[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Set up a webproxy to TOR - tor-proxy.net



Am Sonntag, den 23.09.2007, 20:50 -0400 schrieb tor-op@xxxxxxxxxxxx:
> On Mon, Sep 24, 2007 at 12:42:31AM +0200, Ricky Fitz wrote:
> > It is running on the same server my TOR-Server is running (called
> > GrossATuin).
> 
> Does your proxy use a separate Tor client, do you exclude your node as
> as an entry?

No, it does not use a seperate Tor-Client. Therefore it doesn't make
sense to exklude my node. It uses the Tor-Session which runs as a
tor-node. So if you spy on the traffic of the server, you will not be
able to see, which traffic is from routing traffic for acting as a
server, and which from acting as a client. I think that's safer than
using a second client.

> I was wondering recently about the security implications of such a setup.
> 
> I was thinking of using a vpn to access my Tor server. From there, all vpn
> traffic would be proxied through another tor instance running in client mode
> with no bw limitations. Would that be more secure because a tor server
> is already running there or less secure because, if in some way, the
> traffic from the two instances could be differenciated and the vpn
> connections would make the whole system less secure because they would
> allow timing and statistical attacks relating vpn traffic to the second
> tor traffic?

I really don't know, if it will be possible to identify the
vpn-connection because of the data which is transferred. But it would be
possible, to see that there is another service running than tor. Also,
what Bluestar is doubled. If we build a VPN from my server to yours, not
only me is theoretical able to spy on the traffic, but also you. (Not
that I want to say I do not trust you, but it kills the advantages of
onion-system.

Regards.
Ricky.
-- 
"Falls Freiheit überhaupt etwas bedeutet, dann bedeutet sie das Recht
darauf, den Leuten das zu sagen, was sie nicht hören wollen." 
- George Orwell, aus dem Nachwort zu "Animal Farm", 1945 -

GPG-Fingerprint: 10D6 7B8F 1F7C 7CB1 2C4E 930E AFD2 FDF3 A10B D302
GPG-Key-ID: AFD2FDF3A10BD302
http://www.lawlita.com/pgp-schluessel/

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil