Wouldn't it be safer to accept connections only on port 80? Else he would be exposing the whole machine.
It's my understanding that if you put the following Exit Policy in your torrc:
ExitPolicyRejectPrivate 0
ExitPolicy accept 97.107.139.108
ExitPolicy reject *:*
Where 97.107.139.108 is your IP address (that one's mine), you will
Exit Enclave to your site, not allow any other exit traffic, you will
be a normal tor relay (meaning you should check your bandwidth
limits/accounting), and you will become the preferred path for Tor
traffic to your site.
Hidden Services are different from Exit Enclaving. ÂI would be
surprised if there was any danger to be added by running a Hidden
Service on an Exit Enclave, and if so, that should be documented
better.
If anything I said is incorrect, I hope that someone will correct me
in detail, and review the changes I'd like to make to the
documentation - because if I misunderstood, I think the Docs need
clarifying.
-tom
On 30 March 2012 10:18, Jef Heri <jefheri1@xxxxxxxxx> wrote:
> Hello list,
>
> I hope this is the correct list to send these questions, if not I apologize and please tell me where I should send this message.
>
> I want to setup a Tor node to run as a exit enclave for a web site (WordPress) and message board (vBulletin). However, I have found little documentation on how to accomplish this on a remote server, e.g. https://trac.torproject.org/projects/tor/wiki/doc/ExitEnclave . Is there a more throughout document/manual for exit enclaves?
>
> Is it correct that a exit enclave will act as a 'normal' exit node, as well as the exit enclave for its IP address (https://trac.torproject.org/projects/tor/ticket/800)? If so, is it possible to block exit to any IP other than the node's own IP via torrc file? If not, maybe I could only allow exists to white-list IPs, such as Tor Project web site IP, EFF IP, and etc?
>
> I believe someone who sends messages to tor-talk maintains a hardened (OS(?) and) Tor, meant to be run as a node only, from remote server space. Does anyone have a link for that software? I looked at the Tor web site but I didn't find information. I am thinking about using that software as the exit enclave.
>
> Lastly, is it possible (and smart - re anonymity and resources) to use the exit enclave to offer hidden service address?
>
> Thanks!
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________ tor-relays mailing list tor-relays@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays