When I run a template query through sys-whonix, it is very slow. There is a IP address 51.15.XXX.XX that shows up for many Tor nodes and cycles through them.
There is some template database at some data center that is rejecting Tor nodes. Those security policies need to be loosened.
This is also a security risk because that IP is showing up on many Tor nodes and if that server is malicious then server (or more likely malicious ingress and egress for data center) can start to approximate ping times to determine information about the user’s connection and location. It’s bad for users with a high threat model if the infrastructure is in fact compromised.
Can whoever runs that server please tell the host to stop blocking Tor nodes? This is probably happening from data center and not server configuration.
I do not know what a template query is - can you explain what it is you
are trying to do and how you are trying to do it.
In this case not giving the full IP address serves little purpose - do
you think that your use of Tor is compromised in such a way that
revealing that IP address could somehow deanonymize you?
Since you havent identified the server, how is anyone supposed to be
able to contact whoever runs that server?
Can you explain what this means - “shows up for many Tor nodes and
cycles through them” - do you mean that this is an endpoint or part of
a Tor circuit, or something else?
I never presume to speak for the Qubes team.
When I comment in the Forum I speak for myself.
When I use the template manager and I am updating templates over Tor, I see a new IP address show up when I am looking at my Tor circuit (in sys-whonix Tor Control Panel, onion circuits)
That IP address is showing up over and over again, and the template list isn’t.
My best guess is some host somewhere is blocking “bad” IPs and sys-whonix is cycling through Tor nodes trying to find one that the server doesn’t think is bad.
Meanwhile, since Tor is cycling through bad IPs looking for one to connect with whatever IP address the template manager connects to, it probably looks somewhat similar to a mild DDOS to the server host.
I put part of the IP and not the full IP because I think my assessment of this is probably correct, but I am not sure that this IP address is the server that the template manager connects to and it could be that be accessing that program in dom0 I am connecting to something else and that IP address gives information about me somehow.
I gave enough of the IP that if the template manager is connecting with a server that is 51.15.XXX.XX then I am probably right.
I eventually change the global update template to a non-tor network service VM and the template manager populates, but I’d rather use sys-whonix.