[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: What to do at IP number change?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: What to do at IP number change?
From: "F. Fox" <kitsune.or@xxxxxxxxx>
Date: Mon, 07 Jan 2008 18:14:15 -0800
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Mon, 07 Jan 2008 21:14:27 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; bh=xPKJD0gwMwiQ31mOXOMMuVBQzLzWksK2wIC1yOqs0TQ=; b=mKHddtlxsBCDvxnz1Zl9lMybjRc47zd+a2fiXsiT+CcmPFBUSoR5PfZBu5FHnb+M8Iy3lhunDg3b6i2rP61EW4qUx2mTYARXjDycxOv2CxNUdO7kcytp8NCyPlkEwb0EjTS4mzx+jBP+fJTk/qVUCx41tg8ND1PTepQqcCNi9oY=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=MIvSFeSdCjUkHYWKBIjblG/AzmwrQ0g5IQHbRrrZVoQFpic7RKZ7hZ7a5w1PXzpR+Fv13c9Mq5wjQeCQX6lOCsHaXCzkm0K3aYzt+enw9jKsCcUT3t8SHcPOrzHBHH8vwmJTsz4U50FFmwrQvEmdbNtNHWoeXqGW4V10NN/NrrY=
In-reply-to: <525056157@xxxxxx>
References: <525056157@xxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.9 (Windows/20071031)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

dr._no@xxxxxxx wrote:
(snip)
|
| it's because a moving target is harder to hit; it's more safe to
| change the IP number often. Another point is that states like germany
|  do like IP numbers so much that they do data retention and therefore
|  i give them what they want - many IP numbers ;-)

~From a purely theoretical idea, I can see why you're doing this;
however, it's very bad for the people who are routing their data through
your node.

Every time the IP changes - or the relay even goes down and up (instead
of doing a -SIGHUP) - it breaks all the circuits running through your node.

If security is a big concern - and you have a dedicated machine for
running Tor (which is a must, if you're paranoid about it) - you should
set up a DMZ.

Oh, and as far as the German data retention law, that doesn't take
effect until next year - and I don't know if it's even been passed.

(snip)
|>> Tor will detect it and republish his server descriptor with the
|>> new IP in it.
|>>
|> That is true iff the Address line in torrc contains a host+domain
|> name, not an IP address, and the name server data base in question
|> has been updated to reflect the changed address.
|
| So i should use a DynDNS host+domain name?
|
(snip)

You could, but a better way is to comment out the address line entirely.
This will cause Tor's IP detection to be fully automatic.

- --
F. Fox: A+, Network+, Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFHgtx3bgkxCAzYBCMRCK2eAJwIkK+JLNAYC13iHM6UUaBBSZU/VwCdGsf1
FDOc3WdxyZoCBfxhIegYiNk=
=uK8f
-----END PGP SIGNATURE-----

References:
- Re: What to do at IP number change?
  - From: dr . _no

Prev by Author: Re: shinjiru closed exit node acceptnolimits
Next by Author: Re: What to do at IP number change?
Previous by thread: Re: What to do at IP number change?
Next by thread: Re: What to do at IP number change?
Index(es):
- Author
- Thread