[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Ports required for Tor and hidden services

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Ports required for Tor and hidden services
From: Forst <forst@xxxxxxxxxx>
Date: Sat, 25 Jan 2020 13:30:34 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 26 Jan 2020 23:38:17 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=waifu.club; s=mail; t=1579959034; bh=IjjpVfSuTwFT7Q1RUgS1C6dthzp14XXaFwEI+Gq/+QQ=; h=Date:From:To:Subject:In-Reply-To:References:From; b=uO9MM+zjdeBvGfd03v1AIxTFNOAgq4GMlWffa0qYoZLHOD9xJWEtvtHCHEIQreU2Z 4burii5tq4hmvBdsJtr7wk8C646wWVVEpdLkrzQtHER0m+A4tqo66akcnj/t8mVH4J EV3QQn6n/YhYkFUhYPurPMlmD8r97GupE9ChqVM9o0KBeTnqbXjlplDqtZiZ6A3eo2 JZYm+xDsZ911c93qVwfb+poPfjjigFUPWqGv7zd5diQaD07VCGcwtIWOPaB1lFDnlu dXk9Eds2QrA5TxZZhSpxmLPCwuhTKRm6XqA+KCdMB9GfQegQ4xfF6rWqFb7mTYJ054 f27qkakmZgRTQ==
In-reply-to: <20200124141907.GA15263@inner.h.apk.li>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <192279a3245791e32d54d711e933483d@waifu.club> <87muael7d3.fsf@riseup.net> <c7aa208378e43ee6790a4db3c8788f93@waifu.club> <20200124141907.GA15263@inner.h.apk.li>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Roundcube Webmail/1.3.10

In that case, what would be best approach to achieve that all traffic isforced though Tor and direct internet connection blocked, preferablyeven if/when the system is breached?


On 2020-01-24 14:19, Andreas Krey wrote:

On Fri, 24 Jan 2020 01:12:10 +0000, Forst wrote:

Please don't make assumptions. If outgoing traffic is restricted,whichports are required for Tor to work as in outgoing traffic defaultaction
is drop?


Technically, all of them. A tor client connects to the OR-Ports of tor
relays, and they can be on any port. Many are on 443 and 9001, though.

But you can configure your node to only use specific ports outgoing,
see FirewallPorts and  FascistFirewall in
https://2019.www.torproject.org/docs/tor-manual.html.en
So, even only of 443, 9001, and perhaps 80 is workable.

- Andreas

--
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800

--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Ports required for Tor and hidden services
  - From: Jim
- Re: [tor-talk] Ports required for Tor and hidden services
  - From: Roger Dingledine

References:
- [tor-talk] Ports required for Tor and hidden services
  - From: Forst
- Re: [tor-talk] Ports required for Tor and hidden services
  - From: George Kadianakis
- Re: [tor-talk] Ports required for Tor and hidden services
  - From: Forst
- Re: [tor-talk] Ports required for Tor and hidden services
  - From: Andreas Krey

Prev by Author: Re: [tor-talk] Help setting up tor dos defense
Next by Author: Re: [tor-talk] Ports required for Tor and hidden services
Previous by thread: Re: [tor-talk] Ports required for Tor and hidden services
Next by thread: Re: [tor-talk] Ports required for Tor and hidden services
Index(es):
- Author
- Thread