emdee
/
exclude_badExits
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
20 Commits 1 Branch 0 Tags 141 KiB
Python 95.2%
Shell 3.5%
Makefile 1.3%
Go to file
emdee 204a6adc48 Async added and removed 2022-11-27 01:10:18 +00:00
.gitignore Initial commit 2022-11-07 05:35:14 +00:00
README.md changed contact to bad_on 2022-11-19 10:30:22 +00:00
exclude_badExits.bash Async added and removed 2022-11-27 01:10:18 +00:00
exclude_badExits.py Async added and removed 2022-11-27 01:10:18 +00:00
support_onions.py Async added and removed 2022-11-27 01:10:18 +00:00
trustor_poc.py Async added and removed 2022-11-27 01:10:18 +00:00

README.md

This extends nusenu's basic idea of using the stem library to dynamically exclude nodes that are likely to be bad by putting them on the ExcludeNodes or ExcludeExitNodes setting of a running Tor.

The basic idea is to exclude Exit nodes that do not have ContactInfo:

That can be extended to relays that do not have an email in the contact, or to relays that do not have ContactInfo that is verified to include them. But there's a problem, and your Tor notice.log will tell you about it: you could exclude the relays needed to access hidden services or mirror directories. So we need to add to the process the concept of a whitelist. In addition, we may have our own blacklist of nodes we want to exclude, or use these lists for other applications like selektor.

So we make two files that are structured in YAML:

/etc/tor/yaml/torrc-goodnodes.yaml
GoodNodes:
  Relays:
    IntroductionPoints:
      - NODEFINGERPRINT
  ...
By default all sections of the goodnodes.yaml are used as a whitelist.

/etc/tor/yaml/torrc-badnodes.yaml
BadNodes:
  ExcludeExitNodes:
    BadExit:
      # $0000000000000000000000000000000000000007

That part requires PyYAML https://github.com/yaml/pyyaml/ or ruamel: do pip3 install ruamel or pip3 install PyYAML; the advantage of the former is that it preserves comments.

(You may have to run this as the Tor user to get RW access to /run/tor/control, in which case the directory for the YAML files must be group Tor writeable, and its parents group Tor RX.)

Because you don't want to exclude the introduction points to any onion you want to connect to, --white_onions should whitelist the introduction points to a comma sep list of onions; we fixed stem to do this:

--torrc_output will write the torrc ExcludeNodes configuration to a file.

--good_contacts will write the contact info as a ciiss dictionary to a YAML file. If the proof is uri-rsa, the well-known file of fingerprints is downloaded and the fingerprints are added on a 'fps' field we create of that fingerprint's entry of the YAML dictionary. This file is read at the beginning of the program to start with a trust database, and only new contact info from new relays are added to the dictionary.

Now for the final part: we lookup the Contact info of every relay that is currently in our Tor, and check it the existence of the well-known file that lists the fingerprints of the relays it runs. If it fails to provide the well-know url, we assume its a bad relay and add it to a list of nodes that goes on ExcludeNodes (not just ExcludeExitNodes). If the Contact info is good, we add the list of fingerprints to ExitNodes```, a whitelist of relays to use as exits.

--bad_on We offer the users 3 levels of cleaning:

  1. clean relays that have no contact =Empty
  2. clean relays that don't have an email in the contact (implies 1) =Empty,NoEmail
  3. clean relays that don't have "good' contactinfo. (implies 1) =Empty,NoEmail,NotGood

The default is =Empty,NotGood ; NoEmail is inherently imperfect in that many of the contact-as-an-email are obfuscated, but we try anyway.

To be "good" the ContactInfo must:

  1. have a url for the well-defined-file to be gotten
  2. must have a file that can be gotten at the URL
  3. must support getting the file with a valid SSL cert from a recognized authority
  4. (not in the spec but added by Python) must use a TLS SSL > v1
  5. must have a fingerprint list in the file
  6. must have the FP that got us the contactinfo in the fingerprint list in the file,

For usage, do ```python3 exclude_badExits.py --help`

Usage


usage: exclude_badExits.py [-h] [--https_cafile HTTPS_CAFILE]
                           [--proxy_host PROXY_HOST] [--proxy_port PROXY_PORT]
                           [--proxy_ctl PROXY_CTL] [--torrc TORRC]
                           [--timeout TIMEOUT] [--good_nodes GOOD_NODES]
                           [--bad_nodes BAD_NODES] [--bad_on BAD_ON]
                           [--bad_contacts BAD_CONTACTS]
                           [--strict_nodes {0,1}] [--wait_boot WAIT_BOOT]
                           [--points_timeout POINTS_TIMEOUT]
                           [--log_level LOG_LEVEL]
                           [--bad_sections BAD_SECTIONS]
                           [--white_onions WHITE_ONIONS]
                           [--torrc_output TORRC_OUTPUT]
                           [--relays_output RELAYS_OUTPUT]
                           [--good_contacts GOOD_CONTACTS]

optional arguments:
  -h, --help            show this help message and exit
  --https_cafile HTTPS_CAFILE
                        Certificate Authority file (in PEM)
  --proxy_host PROXY_HOST, --proxy-host PROXY_HOST
                        proxy host
  --proxy_port PROXY_PORT, --proxy-port PROXY_PORT
                        proxy control port
  --proxy_ctl PROXY_CTL, --proxy-ctl PROXY_CTL
                        control socket - or port
  --torrc TORRC         torrc to check for suggestions
  --timeout TIMEOUT     proxy download connect timeout
  --good_nodes GOOD_NODES
                        Yaml file of good info that should not be excluded
  --bad_nodes BAD_NODES
                        Yaml file of bad nodes that should also be excluded
  --bad_on BAD_ON       comma sep list of conditions - Empty,NoEmail,NotGood
  --bad_contacts BAD_CONTACTS
                        Yaml file of bad contacts that bad FPs are using
  --strict_nodes {0,1}  Set StrictNodes: 1 is less anonymous but more secure,
                        although some sites may be unreachable
  --wait_boot WAIT_BOOT
                        Seconds to wait for Tor to booststrap
  --points_timeout POINTS_TIMEOUT
                        Timeout for getting introduction points - must be long
                        >120sec. 0 means disabled looking for IPs
  --log_level LOG_LEVEL
                        10=debug 20=info 30=warn 40=error
  --bad_sections BAD_SECTIONS
                        sections of the badnodes.yaml to use, comma separated,
                        '' BROKEN
  --white_onions WHITE_ONIONS
                        comma sep. list of onions to whitelist their
                        introduction points - BROKEN
  --torrc_output TORRC_OUTPUT
                        Write the torrc configuration to a file
  --relays_output RELAYS_OUTPUT
                        Write the download relays in json to a file
  --good_contacts GOOD_CONTACTS
                        Write the proof data of the included nodes to a YAML
                        file

This extends nusenu's basic idea of using the stem library to dynamically
exclude nodes that are likely to be bad by putting them on the ExcludeNodes or
ExcludeExitNodes setting of a running Tor. *
https://github.com/nusenu/noContactInfo_Exit_Excluder *
https://github.com/TheSmashy/TorExitRelayExclude The basic idea is to exclude
Exit nodes that do not have ContactInfo: *
https://github.com/nusenu/ContactInfo-Information-Sharing-Specification That
can be extended to relays that do not have an email in the contact, or to
relays that do not have ContactInfo that is verified to include them.