Tor server


why

The crisis in the Ukraine triggert me to provide Tor relays.

But my motivation is much bigger (and few inches in size): the Stasi observation files about my parents - few hundred pages. In contrast here are the ridiculous 9 (and mostly blackened) spy pages about me.

my view: Freedom needs free press. Free press needs whistle-blowing. Whistle-blowing needs anonymity. Anonymity is provided by Tor.

status

The status of my visible Tor relays is at metrics.torproject.org.

setup

  • 2 relays run at a stable hardened Gentoo Linux under a recent stable vanilla kernel (no modules, minimal config), meaning without USB (eg.: why not), graphics, serial + parallel interfaces, unused drivers, file systems et. al., and with LibreSSL instead OpenSSL and OpenRC instead systemd. Another relay is configured as a Tor bridge at a Debian VM. Hint: boot into a kernel made with make defconfig, strip down the kernel .config using make localmodconfig and /usr/src/linux/scripts/kconfig/streamline_config.pl, and further do remove everything which isn't needed, eg. sound)
  • /tmp is a tmpfs, swap is encrypted
  • network: IPv4 and IPv6 have static ip addresses Hint: request an additional IPv4/IPv6 address pair for Tor, b/c Tor addresses will be added to certain black lists soon
  • dnsmasq is used to have DNSSEC, here's the DNSSEC Authentication Chain
  • incoming ports except ssh, DirPort and ORPort are closed
  • sshd listens at a non-default port, password or *root* login are forbidden
  • a Tor exit notice is provided both at IPv4 and at IPv6 DirPort(s) (IPv4, IPv4:9030, IPv6, IPv6:9030), here's the link to the reduced exit policy Wiki.
  • homepage is legal-checked (contact, impressum and disclaimer)
  • misc

    An unusual behavior happened at 6th of Nov 2014 where the BOINC software was involved too. And here're few DDoS examples from the past:
    27th of April 2015 (>300 MBit/s), 20th of Nov 2015 (34 MBit/s, more), 30th of Jan 2016 (>500 MBit/s), 20th of March 2016 (>900 MBit/s, values), 13th of Jun 2016 (>65 MBit/s), 7th of Jun 2016 (>275 MBit/s), 21th of Jul 2016 (>180 MBit/s, values and graph), 22th of Jul 2016 (>250 Kpck/s, graph)

    "Tor" and the "Onion Logo" are registered trade marks of Torproject, Inc.

    back to my home page