Hi guys, I was trying to find an arp networks official position on running Tor exit nodes and thought I would ask here before emailing support i think it'd be considered network abuse. that is unfortunate - i'll email support for an official statement Not tor specifically, but it's fair to assume a similar stance would be taken http://support.arpnetworks.com/kb/main/do-you-allow-irc-traffic (I think it's been covered here in IRC before too ) heh fair enough - their house their rules Oh imagine that, I asked that question a couple years back http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-12-28,Sat&sel=475#l471 here was the reply chrismsnz http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-12-29,Sun&sel=2#l-2 oh i saw the question, did not see the reply pretty ruthless on the old banhammer it seems ARP provides a service, but will take no legal risk on you *shrug* To be fair, that's relatively consistent among hosting providers chris: well it tends to invite ddos's etc. and can hvae legal ramifications a lot of people abuse tor nodes. chrismsnz: what everyone is saying is right i mean it's a nice idea for anonymising, but as it happens currently it's mostly people doing illegal etc stuff. Not to mention even the automated DMCA senders hit the exit nodes, and then someone from $host has to figure out who's responsible, or take on the legal burden of ignoring the notice. i tried using tor once, it was so slow mercutio: if only there were some more exit nodes :D chris heh well, i would take precautions to limit the amount of abuse but it is unreasonable to expect that no strangeness would ever occur unless someone with a lot of money is going to set about to setup lots of exit nodes on their own and encourage everyone to use it i can't see it changing. seems like a really bad idea a few exit nodes here and there won't really fix the problem up_the_irons: thanks chrismsnz: we've had customers run exit nodes successfully, as well as VPN services, but the responsibility is really all on you. And if, for example, you get a $10 VPS and I get one complaint, it's hardly even worth it for me. up_the_irons: would the result of an abuse complaint due to tor traffic result in a nuked server or permanent ban of my account oh it would be a $150/mo dedi it somewhat concerns me even more, since a dedi can handle a lot more exit traffic, and thus, far greater chances of illegitimate traffic. the limiting factor would be my data cap provision, i expect why not just get a $50 dedi at Hetzner, or OVH, i'm sure they don't even care ;) i suspect ovh is where most of them are. up_the_irons: i was pretty keen to move some personal stuff to a new provider and was looking for openbsd support apparently hostgator supprot exit nodes chrismsnz: I'd be uncomfortable with 10TB of tor exit traffic, to be honest as well as an exit node up_the_irons: :O i did not expect that! https://trac.torproject.org/projects/tor/wiki/doc/GoodBadISPs there's a list here. chrismsnz: well, you came to the right place for openbsd support :) i hadn't checked your plans was just my budget chrismsnz: ah ok up_the_irons: yeah so basically im looking for a host but don't want all my other legit stuff burned down if someone get snooty about a mean comment left via tor and subs a complaint i will probably keep them seperated >_< yeah keep 'em separated. As Tor themselves recommend ;) chrismsnz: ya know, in general, if you want to host personal services and then also do somewhat "questionable" services, I'd recommend just use two different providers thanks guys no problem! oh wow you're in nz :) yessir well if you can get ufb, you could just run your own tor exit node from home? :) well i have 200/200 tubes cool. i did consider but residential isp's probably going to be more trigger happy than the grizzled old colo owners :D interesting. i'd be more concerned about legal ramifications. that too it's kind of crazy how fast internet in new zealand got it was only 5 years ago that it was hard to get 10 megabit and there's no easy way to segregate the tor stuff from my home netwokr too - unlike a multi homed box out on the net chrismsnz: hey, who you callin' grizzled old colo owners ;) i heard snap do /29s for $5 yeah absolutely so you could have diff ip at least. up_the_irons: i'm abuse@ for my companies netblock... we're pentesters i know the feels :) ;) chrismsnz: curious, what do you think about things like cybrary> jpalmer: never heard of it o_O up_the_irons: gotta love a host with values, morals, ethics RE: [20:56] <@up_the_irons> chrismsnz: I'd be uncomfortable with 10TB of tor exit traffic, to be honest hmm, is that a criticism? if so I feel it's unfairly made (of up_the_irons, that is) chrismsnz: it was intended as a compliment :-) mercutio: whats a good way to determine how many upstream ISPs my ISP is using? bgp.he.net although it still wouldn't be conclusive it'll underreport rather than overreport though what asn is your isp? Origin AS: 5645 eww cogent :) few mtr seem to point to level3 and hel.net he.net cogent? yeah, tata, he.net, level3, cogent, tinet, i dunno some of these seems to hvae a lot of level3 though but mostly he.net for ipv6 they dont provide ipv6 to me they might not be doing ipv6 to customers yet gtt also whats a good ip hosted by cogent? my forward route to a random ip is via he.net from here tinet = gtt c.root-servers.net? i'm trying to remember cogent has a lg www.cogentco.com ? it's not on cdn trace to this ip is the only one using cogent upstream: 38.9.52.2 from the few I tested that uses cogent for me do cogent and he not peer with each other? http://bgp.he.net/AS174#_graph6 oh c.root-servers.net was cogent too weirdly for me i have level3 -> cogent for that route other cogent routes is going to cogent directly he.net and cogent do not peer IPv6. Not sure about v4 yeah i was looking at v6 for some reason not only do they not peer, they do not have reachability either between each other you sure? pretty sure Ipv6 internet is fragmented when it comes to cogent and he.net http://www.cogentco.com/en/network/looking-glass https://lg.he.net/ quick test will show yeh i see i just did the same from cogent why does dns work? :) pretty sad state of affairs you mean the ipv6 address of c.root? lg.he.net can be resolved by cogent probably v4 lookup? oh that'll be v4 yeh so who's fault is it? cogent wants he.net to pay for IPv6 transit but he.net has heaps of ipv6 he.net has a global dual stack backbone and is ready to pper peer so it's cogents fault cogent wants to be an ipv6 tier1 and wants he.net not to have that same status yea - cogents fault they're both tier 2 striving to be ipv6 leaders http://bgp.he.net/country/US too bad you cant sort by column nevermind you can yeh it's sorted reasonably anyway IPv6 isnt mainstream yet, else cogent and he.net would communicate this sorting is hell slow over 13,000 routes vs under 3000 from cogent well he.net has pushed ipv6 hard for YEARS basically as a way to get their foot in the door from what i can tell like they're not trying to make a lot of money, they're trying to make enough, and get netowrko reach and customers source code for that page is like 146,000 lines and so it was in their best interests to push v6 That's what she said!! chrome came up with the wait/kill thing i've heard that cogent and he.net are cheap if you want > 1 gigabit compared to other providers would you say you get what you pay for in terms of quality well i used to hate he.net certainly for cogent but i haven't seen any major issues since the new york flooding where he.net had terrible packet loss between US/EU but the thing is it was inw orld news and it wasn't unreachable, just severely degraded. i think he.net as part of a mix isn't too bad I need someone to come up with a more efficient way to manage chrome tabs or if you want to do cheap high bandwidth stuff i use windows+tabs at least it gives a bit more order but yeah i struggle do you mean separate chrome windows? yes as well as tabs or some kind of addon ahh so you can have 8 windows with 8 tabs and it's easier to find things cos you group things together a bit i hardly use any plugins i'm loving ublock origin though I currently have 73 tabs open +1 for ublock origin did you count? i dunno how many i have open, and i don't want to have to count them :) I installed toomanytabs ahh an addon that aims to manage your tabs i probably have more than that i'm guessing lets you search between them, provides previews etc i close them every now and then but i like being able to go bakc and see what i've been looking at I sometimes declare bankrupcy and close them all so i've got a window open about this he.net/cogent thing actually i have two, one of them was more about cogent vs he.net in the end though are you a tarsnap user? nope hmm i still have window open about ram :) i'm trying to decide if i should get 3x8gb of 6x4gb for my server upgradeability is nice to have yeh you pay for it though go from 24 to 48 in the future is it ddr3? and you can in theory have 9 sticks yeh ddr3 registered it's e5620 cpu, so it only does 1066 mhz what OS do you plan on running linux Xen Vms? nah kvm yeah 48gb may be nice sometime http://www.ebay.com/itm/Lot-of-3-KTH-PL313-8G-KINGSTON-24GB-3x8GB-DDR3-REG-ECC-MEMORY-w-Heatsink-/252116820487?hash=item3ab3556207 watching this atm there's a lot of ddr2 fbdimms on ebay now do you have any bids on there yet? not yet i prefer to bid late ;) on ebay lots of people bid in the last couple of seconds though I prefer buy it now sales yeh so do i but it's like $90 or so that way i suppose it's not that bad i could just get 6x8 from the get go too what motherboard did you go with? it's hp ml330 g6 came with mbd, cpu, ram etc. for like $80 NZ mercutio: mnathani_ : bgp.he.net, as well as other ASN reporting services, tend to be really off (under report) up_the_irons: yeh it underreports rather than over at least. yeah up_the_irons: is there something better to get an idea though? mercutio: not sure fire up looking glass? mnathani_: you'd nede a looking glass that showed your providers routes though yeah once it gets to another provider you don't get to see all the providers http://pastebin.ca/3196103 that shows 3356,6453,3257,6939,174 not sure which providers those are other than level3 he.net and cogent hm, that prefix is originating from savvis (3561) 3356 is level3 i think 6453 is tata 3257 is gtt/tinet/etc. lol I just noticed the SeaBIOS compile host string, mercutio ;) oh i have a fixed version of that actually it just hasn't been pushed i mean it's only cosmetic.