Hi,
If you do not operate a Tor exit node at BitFolk then this email
will be of little interest to you.
If you do, then read on…
A number of BitFolk customers operate Tor exit nodes. These generate
a constant stream of abuse reports because quite a lot of abusive
activity is conducted through Tor.
Most of the reports are automated and are informational in nature.
They expect no reply and are therefore ignored on the basis that
"it's a Tor exit node ¯\_(ツ)_/¯".
A minority are real people and in this case BitFolk points out that
the host is a Tor exit node and so neither BitFolk nor BitFolk's
customer has much control of the traffic that goes through it.
A minority of this minority of complainants are for one reason or
another not satisfied with that answer and in those rare cases we
expect the customer to correspond with the complainant.
A recent case was like this and has prompted some updates to our Tor
exit node policy. The updated policy can be found here:
https://tools.bitfolk.com/wiki/Running_a_Tor_node
The changes:
https://tools.bitfolk.com/w/index.php?title=Running_a_Tor_node&action=histo…
Briefly:
- We state clearly that you must use a dedicated IP for your Tor
node. Previously we've insisted customers use a dedicated IP from
the first time an abuse report came in, so this is just
formalising that.
- The correct Tor exit IP must appear in the Tor project list of
exit nodes, for the benefit of remote sites that are using those
lists to construct filters.
One reason why this recent abuse report escalated was because the
customer's exit node was misconfigured to list the VPS's *other*
IP address, so the complainant was seeing abusive activity
(Wordpress brute force in this case) coming from something that
wasn't listed as a Tor node.
- Clarify that when we ask for a response to an abuse report we
expect it within 72 hours.
- Warn that although we prefer correspondence with the complainant
to go through our ticket tracker, if the complainant insists then
you must give them a direct email address that reaches you.
I know that sucks, but it is unfortunately the price that must be
paid for running an abuse magnet like a Tor node: the abuse reports
*must* be answered. In 8 years of having Tor exit nodes at BitFolk
this is the first time that a complainant has insisted upon
corresponding directly with the node operator.
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
_______________________________________________
announce mailing list
announce(a)lists.bitfolk.com
https://lists.bitfolk.com/mailman/listinfo/announce
As sad day for Debian and a sad day for us as there are a lot of users
of Debian and its derivatives at Bitfolk.
-------- Forwarded Message --------
Subject: Debian Project mourns the loss of Ian Murdock
Resent-Date: Tue, 5 Jan 2016 13:21:33 +0000 (UTC)
Resent-From: debian-announce(a)lists.debian.org
Date: Tue, 5 Jan 2016 14:11:35 +0100
From: Laura Arjona Reina <larjona(a)debian.org>
Reply-To: debian-publicity(a)lists.debian.org
To: debian-announce(a)lists.debian.org
- ------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Debian Project mourns the loss of Ian Murdock press(a)debian.org
January 5th, 2016 https://www.debian.org/News/2016/20160105
- ------------------------------------------------------------------------
The Debian Project sadly announces that it has lost the founder of its
community and project, Ian Murdock.
Debian is only a part of Ian's legacy but perhaps the one that he is
most known for.
Ian was introduced to computers early in his life, and his curiosity
turned to familiarity which led him to start actively programming at
nine years of age. Later as a young adult at the Krannert School of
Management a mandatory programming class rekindled his fascination with
computer programming along with an idea and an opportunity to make
something better.
Ian started the Debian Project in August of 1993, releasing the first
versions of Debian later that same year. At that time, the whole concept
of a "distribution" of Linux was new. Inspired as he said by Linus
Torvalds' own sharing of Linux, he released Debian with the intention
that this distribution should be made openly, in the spirit of Linux and
GNU.
With that simple gesture Ian started a movement in the world of
software. Many developers joined him in this task of creating better
software in a better world.
- From his Debian Manifesto [1]: "The Debian design process is open to
ensure that the system is of the highest quality and that it reflects
the needs of the user community. By involving others with a wide range
of abilities and backgrounds, Debian is able to be developed in a
modular fashion. […] Involving others also ensures that valuable
suggestions for improvement can be incorporated into the distribution
during its development; thus, a distribution is created based on the
needs and wants of the users rather than the needs and wants of the
constructor."
1:
https://www.debian.org/doc/manuals/project-history/ap-manifesto.en%0A.ht
ml
His sharp focus was on creating a distribution and community culture
that did the right thing, be it ethically, or technically.
Releases went out when they were ready, and the project's staunch stance
on Software Freedom was and is still a gold standard in the Free and
Open Source world.
Debian 0.01 through Debian 0.90 were released between August and
December of 1993. Ian Murdock writes:
"Debian 0.91 was released in January 1994. It had a primitive package
system […]. By this time, there were a few dozen people working on
Debian, though I was still mostly putting together the releases myself.
0.91 was the last release done in this way."
"Most of 1994 was spent organizing the Debian Project so that others
could more effectively contribute, as well as working on dpkg […]."
"Debian 0.93 Release 5 happened in March 1995 and was the first "modern"
release of Debian: there were many more developers by then (though I
can't remember exactly how many), each maintaining their own packages,
and dpkg was being used to install and maintain all these packages after
a base system was installed."
"Debian 0.93 Release 6 happened in November 1995 and was the last a.out
release. There were about sixty developers maintaining packages in
0.93R6. If I remember correctly, dselect first appeared in 0.93R6."
Ian Murdock also notes that Debian 0.93R6 "… has always been my favorite
release of Debian", although he admits to the possibility of some
personal bias, as he stopped actively working on the project in March
1996.
Ian Murdock led Debian until March 1996, when he appointed Bruce Perens
as the next leader of the project.
The devotion to the right thing guided Ian's work, both in Debian and in
the subsequent years, always working towards the best possible future.
Debian would go on to become the world's Universal Operating System,
found on everything from the smallest embedded devices to the largest
cluster systems, to the Space Station because "of course it runs Debian"
which has been ported across multiple architectures and types of
hardware.
Ian's dream lives on: Debian is made up of a strong community that has
fostered development, growth, and wonder. It remains incredibly active
with thousands of developers working untold hours to bring the world a
reliable and secure operating system. Debian has sparked the interest,
curiosity, and passion of those who want to make something better. Then,
now, and far into the future.
- From the bottom of our hearts, we thank you Ian.
Throughout the Debian infrastructure our websites and services mark our
reflection and mourning with a darkened homepage banner and ribbons on
our logos. The thoughts of the Debian Community are with Ian's family in
this difficult time.
His family has asked for privacy and we very much wish to respect their
desires.
Within our Debian community and for the Linux community condolences may
be sent to <in-memoriam-ian(a)debian.org> [2] where they will be kept and
archived.
2: in-memoriam-ian(a)debian.org
This email address will be active until the end of January 2016. The
Debian Project will then provide the archive to the family and publish
the contents later this year if it is with the wishes of the family.
About Debian
- ------------
The Debian Project is an association of Free Software developers who
volunteer their time and effort in order to produce a completely free
operating system known as Debian.
Contact Information
- -------------------
For further information, please visit the Debian web pages at
https://www.debian.org/ or send mail to <press(a)debian.org>.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQGcBAEBCAAGBQJWi6ApAAoJEEw4Yb3McGt09/8MALmvrCy4+Sqexg4Znd7e5kzx
D5lnppMJ/lOdKIfQdLnFzIqm8/fhqN/91lN49g977DYcMsSs7P8XBOn8gC6jsj6U
LjhkAq3VJ2/0+y3EjhJuvDWW2uED3SY+lq01J3mIXLfqhcdjXkz0Qn+xhQF3nxHb
vL5dWbH2ucxe42WvsxLa1nBV/Xpff7mnV2eHUluO3nAQ+z7hxbd98F/2AvSvwrzJ
p7UdMb9iAAgKgqYDTfN6wj8m/4x4xin0ZhyQdSv06vTLsUrenrZK/6Ki9DKaU6b7
f5RlZvfwfCfK/+vpchT6XnBYxH/6puxhNJi8l/rBX55oh/FYMTf2ocskiBHJbCbg
vHsjckIJ4U5bXLUL6T4FEg+0XvxzWp+4q/ja36lhsw7C9B08rM2zgPla2cKwns8x
MVcMgXRhIsJj5PI7OBwCfvD4Ay8fQPG2FtYJCbPKDFSOn0Tc5VBfhs9VhDRjhRwZ
Khgo+KIpzTMKrjuTP0URXeM733sPOGDAkWzKvf6sOw==
=G9lF
-----END PGP SIGNATURE-----
Regards,
@ndy
--
andyjpb(a)ashurst.eu.org
http://www.ashurst.eu.org/
0290 DA75 E982 7D99 A51F E46A 387A 7695 7EBA 75FF
Let me start by saying that I'm pretty confident that this problem has
nothing to do with Bitfolk, but it involves my Bitfolk VPS and there are
some pretty knowledgeable people here...
I run a git repository on my Bitfolk VPS, which clients connect to over
ssh using an unusual port number. (I know that doesn't provide much
extra security, but it reduces the number of irritating log messages.)
One of the client machines is at a school, and said school is in the
process of changing their ISP and firewall software. The new ISP is
Virgin and the new firewall is Smoothwall.
The actual client machine has a local IP address (172.16.x.x) and both
old and new Internet connections use a NAT firewall.
I've been asked to switch over their client machine from using their old
firewall as its default gateway to using the new one. Most things are
fine, but...
With the client machine set to use the new gateway it can ssh to my
Bitfolk VPS just fine. If on the other hand I try to use scp from the
client to the VPS, it gets through the authentication phase and then
just hangs.
If I switch back to the old gateway, both ssh and scp work fine. I get
no warnings about machine IDs having changed, so I'm fairly confident
that there isn't a man-in-the-middle element to the new firewall.
I've been scratching my head over this for a couple of days because I
can't imagine how a firewall lets through ssh and blocks scp. The only
thing I've found on-line is the surprising news that scp is sensitive to
messages echoed during login, but when I connect using ssh then the
messages which I get are identical via old or new gateway.
Anyone any ideas?
TIA,
John
