search

globaleaks / globaleaks-whistleblowing-software

GlobaLeaks is a free and open-source whistleblowing software enabling anyone to easily set up and maintain a secure reporting platform.
https://www.globaleaks.org
Other
1.25k stars 274 forks source link

A question: Tor monitoring #3164

Open aetdr opened 2 years ago

aetdr commented 2 years ago

Hi

I am trying to implement Tor hidden services availability monitoring, with a script that runs on the server where GlobaLeaks is installed. The script sends web requests trough local socks proxy on port 9050.

From my experience, it rarely happens that all the onion addresses are available and respond with OK 200.

It is random which are down, and which are up. Have not be able to find a pattern in it. Sometimes if an onion fails locally on the machine, it works from outside when TOR browser is used. Other times it fails both ways.

Is this a known issue with TOR networks, that onion links are unstable due complexity of the protocol and many dynamic nodes involved? Is there a reliable way to monitor availability of TOR endpoints?

evilaliv3 commented 2 years ago

Thank you for your question @aetdr; I suggest that this question could be made directly to developers of the tor project on their specific support channels or ticketing system.

@asn-d6: by any chance do you have any suggestion for @aetdr ? thank you!

hiromipaw commented 2 years ago

Hi! I think a good approach here could be to monitor the tor process instead of pinging the onion service.

You can set up tor to export data ready to be queried by prometheus directly in the torrc via MetricsPort:

 ## Prometheus exporter
 MetricsPort x.x.x.x:9035 prometheus
 MetricsPortPolicy accept y.y.y.y

And then scrape it from Prometheus:

 scrape_configs:  # this line should be already in config
     - job_name: tor-exit
         metrics_path: /metrics
         scheme: http  # https is not yet supported by tor
         static_configs:
         - targets:
             - x.x.x.x:9035

Just be careful not to expose the data to the outside.

aetdr commented 2 years ago

Thank you @hiromipaw , will try that

evilaliv3 commented 2 years ago

Thank you @hiromipaw i really appreciate your support

aetdr commented 2 years ago

Hi @evilaliv3 and @hiromipaw

Seem that the feature is available from Tor v0.4.5.1 Ubuntu 20.04 comes with Tor v0.4.2.7, we cannot use this approach before Ubuntu 22.04 is out

evilaliv3 commented 2 years ago

@aetdr : Within GlobaLeaks to guarantee proper functioning with other components we have preference to stay on the stable version included within the distribution but uo to your needs if you want you could use the official Tor repositories and start using the up to date Tor package maintained by Tor; I do not consider in fact that would be any issue with this.

aetdr commented 2 years ago

Thanks for clarification @evilaliv3