hadn't been keeping up with the forums. I was not aware that Vertex-Hosting had started blocking Tor. I will have to speak to the administrator of that network and see what we can do about resolving this issue. Personally I think Tor, and metasploit for that matter, are great tools when used responsibly. In the meantime, please try connecting to our alternate server at 66.252.7.115. It's a node on the same network. They're all round robbined. And I believe even the irc.techphile.ca network has merged with ours but I haven't verified that. I've been so busy with production that I haven't had time to administrate the ever growing Hak5 network so I've had to delegate some of those responsabilities. Again, I apologize for the late response and hope that you are able to reconnect to the IRC network soon. If you have any other problems please feel free to email me directly. Thanks, Darren Quote
Joerg Posted August 6, 2007 Posted August 6, 2007 It seems that Tor servers are still blocked ERROR : Closing link (xxxxx@ERR.CYLAB.CMU.EDU) [G-Lined: Your IP, xxx.xxx.xxx.xxx, is in our TOR Server List] Quote
VaKo Posted August 6, 2007 Posted August 6, 2007 It seems that Tor servers are still blocked ERROR : Closing link (xxxxx@ERR.CYLAB.CMU.EDU) [G-Lined: Your IP, xxx.xxx.xxx.xxx, is in our TOR Server List] IRC problems now go in http://forums.hak5.org/index.php/board,24.0.html Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.