[tor-relays] How to Run Torservers.net

Moritz Bartl moritz at torservers.net
Wed Jul 11 12:33:55 UTC 2012


Hi!

In regular intervals, people ask me what it takes to run a large number
of exit relays. Let me try to document a few steps that I think you need
to take to become a Large Tor Operator (TM).

1) Think about registering a (non-profit) association.
At least in Germany this helps with liability, and in general it helps
to appear bigger than you are (and less likely to get raided).
What we did was try and find a lawyer who would agree to "host" us
inside his office. We succeeded, and now are a non-profit registered
inside a lawyers office. How cool is that? :)

2) Register a fax number.
At least law enforcement in Germany regularly uses the fax number
present in IP records. We use a free German fax-to-email service,
www.call-manager.de.

3) Register a phone number.
The IP records should contain a phone number for abuse reports, and you
don't want that to be your personal phone number. We use Sipgate One, a
German VoIP service that redirects calls to cellphones and Skype for free.

4) Create handles for your organization at ARIN and/or RIPE.
Example record:
https://apps.db.ripe.net/whois/lookup/ripe/person-role/MB22990-RIPE.html
With RIPE, it works far better, most abuse reports will hit you and not
that of your upstream. Having your own IP records is a key element for
abuse handling.

5) Find a good ISP.
This is going to be a hard one. But not too hard. Go through forums and
sites where ISPs posts their latest deals, and contact them about Tor
hosting. We usually divide it into a two-step process: We first ask if
they were okay with a Tor exit, and with reassignment of the IP range -
no details in the first mail! When they come back positively, or
somewhat worried, you can still explain that you are a non-profit superb
large organization filled with security professionals, and that all will
be good.
The two step process usually helps in elevating your request to higher
levels of support staff and without scaring them off to early.
See also https://www.torservers.net/wiki/hoster/inquiry

5a) Still find a good ISP.
A good ISP is one that offers cheap bandwidth and is not being used by
other members of the Tor community.

6) Be quick in answering abuse.
We receive a very small number of complaints, given that we run high
bandwith nodes. I am actually still surprised how few complaints we get.
Roughly 80% are automated reports, which we ignore, and for the rest it
is usually good enough to send our default template.
See https://www.torservers.net/wiki/abuse/templates
and https://www.torservers.net/wiki/abuse/dmca

For police inquiries, we usually give them a one-liner (something like
"As a German organization, we fully comply with Telemediengesetz §15
(the German telemedia law), which prohibits to log any user identifiable
data or usage data unless required for billing purposes.").
We get one policy inquiry per quarter on average.


What did I forget?
-- 
Moritz Bartl
https://www.torservers.net/


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20120711/40f7ec97/attachment.pgp>


More information about the tor-relays mailing list