Silk Road forums

Discussion => Newbie discussion => Topic started by: narcocapitalist9 on May 04, 2013, 03:58 pm

Title: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 03:58 pm
I'll keep this short and sweet. The problem with the tor network is that there is no incentive for anyone to provide relay capacity. Right now, this is part of what the attacker is exploiting. If as many SR users as possible were to run a reasonably sized non-exit tor relay (preferably at least 1200kbit), because tor is such a small network (for the reasons above) if everyone got behind this and pumped up tor's capacity even by as little as 20%, it might make enough of a margin that SR was accessible a lot more than it is currently.

I have ideas about how to make a replacement for tor, which would be largely based on tor but would have built in enforcement of relay reciprocation (using scriptable contracts), no exit nodes, but it's the basis of a bigger idea I have that could actually realise the dream of SR becoming highly decentralised and distributed (involving a further expansion of the contracts management system and interfaces to bitcoin API). But that's a 18-36 month project really. So the immediate goal would be to swell tor capacity so quickly that this attacker can't any longer flood the network like they are. If there is any hackers amongst us, maybe they could have a crack at figuring out if there is any way to identify this attacker.

One method I've thought of is to create a browser extension that downloads a small selection of a rotating and constantly expanded collection of alternative onion addresses, and use user authentication for people who actually use the site, it would enable it to become possible to narrow down which user is causing this trouble and shut down their account, and continue to do that until they get bored or tired of having to wait for new account authentication. Come to think of it, making a delay between creating an account and being able to actually log in would help with this too. It would disadvantage new users but at this time there is gonna be no new users anyway.

Just iterating through all the options I can think of for how to fix this problem. Also, racking up post counts so I can get out of the newbie jail with actual productive posts. Hopefully this idea will catch on and hundreds of SR users will set up decently large capacity non-exit tor relays to make flooding SR a much harder job.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 04:16 pm
This is another idea that I don't know how useful it is, but it seems to be noticably improving response time from this forum, but I have increased 'keep-alive timeout' in both my firefox and privoxy configuration to 3600 seconds (1 hour). I think that it may be a way to hold onto connections and reduce the number of connections that the attacker can use to flood the SR server with bullcrap. I know probably most users are using the torbrowser bundle, but the configuration can be done on that too, go to 'about:config' and search 'keep-alive' and edit the number upwards from the default 300 (5 minutes). perhaps 900 seconds would be enough, but I've set mine to 3600. There is downsides to this action, in that more of the connections to the server will be tied up in keep-alive connections, but most legitimate users only use one at any given time anyway.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 04:35 pm
The spam to get 50 posts content on this segment of the forum is intense. So I am posting answers to my own post to keep it on the front page. This hiatus in access to SR has led to me having almost nothing to do at all, and I love and am good at finding solutions, so I am gonna keep bumping this post up with any new thoughts I have.

Well, to be honest, I can't think of anything additional to add to my previous ideas. A comprehensive plan that consists of more immediate and easy to implement actions plus a progressive scale of actions that have a longer time to realisation is required. This problem is not going to go away. As I said, this has always been a vulnerability in Tor, and frankly I'm surprised that it took this long for a determined attacker to show up and start trying to ruin everything for the rest of us. I am going to become a much more active member of this community and contribute whatever I can. Silk road is my new online community. I was spending a lot of time around bitcoin people lately but the action here is fast paced enough that I should find my urge to chatter and think up solutions to problems (especially now) that I am going to keep posting whatever comes to mind on every non-spam-to-50 thread that I can find, and try and raise the newbie forum above that a little, at least while there is no SR to speak of.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: H3rm3s on May 04, 2013, 04:58 pm
So let me get this straight. If we all ran relays the amount of additional bandwidth in the tor network would effectively scale down the DDoS to a manageable level?
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 05:01 pm
it may be enough. even 10% expansion may make enough difference that the attack becomes too expensive for this attacker to continue. but there are other measures. one of them i am proposing is increasing http keep-alive in browsers and privacy proxies that would lock up some of the pipes into the server that would allow already logged in users to continue to access it.

all i can say is, it is worth a try. tor is such a small network and there is enough SR users that we might be able to drown this attacker in capacity.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: eoyz on May 04, 2013, 05:06 pm
So let me get this straight. If we all ran relays the amount of additional bandwidth in the tor network would effectively scale down the DDoS to a manageable level?

Thats the way I understand it, although how much of us would it actually take to make a noticeable impact? and who knows how much resources the attacker has behind him..
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 05:08 pm
https://metrics.torproject.org/network.html

have a look at this graph. see the numbers: 3000 tor relays in the WHOLE NETWORK. even if only 500 SR users started running a relay at say 1.5mbit (about 1.5 megabytes per second capacity, or most of the upstream of your typical adsl2 connection) we would swell the population of tor nodes by 1/6th. that's um, about 16% expansion of tor capacity. It doesn't even have to be done for long, just enough to exhaust this fucktard (s) of their enthusiasm to continue to attack SR.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: oddthomas on May 04, 2013, 05:12 pm
Okay I am not totally computer illiterate, but you are gonna have to give me step by step directions on how to configure. Willing to try !
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 05:13 pm
that's kinda funny, i was composing that last message in response to the previous post but it answers the subsequent post quite well too. yes, absolutely. and especially those vendors who have been able to afford nice fat cable connections. if they were running non-exit relays... i have 15mbit of upstream connection on my connection, but that's on the low side for cable connections. in this country i live in, you can get a connection with as high as 100mbit. hell, i'd go order another connection from another provider and get a second old clunker computer to run the second connection relay, if someone donated me about $300. that's all it would take here. I pay $5/month currently for a 45/15mbit cable connection which is an ethernet cable straight into my house. Hell, I'd get three more for that, get two extra ethernet cards and run relays bound to each one. I could add, right here, in the next week, another 200-300mbit of capacity to the tor network for under 500 dollars. surely others can something towards this. even 1mbit (800kb/s) extra capacity for each of 500 SR users would swell the tor capacity so much that it would significantly weaken this attack.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: eoyz on May 04, 2013, 05:20 pm
https://metrics.torproject.org/network.html

have a look at this graph. see the numbers: 3000 tor relays in the WHOLE NETWORK. even if only 500 SR users started running a relay at say 1.5mbit (about 1.5 megabytes per second capacity, or most of the upstream of your typical adsl2 connection) we would swell the population of tor nodes by 1/6th. that's um, about 16% expansion of tor capacity. It doesn't even have to be done for long, just enough to exhaust this fucktard (s) of their enthusiasm to continue to attack SR.

Alright theres something I can get behind actual numbers hah. Your talking about this

Settings -> Sharing -> Relay traffic inside the Tor-Network (non-exit relay)
Right?
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 05:24 pm
this is the instructions for setting up tor relays using vidalia (which most users will be using, via torbrowser bundle):

https://www.torproject.org/docs/tor-doc-relay.html.en

if anyone needs help, visit this IRC (i am running it off my little netbook... well, i suppose i should say where i live: in bulgaria, hence why i am not as concerned about fingerprinting my identity, cos SR is not big here, nor are the local cops interested in people who don't sell drugs here - the cops here are heavily tied up in the drug trade and a bunch of rackets associated with various industry segments - yes, quite corrupt cops):

ekp6syxymhff4etf.onion port 6667 channel #silkroad

and i will gladly walk you through the process to get a tor relay running. i honestly don't care that i'm sticking my neck out. my life is gonna be shit if SR goes down for good. my nuts are on the chopping block along with DPR's quite frankly.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: H3rm3s on May 04, 2013, 05:28 pm
Thats the way I understand it, although how much of us would it actually take to make a noticeable impact? and who knows how much resources the attacker has behind him..

If I had to wager money on who was doing the attack I'd say the government hired a private security firm to do it. So chances are they have more resources. It'd probably take double maybe triple what Narco is quoting to do anything significant. Think about it like this. If DPR is good enough to avoid detection this whole time and keep this site running he must know a thing or two. DDoS attacks are standard fare anymore and there are methods of stopping them. Way I see it the fact he hasn't been able to yet means there are some big players at work. With computers it's not a matter of IF it's a matter of WHEN. Hopefully that when is soon. It's fun to think about really, like we're old fashioned pirates and some shitty royal navy is blockading our port. Except in that situation we'd have enough ships and crews to just break it. Now that I'm thinking about it setting up relays is almost as good. Yeah I'll run one.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: toejammer on May 04, 2013, 05:30 pm
and we lock this kind of info in NEWBE forum.. fucking fuck for fucks sake This whole 50 post shit BLOWS to high heaven. I had a 700+ account i had to trash..thanks for the ifo! They should give u 30 posts free for this info.

Fucking forum nazis.. Free open forum my ass.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 05:48 pm
i doubt it's government. though it could be. they got burned pretty hard over hbgary. it's just as likely it's some 17 year old script kiddy with a swarm of 100 zombie machines doing this.

the 50 posts rule, it's not entirely stupid. the alternative would be to have more mods, and that requires trust, to kick out the malicious types. it's not so different demanding 50 posts in here as it is to pay 400 dollars to open a vendor account, when you think about it. it is a cost in time, in the forum, as opposed to money, that would lower the cost/reward ratio for spammers and scammers.

anyway, if my ideas have merit, they will percolate up to the rest of the forum. also, if i keep writing informative and insightful posts i will have gained a lot of reputation in the process. so it's all good with me.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: MDUK on May 04, 2013, 05:52 pm
Do we know that adding more relays would help SR come back online?
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: fourthDVD on May 04, 2013, 05:55 pm
I think that if there is a reasonable way for us to help, the admin and DPR will let us know.  We all have a reason to put in some effort and they know it!
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 06:00 pm
i was gonna say something else, but i forgot what it was already. got distracted by the forum's post-per-IP address warning. (all ip's on this forum are localhost, it's a tor service).

just gonna stop and think for a moment.

oh yes, even if it doesn't measurably weaken this attack on SR, it will increase the capacity of the tor network which will mean that SR is that much more available in the future. measurably. really, most particularly vendors should all be running relay nodes. how else are their customers gonna get at the site?

i didn't realise just how slowly the tor network had grown. i might be remembering incorrectly from 5 years ago but i'm sure that the present number of 3000 is only 50% greater than 5 years ago, when it was around 2000.

you see what i mean about how poorly designed the tor network is for encouraging people to actually run tor hidden services, let alone using tor in general. think of it this way. every kilobit of extra capacity that you personally add to the network, the more capacity it has. it will make using other websites, inside or outside the tor network, more responsive. i don't know what the figures are on the megabit capacity of the tor network, but i'm pretty sure if we could get 500 people to add 1mbit each that it would cut down latency by about 3-5 seconds most of the time.

it's just a stop-gap measure, but it's something that the mass of SR users could make a significant dint in the ability of malicious users of the network to flood any single hidden service. i have other ideas for how to further improve the situation, but i need to build up a reputation for having good ideas, and if this idea makes SR accessible 20% more it's a big gain, and it would be in a large part due to my activism for this temporary solution.

oh yeah, FourthDVD, the SR team is not infallible. They are doing well, i'm sure, with the resources they have to hand. but my suggestion for something that every SR user can do, even if it doesn't make a huge difference, will make some difference. It will also improve the tor network as a whole. I have had contact with the tor devs way back 5 years ago, and me and several others on the mailing list predicted that this kind of problem would eventually occur due to the lack of incentive for people to run relays. I can't think of a better reason to run a relay than because you want to be able to buy and sell drugs that make your life better. can you?
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: GoofyGlasses57 on May 04, 2013, 06:03 pm
It sounds like a nice idea in theory, but I doubt that enough people would commit to it. You also have to realize that only a fraction of SR users probably read the forums.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 06:04 pm
There's no guarantee it would help but there is so many SR users that it very well could. especially if there is a number of folk here who have 100mbit connections they could easily dedicate 50mbit of their connection for a short time to. It's better than sitting here unable to get on. Something that could very well help. look at the chart of the number of relays in the tor network. it's pitiful. seriously, I have been using tor for about 6 years, and I didn't realise how little the capacity of the network had grown in terms of numbers of relays. 500 new relays at even 1mbit each would definitely raise the bandwidth of the tor network at least 5% if not 15%
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 06:08 pm
there is no guarantees for anything in life.

but you can see the numbers on the relays here. sure, there is the small issue that maybe a sharp rise in relays might be composed of SR users, but how can anyone verify that? you gotta weight it up against what we are all losing here. if sr goes down we have to suffer with the newbs running the other sites, or go back to dealing with the local criminal networks. i don't know how much of SR vendor population is actually criminals (as in, people who also steal, rob, burgle, scam, etc) but i suspect that it's not the majority. i would be willing to bet that the majority of SR users are socially isolated geeks who like using drugs, 'drug geeks', and that they appreciate having a marketplace that is not overrun by violent thugs. how about you? what is your social status? are you here because it's a place to troll, or are you here because this is a sanctuary?
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 06:34 pm
just bumping this up cos this forum is full of spamming tards who think that 50 posts is unreasonable.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: catcherofrye on May 04, 2013, 06:36 pm
fuck it. let's give it a shot. couldn't hurt
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: rousseau on May 04, 2013, 06:45 pm
this sounds like a really good idea, but as most SR users are mid-techies, how about some step by steps on how to use our collective power to increase the tor network stability..

i for one would love to contribute to the tor network if you could provide me with some step by steps on how to. i'm ubuntu 12/04 //

Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: brainstew on May 04, 2013, 06:51 pm
I'm a bit of a lazy fucker when it comes to reading stuff on my computer so if it has been mentioned before sorry.

If you're setting up relaying you can't just check the box in the vidalia control panel assuming you're using that service. Everybody is or should be behind a firewall/router of some kind. You'll need to open the ports in your firewall that are required for relay and directory for it to work correctly.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 07:04 pm
as i said, go visit my IRC hidden service at ekp6syxymhff4etf.onion port 6667 (standard port, you just need to have a proxy on your IRC client). i am most happy to walk people through the process, and of course at least some of those i help will pass the help on.

i am running that IRC out of a cable connection that I am also running a 15mbit tor relay out of, here in bulgaria. i couldn't give a fuck about the local police wanting my ass. i have encountered them once already and they are incomptetent retards. most of them can't speak english. so just don't admit anything about who you are on my irc. i am not logging the chatroom anyway, and if people stick to the topic at hand, there is nothing incriminating anyway. not that bulgarian authorities will proactively inform governments in other countries. you would not believe how lax they really are. don't believe anything that you see on an official BG government site. i have talked to a few locals and they are all of the opinion that the 31% non-taxed trade in this country is more like 80-90%. people in this country are awesome.

obviously, you can't access my irc without tor (and i made double sure today that it's not accessible without tor, i was shocked to realise that i had not stopped people from using my tor socks port to relay - didn't even notice) anyway. yeah, instilling much confidence i am. whatever. ask me questions here, i am still happy to answer. IRC is just a more immediate medium.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: Tripazoid on May 04, 2013, 07:04 pm
Are there any security implications with running a TOR relay? Is someone running a relay more identifiable than someone who isn't?

Also, I tunnel TOR through my VPN service. Is it still possible to run a relay with this configuration? Would I have issues with my VPN provider?

Just curious.... if it's safe, and possible, and may help make a difference, then I'm up for helping out  :)
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 07:11 pm
running a non-exit tor relay, no, pretty much no security risks. i have been involved with the tor community for years and the big gripe with people running relays is exit relays. this is irrelevant if we are trying to increase capacity of tor to increase the cost of attacking SR. SR is a hidden service so you don't need to run an exit relay to help.

i'm not sure what you mean by 'running tor through my vpn service'. what is the layering arrangement. do you connect to the VPN via tor, or do you run tor *from* the vpn's ip address? i suspect you are running it *to* the vpn, because i don't know of how to tell tor to forward to another proxy. i know it is becoming common for people to connect to a VPN with tor then exit from there, because so many sites are prejudiced (somewhat justifiably) against tor exit relays. i personally have had huge trouble with both mtgox and btc-e because of using tor. connecting to a VPN via tor would solve that problem. so i am guessing that is what you mean.

if so, then the VPN is irrelevant. the tor relaying happens on your ip, not at the VPN where you forward your tor connections to. the tor server running on your ip does not send out through the VPN when it is relaying, it bounces from one tor node (which could be an entry or a client) to other tor nodes to make the 3 hop circuits.

so, in a nutshell, it won't affect you except that it will consume some of your bandwidth quota. other tor users will relay through your tor node. but sometimes this will be other SR users.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 07:54 pm
just bumping this post up. i haven't got any new ideas but the traffic on this board is frenetic.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 08:13 pm
just bumping it up again, cos this section of the forum is so full of people trying to get their 50 posts. yes, i am trying to get my 50 posts too, but at least i'm trying to use these posts productively.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 04, 2013, 08:24 pm
another bump. i want to make sure as many noobs as possible read this. even if they are too young or stupid to realise the intention i have in making this thread. i want to try and raise the level of consciousness in the community in general as to how they can contribute to making this the best and most robust and available online drug marketplace on the internet. hence why i am not just stopping at saying 'bump' in this post. i am only 6 posts short of the 50 required, but i'm not gonna spam up the newbie jail like some retards think is ok to do. if they spam up this forum what will they do in other forums?
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: fourthDVD on May 04, 2013, 08:39 pm
I think that if there is a reasonable way for us to help, the admin and DPR will let us know.  We all have a reason to put in some effort and they know it!
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: catchthesunfish on May 04, 2013, 09:06 pm
In the vidalia bundle, they should enable the non-exit tor relay ON by default.  Maybe with some link speed checking so it would revert off if not enough bandwidth was available.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: Baraka on May 04, 2013, 09:11 pm
This is fucking brilliant! Combine it with a proof-of-work algorithm and you've got a government/police-proof winner that'll change the world. Fantastic!!!

Quote
I have ideas about how to make a replacement for tor, which would be largely based on tor but would have built in enforcement of relay reciprocation (using scriptable contracts), no exit nodes, but it's the basis of a bigger idea I have that could actually realise the dream of SR becoming highly decentralised and distributed (involving a further expansion of the contracts management system and interfaces to bitcoin API). But that's a 18-36 month project really. So the immediate goal would be to swell tor capacity so quickly that this attacker can't any longer flood the network like they are. If there is any hackers amongst us, maybe they could have a crack at figuring out if there is any way to identify this attacker.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: Tripazoid on May 04, 2013, 11:51 pm
running a non-exit tor relay, no, pretty much no security risks. i have been involved with the tor community for years and the big gripe with people running relays is exit relays. this is irrelevant if we are trying to increase capacity of tor to increase the cost of attacking SR. SR is a hidden service so you don't need to run an exit relay to help.

i'm not sure what you mean by 'running tor through my vpn service'. what is the layering arrangement. do you connect to the VPN via tor, or do you run tor *from* the vpn's ip address? i suspect you are running it *to* the vpn, because i don't know of how to tell tor to forward to another proxy. i know it is becoming common for people to connect to a VPN with tor then exit from there, because so many sites are prejudiced (somewhat justifiably) against tor exit relays. i personally have had huge trouble with both mtgox and btc-e because of using tor. connecting to a VPN via tor would solve that problem. so i am guessing that is what you mean.

if so, then the VPN is irrelevant. the tor relaying happens on your ip, not at the VPN where you forward your tor connections to. the tor server running on your ip does not send out through the VPN when it is relaying, it bounces from one tor node (which could be an entry or a client) to other tor nodes to make the 3 hop circuits.

so, in a nutshell, it won't affect you except that it will consume some of your bandwidth quota. other tor users will relay through your tor node. but sometimes this will be other SR users.

Just to clarify, I connect to the VPN first (without TOR) and funnel all my internet traffic through that. Then I run Vidalia/TOR. So all the TOR traffic goes through the VPN connection. The reason I do it that way is so that my ISP, if they were to look at my traffic, would just see the encrypted VPN connection- they wouldn't be able to tell that I was running TOR.

It just gives me that extra little bit of piece of mind. Some ISP's can be quite nosy, especially now that they use deep packet inspection and stuff. Running TOR is not illegal at all, but it might be a red flag that says "Watch this IP".

So with this arrangement, can I safely run a relay?

.... and thanks for the info :)
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 05, 2013, 07:56 am
To enable you to run a relay you have to be able to receive connections inbound. I would think that to do that you have to do something on your VPN that forwards 9001 (at least) and if possible 9030, back from the VPN address to your machine. However, this would then put your VPN address on the tor relay database. Mostly this is not a problem, because torwalls only block exit nodes, not non-exit nodes.

So the answer is yes, you can do it, but it may not be possible with your current VPN provider.

Something you might consider is to switch or upgrade your VPN account to a shellbox, then you can run the non-exit relay on the shell account (and use it's nice fat bandwidth) and connect to your client programs to a proxy chain that leads to the tor relay via the VPN.

I am running a fairly fast relay on my little baby netbook pc on a fast connection, but if I can find a shell account service with reasonably cheap bandwidth (like say 50mbit-100mbit, uncapped) I would love to be putting that shit onto the tor network. I would consider it, at this time, a cost of doing business as an SR vendor, helping provide the bandwidth and infrastructure that enables me to sell to people without being traceable to a physical location. I will almost certainly be setting up such a relay in the not too distant future. What I have got running now is pretty good, but a netbook is not fast and at times my machine is bogged down with high CPU load and i'm sure that increases tor latency.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: patcake on May 05, 2013, 09:46 am
I know little about VPNs so sorry if these questions appear a little stupid.

What does a VPN do?

I of course am using Tor. What will a VPN add?

Can anyone connect to a VPN?

What VPN can i join and where can I connect to a VPN?

Once again, I am a bit of a computer novice with this whole thing and if anyone takes some time out to help I would be very grateful.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 05, 2013, 11:08 am
A VPN (Virtual Private Network) creates a point to point link between your computer and another computer and essentially merges the two networks. It's often used by businesses to remotely access filesystems in other locations.

You can run VPNs on anything, even smartphones all have the capacity to use them now. I set up one for a bankruptcy consultant so he could access a linux fileserver's windows network filesystem (SMB) with his ipad and iphone.

A VPN can let you hide your ip address, and you can connect to a VPN using a proxy like tor, as well. A proxy is different to a VPN, the VPN acts like a virtual ethernet connection to the other network, and it can be two way, and you can use the gateway on the remote network to access the internet.

Now, that reminds me, whoever it was who was asking about running a tor non-exit relay from their machine, just forward ports 9001 and 9030 to your local machine and set it to be a realy with no exits and set your desired bandwidth usage. The non-exit servers never get flagged as potentially malicious sites by sites on the clearnet because they never get connections from them. Tor non-exit relays and tor client use are separate things, there is no reason why you can't connect to a VPN via tor and run a non-exit (or even an exit) relay at the same time. Your outbound connections will go through tor, and the tor network will use your tor node on your LAN for onion circuits.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: Wepromisetwenty on May 05, 2013, 11:22 am
Nice thread mate.

I've been toying with this idea for a while anyway, just from wanting to help out with tor. I'd be up for relaying if I knew the specifics of it, and had some sort of quantifiable idea of how much difference i'd make. Also, presumably this only works when my machine is running - so is it still worth doing if i'm only switched on for half the day?

Wish this thread would get moved to a more appropriate board. Maybe you should refine it and post it again? Big ask I know - but this would be interesting to a lot of people i'm sure.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 05, 2013, 12:12 pm
I have already: forgot to post it here:

http://dkn255hz262ypmii.onion/index.php?topic=155913.msg1090694#msg1090694

As for 'how much difference can i as a little individual person make', per user, maybe 0.01% increase. But if 100 people who use silk road did that, that would raise the capacity of the tor network by close to 1% Maybe more. Look at the chart. There is just over 3000 relays currently. 100 SR users adding their contribution swells the count by 3%
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: Wepromisetwenty on May 05, 2013, 12:14 pm
Nice, thanks!
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: D3xalias on May 05, 2013, 12:39 pm
Why doesn't DPR protect silkroad like botnet owners protect their botnets with multiple layers of servers

Lets say the attacker attacks server 1 server 2 will jump in and take over and host the site and the site continues to be up without a hitch

i doubt the attacker has enough power to lets say take 5 servers down
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: narcocapitalist9 on May 05, 2013, 01:14 pm
The problem is that silkroadvb5piz3r.onion only has 6 introducer nodes at any given time. If you shut one down and start another, within 5 minutes the attacker will be clogging the new introducer/rendezvous nodes again. This is what she meant by saying that the weakness was inherent in the tor hidden service protocol. A proper solution to this would require another layer of network system akin to a DNS service that lets you set round-robin results so you could have a bunch of onion addresses that get given out on a rotating basis, you could have those on the same server or on multiple servers. Such a system does not currently exist. I think further back, maybe in the OP, i mentioned the idea of using a browser extension to implement a similar type of system, combined with a small web service address that returns a set of alternate addresses.

I just want to reiterate though, simply turning up your http keep-alive timeout in about:config in firefox (or torbrowser) will hold connections open longer so once you get in you can stay connected longer. I set mine to an hour. Those held-open connections cannot be used by the attacker.
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: HighGirl on May 06, 2013, 12:37 am
Anything to help
Title: Re: A proposal for collective action to help stave off the attack on SR
Post by: patcake on May 06, 2013, 10:55 am
Thank you for the information narcocapitalist9.

Do you know of a VPN I could use? Or do you have to pay for one?