[tor-relays] PSA: Run a Tor node, lose access to Chinese IPs
neel at neelc.org
neel at neelc.org
Sun Jul 23 17:13:04 UTC 2017
Today, I wanted to try to see how the Internet looks behind the Great Firewall of China. I used a public HTTP proxy list (http://spys.ru/free-proxy-list/CN/) listing Chinese proxy servers (meaning getting into Chinese censorship from the US, not bypassing it in China), and guess what? I was already blocked. Why? I suspect that I was running a Tor relay from my home connection (https://atlas.torproject.org/#details/A20840A16CB658024B0D3A0E3F19A9C0E34C843F).
Some Chinese websites do load, but many of those who do usually have a CDN outside the Chinese firewall. For example, I can visit AliExpress from my home computer without Tor, but I can't visit 163.com or 2345.com.
While I don't care at all for Chinese websites, there are people who do. If you want to access Chinese websites AND run a Tor relay on the same IP address, you may be screwed. Surprisingly, I can sometimes visit Chinese websites over Tor, but it's about as reliable as having Comcast as your home ISP.
Proof: telnet 2345.com
Optimum Online 100/35 in Westchester County, NY, home computer on same connection as Tor middle node (https://atlas.torproject.org/#details/A20840A16CB658024B0D3A0E3F19A9C0E34C843F):
neel at megora:~ % telnet 2345.com 80 Trying 42.62.30.180... telnet: connect to address 42.62.30.180: Operation timed out telnet: Unable to connect to remote host neel at megora:~ %
Verizon FiOS 50/50 in Brooklyn, NY, Tor middle node (https://atlas.torproject.org/#details/D5B8C38539C509380767D4DE20DE84CF84EE8299) (this connection isn't exclusive to Tor, it's used when I am in Brooklyn as well):
neel at kat:~ % telnet 2345.com 80 Trying 42.62.30.180... telnet: connect to address 42.62.30.180: Operation timed out telnet: Unable to connect to remote host neel at kat:~ %
Total Server Solutions in Los Angeles, CA (via an ITL VPS), Tor exit node (https://atlas.torproject.org/#details/0D8211D34F29F51D690303E319766E1B7C28BADB):
neel at us-west:~ % telnet 2345.com 80 Trying 42.62.30.180... telnet: connect to address 42.62.30.180: Operation timed out telnet: Unable to connect to remote host neel at us-west:~ %
Vultr VPS in New Jersey, non-Tor IP used for this website:
neel at newwww:~ % telnet 2345.com 80 Trying 42.62.30.180... Connected to 2345.com. Escape character is '^]'. ^] telnet> quit Connection closed. neel at newwww:~ %
It seems that IP addresses used for Tor nodes are blocked by the Chinese firewall, even if the same IP address used for a Tor node is accessing a Chinese website outside of Tor. And the little bit of the Chinese Internet which can be accessed on the same IP address as a Tor node is usually on a CDN outside of the Great Firewall.
Keep in mind that this article is also available on my website at this URL: https://www.neelc.org/psa-if-youre-running-a-tor-relay-and-are-accessing-a-chinese-ip-address-you-may-get-blocked/ (https://www.neelc.org/psa-if-youre-running-a-tor-relay-and-are-accessing-a-chinese-ip-address-you-may-get-blocked/)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-relays/attachments/20170723/f20cc179/attachment.html>
More information about the tor-relays
mailing list