Opened 8 years ago

Closed 8 years ago

Last modified 6 years ago

#2793 closed defect (not a bug)

permanente outgoing conection when tor is running

Reported by: falcon Owned by:
Priority: Medium Milestone:
Component: - Select a component Version:
Severity: Keywords:
Cc: Actual Points:
Parent ID: Points:
Reviewer: Sponsor:

Description

when I start my tor server 82.216.145.xx i see some established
conections to distant port 53 (DNS ?) but also to distant machines on port 22 (SSH ?)
when i stop TOR these conections disapear
when I start my tor server they are back !! why ?
i dont allow any exit

tcp 0 0 82.216.145.xx:53534 50.7.240.28:22 ESTABLISHED
udp 0 0 82.216.145.xx:40578 89.2.0.1:53 ESTABLISHED
udp 0 0 82.216.145.xx:44967 89.2.0.2:53 ESTABLISHED
udp 0 0 82.216.145.xx:40664 82.216.111.122:53 ESTABLISHED

tor logs:

Tor v0.2.1.30. This is experimental software. Do not rely on it for strong anonymity. (Running on Linux i686)
Mar 24 00:52:37.764 [notice] Initialized libevent version 1.4.7-stable using method epoll. Good.
Mar 24 00:52:37.764 [notice] Opening OR listener on 0.0.0.0:9001
Mar 24 00:52:37.764 [notice] Opening Directory listener on 0.0.0.0:9030
Mar 24 00:52:37.764 [notice] Opening Socks listener on 127.0.0.1:9050
Mar 24 00:52:37.764 [notice] Opening Socks listener on 192.168.1.1:9100

tail /etc/tor/torrc

#
## Bridge relays (or "bridges") are Tor relays that aren't listed in the
## main directory. Since there is no complete public list of them, even if an
## ISP is filtering connections to all the known Tor relays, they probably
## won't be able to block all the bridges. Also, websites won't treat you
## differently because they won't know you're running Tor. If you can
## be a real relay, please do; but if not, be a bridge!
#BridgeRelay 1
ExitPolicy reject *:*

Child Tickets

Change History (3)

comment:1 Changed 8 years ago by nickm

Resolution: not a bug
Status: newclosed

Not a bug. These are other Tor servers running on unusual ports. Although it is traditional to run DNS on 53 and SSH on 22, there is nothing stopping people from running their Tor servers on those ports. Some people do this so that users whose firewalls only allow certain ports can still connect to the Tor network.

comment:2 Changed 8 years ago by atagar

That is not entirely correct. In this case the port 53 connections are *not* connections to an unusual ORPort (Tor does not relay over UDP connections), but rather persistent connections to the system's resolvers. This happens for all tor relays (non-exits included) and is a known issue, as discussed in:
https://trac.torproject.org/projects/tor/ticket/965

(personally I'd change the status to 'duplicate', but trac doesn't allow this without reopening so leaving as is)

comment:3 Changed 6 years ago by nickm

Milestone: Tor: 0.2.1.x-final

Milestone Tor: 0.2.1.x-final deleted

Note: See TracTickets for help on using tickets.