[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor and iptables.

To: <tor-talk@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: [tor-talk] Tor and iptables.
From: Jason Long <hack3rcon@xxxxxxxxx>
Date: Sun, 11 Dec 2016 18:39:34 +0000 (UTC)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 14 Dec 2016 16:31:03 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1481481752; bh=OzZoV0dF/UlT1R4AoH6LAhQRV7kVw7idwWybVwvADPI=; h=Date:From:Reply-To:To:Subject:References:From:Subject; b=f76LynrHE2UdaBcVZ+5ye2YaG1CYyCDN7gGt6pSLfXuUNKmVfjWUoqzR6HgwIVfYMtitp4qmhUnUcAu52Mpk8FWX7qhhYiHZntJjs9WHWK/v32vrw5hFBuxmc8P2pf8druEu0ZGqGrioaA1y9hD2pGJY/BwerWv+LC+dSq1C9cmKMNmvp1/JhQDNnx8f0xY3WTHZfEiECFKxQi6P79O/+XBEwm0zsgdRftpoWlWthUI92wSUuKjxGXC7hIRgB8Ypqj7dttd8nMVDJ6NIUZ9t6a+v3h6MU2cZkP3z6ixPpjEojlDtmhyuAlXfIxEH3DCijnc9eIjUyhFkQ1IBpNCVuQ==
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1050840230.795265.1481481574762.ref@mail.yahoo.com>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>

Did you see my iptables rules? What is my problem?

--------------------------------------------
On Sun, 12/11/16, Jonathan Marquardt <mail@xxxxxxxxxxxx> wrote:

 Subject: Re: [tor-talk] Tor and iptables.
 To: tor-talk@xxxxxxxxxxxxxxxxxxxx
 Date: Sunday, December 11, 2016, 7:24 AM

 On Sun, Dec 11, 2016 at
 12:26:47PM +0000, Jason Long wrote:
 >
 Excuse me, I must allow input to my system? It is so bad :(,
 I don't like to allow everyone.

 This has nothing to do with Tor. It's just
 the general way how the IP protocol 
 works.
 Without allowing stateful input, you couldn't do any
 useful traffic. 
 You always need to make
 sure that there's a way to the destination (output) 
 and a way for the target server to reply to you
 (input).

 But using stateful
 inspection, only input that is a reply to your output is 
 allowed. There should't be any security
 risk because of this. It's what your 
 home router is doing as well to allow the
 servers you want to talk to to 
 reply.

 See also: https://en.wikipedia.org/wiki/Stateful_firewall
 --

 tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
 To unsubscribe or change other settings go
 to
 https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Prev by Author: Re: [tor-talk] Mirai Botnet Relocates To Onions
Next by Author: Re: [tor-talk] Tor and iptables.
Previous by thread: Re: [tor-talk] Tor and iptables.
Next by thread: [tor-talk] Tor 0.2.9.7-rc is released: small changes, nearly done!
Index(es):
- Author
- Thread