|Contact Person:||Alan Beadle & Pad Cashin|
|Last Update:||Fall 2015|
|Operating system:||Debian 8|
|NIC 1:|| Clarkson Network |
|CPU:||Core 2 Duo|
Tor-exit is a Tor exit note run by the Clarkson Open Source Institute with the permission of OIT and Clarkson University.
It is currently in the process of being set up for a CS-657 project. Various measures are being taken to ensure that it will be run safely, and if it proves harmless, it may continue to be run after the class project is completed. If that is the case, it will need to be handed off to someone else for the 2016-2017 academic year, and the contacts at OIT and elsewhere will need to be changed.
1. Designate a technical/administrative contact for the project. We can automate abuse notices so that they forward to this contact for you/them to respond.
2. Use iptables/ipfilters to prohibit outbound traffic from the TOR host to on-campus networks; outbound from TOR host to COSI/ITL networks are okay, but all others should be DROP'ed by the host firewall.
3. Establish a specific reverse DNS name for the IP assigned to the TOR host, indicating its purpose. I've seen others that are formatted similar to "tor-exit.cosi.clarkson.edu"
4. Run a simple web server on tcp/80 on this host which hosts a page indicating the host's purpose. Something akin to: http://tor-exit-node.cs.usu.edu/
5. As long as it is compatible with your research intentions, I would like to see us running a reduced exit policy. This will minimize opportunities for abusive traffic types. (See https://trac.torproject.org/projects/tor/wiki/doc/ReducedExitPolicy)