[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] [ARM] Connecting to another host's control port with ARM: Connection refused.

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] [ARM] Connecting to another host's control port with ARM: Connection refused.
From: Andy Isaacson <adi@xxxxxxxxxxxxx>
Date: Fri, 6 Sep 2013 18:23:06 -0700
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 06 Sep 2013 21:23:21 -0400
In-reply-to: <5229699A.8000701@xxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays/>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "support and questions about running Tor relays \(exit, non-exit, bridge\)" <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <52295390.1050204@xxxxxxxx> <5229613D.2020903@xxxxxxxxxxxxxxx> <5229699A.8000701@xxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-relays" <tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.20 (2009-06-14)

On Thu, Sep 05, 2013 at 10:35:22PM -0700, Robert Charlton wrote:
> Martin, setting ControlListenAddress to 10.0.0.3:9051 did the trick.
> I've also enabled cookie authentication. Obviously ARM running on
> something that's not a Tor server to connect to a server's control port
> has its limits, but I can still get some useful info. Thanks.

Keep in mind that setting ControlListenAddress to a 10.x address means
that anyone who can get a 10.x address (such as over WiFi DHCP) will be
able to control your Tor relay.

You may say "oh but my network is secure" which is just fine so long as
it continues to be true.  But the default state of networks is
"connected", so as time elapses your network will become less secure.

I would strongly recommend not leaving ControlListenAddress listening on
a non-localhost IP address.

-andy
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] [ARM] Connecting to another host's control port with ARM: Connection refused.
  - From: Robert Charlton
- Re: [tor-relays] [ARM] Connecting to another host's control port with ARM: Connection refused.
  - From: Martin Weinelt
- Re: [tor-relays] [ARM] Connecting to another host's control port with ARM: Connection refused.
  - From: Robert Charlton

Prev by Author: Re: [tor-relays] The Tor flood
Next by Author: Re: [tor-relays] Getting max bandwidth out of a relay
Previous by thread: Re: [tor-relays] [ARM] Connecting to another host's control port with ARM: Connection refused.
Next by thread: [tor-relays] how to start remote VPS gui
Index(es):
- Author
- Thread