Vocatus Posted December 27, 2010 Share Posted December 27, 2010 Hello all, new user here. I'd never heard of unRAID until yesterday, when a guy I met selling a server on Craigslist said he'd been using it on his box for 6 months happily. So...here I am. I'm looking to replace our current software RAID-5 WinXP SP3 file server with unRAID. The file server performs these functions: 1. Backup 2. Media storage 3. Media streaming 4. Tor Relay 5. BitTorrent downloader AFAIK unRAID can perform all these functions, except a Tor relay. Has anyone successfully run the Tor client as a relay on unRAID? thanks for any help Link to comment
prostuff1 Posted December 27, 2010 Share Posted December 27, 2010 I am not running TOR on my unRAID server but from the quick searching I did it does look possible. Link to comment
Vocatus Posted December 29, 2010 Author Share Posted December 29, 2010 Thanks Prostuff. Can I ask where you found that? I did a search and didn't pull up any results for tor. Link to comment
prostuff1 Posted December 29, 2010 Share Posted December 29, 2010 My search involved google, not this board. It looks like the source is available and there are people running it on Slackware (which unRAID is based off of). It can be done, there is no writeup on in this forum, though it might not be the easiest thing to do. Link to comment
Vocatus Posted December 29, 2010 Author Share Posted December 29, 2010 Okay thanks. I figured it would be a bit of a challenge since slack isn't the easiest thing to run things on :-P Link to comment
reggie14 Posted December 29, 2010 Share Posted December 29, 2010 Is it just me, or does running a Tor relay on an unRAID server seem like a remarkably bad idea. Security doesn't seem to be a terribly high priority, other than some relatively basic access control mechanisms on shares. That's probably OK given the target market, which is mostly home users where the server will be firewalled off from the rest of the internet, but its not OK once you start talking about making it publicly accessible. So you'd probably only open up the ports for Tor, but Tor hasn't been free of vulnerabilities either. I'm not talking about weaknesses in the anonymity provided by the network, which isn't a big deal, but remote code execution on relay nodes. The thought of opening up my unRAID server to that scares me. Link to comment
Vocatus Posted December 29, 2010 Author Share Posted December 29, 2010 reggie14, i do see what you're saying. i know there are some potential risks inherent in running a relay on a storage box. part of the reason i'm not too worried about it is that I've been running a relay on my WinXP SP3 storage box for about 3 years without any issues. and that's Windows, which is historically chronically insecure. The relay is doesn't do anything but bounce traffic between nodes; Tor network users have no control over where their traffic goes or which box it bounces through. disabling exit functionality to prevent bounce-back attacks helps too. i'm not familiar with the security model of unRAID, beyond user shares. Does everything run as root, or are the different elements segregated (web interface, storage controller, SSH, etc)? Link to comment
NAS Posted December 29, 2010 Share Posted December 29, 2010 Tor has a wild wild side full of bad guys doing properly bad things... as much as they can get away with. The premise of what it is for is admirable but installing it on your NAS along with your data is just crazy. Link to comment
Vocatus Posted December 29, 2010 Author Share Posted December 29, 2010 Tor has a wild wild side full of bad guys doing properly bad things... as much as they can get away with. The premise of what it is for is admirable but installing it on your NAS along with your data is just crazy. True that. i have been banned from a couple sites because I was allowing traffic to exit the relay and people were exiting my relay and spamming sites. I since disabled HTTP and HTTPS exit traffic, and only allow mail retrieval (POP3). the tower is mostly just media files, so I'm not too concerned about it being compromised, remote as the chance is. in the end the difficulty of getting it up and running will probably dissuade me more than any well-reasoned discussion of the security risks Link to comment
Recommended Posts
Archived
This topic is now archived and is closed to further replies.