On Mon, Aug 09, 2004 at 09:19:35AM -0400, Patrick McFarland wrote: > On Mon, 9 Aug 2004 14:47:00 +0200, Eugen Leitl <eugen@leitl.org> wrote: > > Speaking of privoxy, is running an open one (0.0.0.0) a security/abuse issue? > > I.e., can it get my IP blacklisted? > > Its a security issue. Though, I've assumed you turned off remote > access features, and it's pointed at tor, so I'm not sure how big of a Thanks for pointing out that remote access can be turned off. Switched off now. Privoxy is pointed at tor indeed. Is there a way to authenticate privoxy access? (I don't have IPsec up yet). Another question: is it possible to wrap sessions to privoxy in SSL? Is Stunnel the way to go? > security issue it is. Its something I wouldn't do. Do you have a specific threat model in mind, or is this the classical "minimize the number of unnecessary services" rule? -- Eugen* Leitl <a href="http://leitl.org";>leitl</a> ______________________________________________________________ ICBM: 48.07078, 11.61144 http://www.leitl.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE http://moleculardevices.org http://nanomachines.net
Attachment:
pgp00010.pgp
Description: PGP signature