[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] Linux kernel transproxy packet leak (w/ repro case + workaround)
On Wed, Apr 2, 2014 at 10:59 AM, Rusty Bird <rustybird@xxxxxxxxxxxxxxx> wrote:
> Maybe it can be boiled down to this: When redirecting *and* filtering,
> the filtering should be done in OUTPUT (instead of INPUT), ...
this is where defense in depth at the multiple-virtual machine /
routing layer fails safe in ways that a single / monolithic Tor setup
cannot, when applied with care.
what i mean by "applied with care" is that forwarding through Tor only
is the default. Anything unexpected / unsupported gets the bit
bucket. the best target is actually TARPIT, not DROP, but that's
[this advice to default drop and isolate at routing level applies to
Tails, Whonix, Qubes TorVM, and whoever else allows a transparent
proxy model, IMHO]
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to