Tor server


why

The crisis in the Ukraine triggert me to join the Tor project.

But my motivation is much bigger (and few inches in size): the Stasi observation files about my parents - few hundred pages.
In contrast here are the ridiculous 9 (and mostly blackened) spy pages about me.

My view: Freedom needs free press. Free press needs whistle-blowing. Whiste-blowing needs anonymity. Anonymity needs Tor.

status

The status of my Tor relays is seen at atlas, the ranking of all exit families is here.

setup

  • I followed the Tor Exit Guidelines, especially the Reduced Exit Policy.
  • OS is a hardened Gentoo Linux
  • minimal kernel .config (eg.: no USB), no modules
  • /tmp is a tmpfs, swap is encrypted
  • network: IPv4 and IPv6 with static ip addresses
  • dnsmasq is used for DNSSEC
  • incoming ports except ssh, DirPort and ORPort are closed
  • sshd listens at a non-default port, no password login, no root login, elliptic-curve algorithm for key exchange forced ( KexAlgorithms curve25519-sha256@libssh.org,ecdh-sha2-nistp521 in /etc/ssh/sshd_config )
  • outgoing mails are encryped like: (echo ...; uuencode ...) | gpg --homedir <snip> --batch --sign --pinentry loopback --passphrase-file <snip> --encrypt --armor --recipient <snip> --no-auto-key-locate | mail -s "<snip>" ...
  • weekly cron job (since logjam): openssl dhparam -out /etc/ssl/private/dhparams.pem 2048 2>/dev/null
  • Tor exit notice provided both at IPv4 and IPv6 DirPort of each relay ( IPv4, IPv4:9030, IPv6, IPv6:9030 )
  • homepage is legal-checked (contact, impressum and disclaimer)
  • DDoS and more

    An unusual behavior where the BOINC software was involved too happened at 6th of Nov 2014.
    And here're few DDoS examples from the past:
    27th of April 2015 (>300 MBit/s), 20th of Nov 2015 (34 MBit/s, more), 30th of Jan 2016 (>500 MBit/s), 20th of March 2016 (>900 MBit/s, values), 13th of Jun 2016 (>65 MBit/s), 7th of Jun 2016 (>275 MBit/s), 21th of Jul 2016 (>180 MBit/s, values and graph), 22th of Jul 2016 (>250 Kpck/s, graph)

    "Tor" and the "Onion Logo" are registered trade marks of Torproject, Inc.

    back to my home page