Delivery-Date: Sun, 05 Oct 2014 16:06:50 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 476B21E0BD0;
	Sun,  5 Oct 2014 16:06:49 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 909F921D87;
	Sun,  5 Oct 2014 20:06:39 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 23EB6228D6
 for <tor-talk@lists.torproject.org>; Sun,  5 Oct 2014 20:06:35 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id JwLTGj7bJAGt for <tor-talk@lists.torproject.org>;
 Sun,  5 Oct 2014 20:06:35 +0000 (UTC)
Received: from mail-ig0-f171.google.com (mail-ig0-f171.google.com
 [209.85.213.171])
 (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 095422259F
 for <tor-talk@lists.torproject.org>; Sun,  5 Oct 2014 20:06:34 +0000 (UTC)
Received: by mail-ig0-f171.google.com with SMTP id h15so1642106igd.4
 for <tor-talk@lists.torproject.org>; Sun, 05 Oct 2014 13:06:32 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:in-reply-to:references:date
 :message-id:subject:from:to:content-type;
 bh=VHIY/sNPzdozOXl6SFdkcI03pxaB1xFwR1ricFbZn2k=;
 b=Fh7YK16YmsixeDwuhOHVXI9JUBQZ8KWo1+tPwFhFoqVTjx+323dD3jnr0tnO7KN+ZG
 T/P0VkD+1wMTG2WuMD5O2RmtH51ZzU/OikNxq0PlD5EmZLs6ETc3DWy6z82IKCzp2+k0
 ILP20aJXKHCwa9Pm2qwMT1PJ/eqogrvnOXTKcvyqDUbQs1xvfUsl8JwiS1BSyILS8tXd
 pKibH6ulr3HcuUeI1AHKP51H6BD2AFuWGUD4UVY35pitI2fABR+R2w64OB/ZNAZ5zbfK
 47o8wln/0vcqT2vu2CxG82aHVAWqqIpIN9P0XBIHI+iFmmfXmm3uXwrfr468cmLLPCE3
 PEzw==
X-Gm-Message-State: ALoCoQl3uw0AS7wHd33Uqmcxh6gSdpVuukQ9I3vZPFZttQOiC4yTNXeTxp47N8xbDcFDvTqNj5SZ
MIME-Version: 1.0
X-Received: by 10.42.23.16 with SMTP id q16mr29361103icb.0.1412539592343; Sun,
 05 Oct 2014 13:06:32 -0700 (PDT)
Received: by 10.107.157.205 with HTTP; Sun, 5 Oct 2014 13:06:32 -0700 (PDT)
X-Originating-IP: [98.248.57.252]
In-Reply-To: <CAHzaGdAWk+JZRA9Y1FTeG96vOMGY2h3Q=EUy1iEzCYH1M_BJ3w@mail.gmail.com>
References: <CAHzaGdAvOccaGWzPNzDyGz__5+B9_eEgt8XXtVzd7mcXrkpW0w@mail.gmail.com>
 <CAHzaGdAWk+JZRA9Y1FTeG96vOMGY2h3Q=EUy1iEzCYH1M_BJ3w@mail.gmail.com>
Date: Sun, 5 Oct 2014 13:06:32 -0700
Message-ID: <CAHzaGdDo2DJ4vxEmJg7hgw2_tVebsa1vp1KMwD0TJxFvvwBcmg@mail.gmail.com>
From: Todd Troxell <xtat@rapidpacket.com>
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] IP Banned for running a non-exit relay from home?
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Add one more to the list--  http://bestbuy.com

"Access Denied

You don't have permission to access "http://www.bestbuy.com/" on this server.

Reference #18.2d941160.1412538970.11956e25"

Access from a non-relay IP, works fine.

Thanks for the thoughtful feedback, BTW.

Incidental aside- This put me in a weirdly dystopic/paranoid spot;
looking 5 years out- if you're not coming from one of the monopolistic
ISPS[0] that widely share customer data, throttle for profit,
molesting[1] your packets, we consider you unsavory and you're not
worth the liability
to our web properties.  We're also getting a share of the data from
your ISP, so though we lose a few customers, we're happy to ban you
for access to marketing data that pumps up sales.

Give me some hope? :)

[0] https://en.wikipedia.org/wiki/Comcast-Time_Warner_Cable_merger
[1] https://gist.github.com/ryankearney/4146814

On Sun, Sep 28, 2014 at 11:08 AM, Todd Troxell <xtat@rapidpacket.com> wrote:
> Hi Folks, I run several relays, including a non-exit relay from my home
> rack.  Recently I noticed that I can't access several major websites from my
> home IP.  The network is otherwise clean, it's a relatively new IP since I
> moved recently, and the RBLs come up negative.
>
> The only thing I can think might have triggered it is the tor relay.
> Googling around I have seen things like this- firewall rules that block all
> tor nodes.
>
> https://forum.netfort.com/netfort/topics/ids_ruleset_tue_aug_12_11_59_00_ist_2014
>
> The sites that seem to be doing this are all hosting with these guys
> http://www.internetbrands.com/
> http://www.corvetteforum.com/
> http://www.rennlist.com/
> http://www.bensbargains.net/
> [... many more]
>
> I then noticed this guy https://www.dan.me.uk/dnsbl  - when I hit this page
> from my relay-only IP, I get
>
> "I'm sorry, but I really don't see why anyone would need to use a TOR node
> or Anonymous Proxy server to look at my site.
> So i'm afraid you can't look. Stop running TOR / using an anonymous proxy
> and you can view my site."
>
> Even though I'm not accessing the site over tor, and even though the node at
> my IP is a non-exit and there is no
> possibility that my IP would ever access their properties over TOR.
>
> Anyway, this surprised me.  In retrospect I suppose if people have access to
> the list of nodes (exit or not) they'll use
> it to set up firewall rules whether they understand what they are doing or
> not.
>
> If this is the way things are moving, I suppose I'll have to shut down or
> VPN up my home node.
>
>
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

