[tor-talk] IP Banned for running a non-exit relay from home?

stn stn at ncf.ca
Sun Oct 5 21:08:56 UTC 2014


hi todd
well you can try the canadian best buy for fun.  
http://www.bestbuy.ca/ for contrasting data.


ooooh the "muskoka" line of cookware is on sale. ...
muskokas are a long standing toronto reachable pricey kind of cottage country. and yes residents of the muskokas would rightly be miffed at me for saying that.  hmmm they are all clad stainless cookware last a lifetime .. i digress

http://www.bestbuy.ca/
suprisingly it loads though i doubt you'd want to bother actually buying but it might make a silly media hook.   

want safest online ordering possible ... use .ca  because it's currently tor friendly.

you asked for hope.  well ... not a monolith in practise ?  not much silver there but it's something.  but like the skype microsoft example ... microsoft doesn't necessarily see tor as a real threat but block tor from skype connections.

they hire some outfit to filter.  i guess the more they filter the better they can advertise they are doing their job?


my exit node was not canada

for fun i tried your list
connected to ok.
http://www.internetbrands.com/
(so maybe another variable triggered your denial in addition to tor)


failed list
http://www.corvetteforum.com/
timed out

bestbuy.com
immediate error.  very fast.  error like yours.
does the packet even get to best buy or is it killed well before?

rennlist
long painful timeout

http://www.bensbargains.net/
long painful timeout

this might be of interest.
ixmaps.ca traces packets  isps divert to the USA unecessarily (exposing to nsa sniffing).
canada has a lack of IXes and that's a problem so traffice is diverted to the US raising cost and degrading privacy.

they automate testing with their creative commons licensed s/w  
i wonder if we could quickly build simple connect lists in a similar fashion and note which ones fail ?

likely an easier way to do it.  maybe a shell scripted ping with a list of sites people choose?

though that's basically how ixmaps does it.  they run traceroute internally with fixed parameters and submit to the central database at ixmaps.



for fun i ran a traceroute to bestbuy.com without the onion router
akamai might be killing the tor packets?
akamai is huge.

traceroute: Warning: www.bestbuy.com has multiple addresses; using 23.3.97.96
traceroute to a1105.b.akamai.net (23.3.97.96), 64 hops max, 40 byte packets

apple also uses akamai but using tor no issues connecting to apple.
traceroute www.apple.com
traceroute to e3191.dscc.akamaiedge.net (23.222.128.106), 64 hops max, 40 byte packets


 

On Oct 5, 2014, at 4:06 PM, Todd Troxell wrote:

> Add one more to the list--  http://bestbuy.com
> 
> "Access Denied
> 
> You don't have permission to access "http://www.bestbuy.com/" on this server.
> 
> Reference #18.2d941160.1412538970.11956e25"
> 
> Access from a non-relay IP, works fine.
> 
> Thanks for the thoughtful feedback, BTW.
> 
> Incidental aside- This put me in a weirdly dystopic/paranoid spot;
> looking 5 years out- if you're not coming from one of the monopolistic
> ISPS[0] that widely share customer data, throttle for profit,
> molesting[1] your packets, we consider you unsavory and you're not
> worth the liability
> to our web properties.  We're also getting a share of the data from
> your ISP, so though we lose a few customers, we're happy to ban you
> for access to marketing data that pumps up sales.
> 
> Give me some hope? :)
> 
> [0] https://en.wikipedia.org/wiki/Comcast-Time_Warner_Cable_merger
> [1] https://gist.github.com/ryankearney/4146814
> 
> On Sun, Sep 28, 2014 at 11:08 AM, Todd Troxell <xtat at rapidpacket.com> wrote:
>> Hi Folks, I run several relays, including a non-exit relay from my home
>> rack.  Recently I noticed that I can't access several major websites from my
>> home IP.  The network is otherwise clean, it's a relatively new IP since I
>> moved recently, and the RBLs come up negative.
>> 
>> The only thing I can think might have triggered it is the tor relay.
>> Googling around I have seen things like this- firewall rules that block all
>> tor nodes.
>> 
>> https://forum.netfort.com/netfort/topics/ids_ruleset_tue_aug_12_11_59_00_ist_2014
>> 
>> The sites that seem to be doing this are all hosting with these guys
>> http://www.internetbrands.com/
>> http://www.corvetteforum.com/
>> http://www.rennlist.com/
>> http://www.bensbargains.net/
>> [... many more]
>> 
>> I then noticed this guy https://www.dan.me.uk/dnsbl  - when I hit this page
>> from my relay-only IP, I get
>> 
>> "I'm sorry, but I really don't see why anyone would need to use a TOR node
>> or Anonymous Proxy server to look at my site.
>> So i'm afraid you can't look. Stop running TOR / using an anonymous proxy
>> and you can view my site."
>> 
>> Even though I'm not accessing the site over tor, and even though the node at
>> my IP is a non-exit and there is no
>> possibility that my IP would ever access their properties over TOR.
>> 
>> Anyway, this surprised me.  In retrospect I suppose if people have access to
>> the list of nodes (exit or not) they'll use
>> it to set up firewall rules whether they understand what they are doing or
>> not.
>> 
>> If this is the way things are moving, I suppose I'll have to shut down or
>> VPN up my home node.
>> 
>> 
> -- 
> tor-talk mailing list - tor-talk at lists.torproject.org
> To unsubscribe or change other settings go to
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk



More information about the tor-talk mailing list