is running TOR as a server dangerous?

Discussion in 'privacy technology' started by tonyseeking, Apr 9, 2009.

Thread Status:
Not open for further replies.
  1. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    I installed TOR from:

    www.torproject.org

    And someone told me to change the settings and run it as a server, that way it will be faster for me.

    Is that bad or dangerous to run TOR as a server? Will that make my connection more faster and more secure?
     
  2. jonw

    jonw Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    83
    Running tor as a server means other people can connect to you and use you to surf anonymously, this can be dangerous say someone is using you as a exit node and goes and looks and say some kitty porn or something illegal and the feds see it and think its you. Now I am no expert of tor but I don't think running it as a server will speed anything up on your end if anything it would slow your connection down, but I no acting as a server helps speed tor up for others who use it.

    As far as security I don't think it would enhance anything for you but I don't think it would hurt it either, there are some people on here more familiar with tor so they might shed some better light on this.
     
  3. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    ARE YOU SERIOUS MANo_O? So having run TOR as a server, people use me as an "exit node" and given my personal IP address? Then yeah, you are right, then I can get in trouble for other people's viewing habits on the internet.

    I have removed TOR immediately.
     
  4. coderman

    coderman Registered Member

    Joined:
    Feb 12, 2009
    Posts:
    39
    there is a FAQ entry on this subject:
    https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#RelayAnonymity

    in short, there are a lot of factors to consider. there are some risks with running a relay (for example, attacks which work well against relays but not clients. if you become a relay, your client traffic could be affected). there are some benefits too, as mentioned in the FAQ.

    long term there are plans to improve the ability to run as relay and client simultaneously while avoiding as many risks as possible. see the Tor roadmap for details.

    overall, if you have sufficient bandwidth and stability it would be beneficial to run a relay or bridge.

    if you don't have the bandwidth you'll only degrade your client experience further.

    best regards,
     
  5. coderman

    coderman Registered Member

    Joined:
    Feb 12, 2009
    Posts:
    39
    you can setup a middle or bridge relay that does not exit traffic with a reject all exit policy.
     
  6. jonw

    jonw Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    83
    You can just not run it as a server lol, if your worried about that though try JAP instead its decent for anonymity. If your looking for serious protection try shadowvpn or xerobank, but there are lots of options out there those are just my favorites.
     
  7. caspian

    caspian Registered Member

    Joined:
    Jun 17, 2007
    Posts:
    2,301
    Location:
    Oz
    I read about that happening and the feds came busting the guy's door down. It took him a while to prove his innocence. And evidently they had no problem finding his true IP.
     
  8. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Man, that's scary :(

    Suffice to say, I have totally removed TOR.:blink:
     
  9. jonw

    jonw Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    83
    Well there are other options, the only free one that I no works decent is JAP. Only problem is a lot of scammers and what not use it to so a lot of sites tend to blacklist there ip's from there sites.
     
  10. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    1. Running Tor in any mode other than client-only mode is dangerous.
    a. Your IP address will now enter into proxy blacklists, preventing you from making purchases because your IP is now considered high-risk. Even if you were only running a middle-man node or an entry node, you can be marked.
    b. Running as an exit node is most dangerous, as other users can leave through your IP address, leaving your computer's fingerprints on anything they do, including illegal activities.
    c. Running even in client-only mode presents many risks to you from being hacked by rogue tor nodes and having your traffic eavesdropped on.

    2. Running Tor as a server will NOT make Tor faster.
     
  11. jonw

    jonw Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    83
    How can running as a midle-man be risky? How would the sites that maintain blacklists see your ip?
     
  12. SteveTX

    SteveTX Registered Member

    Joined:
    Mar 27, 2007
    Posts:
    1,641
    Location:
    TX
    i know wikipedia has, i imagine maxmind and many other blacklisters do too.
     
  13. jonw

    jonw Registered Member

    Joined:
    Jan 22, 2009
    Posts:
    83
    Hmm the must be getting on the tor network to find the middle-man servers that seems like the only way you could find them is to get on the tor network.
     
  14. coderman

    coderman Registered Member

    Joined:
    Feb 12, 2009
    Posts:
    39
    the internets are dangerous... ;)


    most sites, including wikipedia and many IRC networks use the DNS EL lookup service to determine exit abilities, not parsing the router info. no one i know of just uses the raw router IP's anymore. if they so, they should use the Tor DNS EL. it will actually work like they expect and prevent false positives.

    it is important to note that once you're marked as an actual exit, it can take a day or two for this descriptor and policy and DNS EL status to be removed.


    there should be no "traces" on your computer for relaying traffic. this is simply data getting passed around, not cached or stored on disk.

    if you're concerned about your IP being in a directory, you can setup a bridge that is not published.


    right. running as a relay is about improving your anonymity, not so much about improving performance. (although it could do that too, since a relay will keep directory info current and circuits active; possibly improving some setup costs a client incurs otherwise...)

    best regards,
     
  15. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Yeah, thanks Steve, it seems I stuffed up. I hope I haven't been blacklisted.

    I tried your program but I am not sure why, I could never get it to work properly on my Vista. If it had have worked, I would not have needed to use that TOR :(

    Oh well :oops:
     
  16. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    Dude you have nothing to worry about I have run multiple Tor relays before and never had any issues. It doesn't make Tor go faster in a "pure" sense but keeps circuits open which makes it go faster in practice. If no one donated relays to the Tor network is would suck. Actually if you read the Tor design goal road map that was released last month, they say they ARE going to start forcing everyone to be a relay by default (similar to I2P) and it is a matter of when not if. Also are going to be doing some cryptographic certificate thing so relays can anonymously show much much they have relayed and get priority speeds from other relays based on how much they themselves have relayed. I think this is totally awesome but I hope they find a way to get around down time correlation attacks that scared me off I2P.

    Anyways I don't think being a relay is likely to get you on any black lists. You would be nuts to be an exit though, if you want to donate an exit node I suggest you buy an offshore server and just make up some info for your name address etc (provided this is legal where you live). Find one that accepts E-currency and just make up info for the E-currency account as well (again provided this is legal where you live). and set that server up as an exit node. I think a lot of exit nodes are set up this way, people would need to be crazy, cops or universities to set up a exit node connected to them. Get VMware VPS not virtuzzo that is no good for tor relays I hear cuz of some default settings that you cant really change only the hosting company. Also suggest you use Tor and WiFi to set up the exit node and always use Tor when you sgn up for it. Then even if some sicko uses your exit to do something disgusting, it wont trace back to you and you can provide an awesome service to the tor network.

    Anyways ya man you have like near nothing to worry about, Tor seems pretty safe to me I have been using it forever and never had any issues at all except it is pretty slow.
     
    Last edited: Apr 10, 2009
  17. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    If it was running as an exit node, then that wasn't good :(
     
  18. coderman

    coderman Registered Member

    Joined:
    Feb 12, 2009
    Posts:
    39
    by default Vidalia will configure your relay as a middle only if you enable relaying without adding approved ports to your exit policy.

    it is harder to make this behavior default via the configuration file, however, the documentation clearly states the required:

    ExitPolicy reject *:*

    line in the config to disallow any DNS resolution or exit connections on behalf of clients in the Tor network.

    it would be nice to have a more intuitive and explanatory interface for contributing whatever resources you are comfortable with back into the network. it is not so clear right now what the implications are for exiting various ports and alternative configurations like bridge or middle that may be more suitable for a given user of the Tor software.

    best regards,

    p.s. if you're not seeing any blocking of your IP by now then you probably don't need to worry.
     
  19. tonyseeking

    tonyseeking Former Poster

    Joined:
    Nov 12, 2008
    Posts:
    406
    Thanks.
     
  20. Fontaine

    Fontaine Registered Member

    Joined:
    Jan 29, 2008
    Posts:
    245
    Not sure KITTY porn is illegal. *meow* :p
     
  21. Leonid

    Leonid Registered Member

    Joined:
    Dec 23, 2008
    Posts:
    42
    Dude, you have false information. I talked to leading Tor developer about it. He confirmed that Tor will NEVER force anybody to be a relay.

    However, they will make it the way to provide you faster circuits if you choose to become a relay.

    Tonyseeking, Tor as client is very safe if everything is configured properly. And if end user understands what is it all about.
     
  22. n33m3rz

    n33m3rz Registered Member

    Joined:
    Jan 10, 2009
    Posts:
    114
    This is directly from Tors road map.

     
  23. Leonid

    Leonid Registered Member

    Joined:
    Dec 23, 2008
    Posts:
    42
    But you will always be able to refuse to become a relay. You can join irc.oftc.net and ask them yourself. They are very user-friendly & helpful. And they are serious, sensible and honest. Unlike Steve Topletz, they are going into details, explaining how Tor can fail, what you should and can do about it. While Steve is acting as commercial spam engine in nearly all of his posts. Which I am sure drives most of us away from his company? If he was behaving differently, maybe I would even purchase his service.
     
Loading...
Thread Status:
Not open for further replies.