[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Question: Hidden Services, Virtual Machines, and iptables
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Question: Hidden Services, Virtual Machines, and iptables
- From: coderman <coderman@xxxxxxxxx>
- Date: Tue, 7 Jul 2009 22:03:03 -0700
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Wed, 08 Jul 2009 01:03:08 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:content-type :content-transfer-encoding; bh=vyO4OVwFoXGe0Ve2KmowRLaPp1ks1GtHicpL+R3ST0E=; b=s4mLMZqo+hY7jEq3CFTUFL42YZQNNKw3TQJG1hstSPna484EgcToO3tfLBIB8no9Yv 3OKvrkK44x2cl6sb+a/TG7PUWOWadfmBnZURFjTyUdlcrbq7/Jk/yaV/Cj9G+2fvBnrb JGpWX1rVNk3qT6zlL6EO7aAWeFTO4IAiV8dXA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type:content-transfer-encoding; b=N17tAVeG8ZoQyG1yOlS6fkz+7dz0kdx0DYKuRVu5jnbXWi3GCWLxUcWoyuqzywEJ58 8lggEFIRJdIhCyisZAkg2EvK4Flwl78WrbqrtPbAGI/2Y+AA3joL+7GIEb9b4AxiF0UG 85oyPd/ID4CMCghsp2Oq+brkLOuElz3oLqdzM=
- In-reply-to: <4A53F223.8050304@xxxxxxxxx>
- References: <4A53F223.8050304@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
On Tue, Jul 7, 2009 at 6:10 PM, Ringo<2600denver@xxxxxxxxx> wrote:
> ...
> One could.. run Tor inside the vm and have that torrc contain the
> instructions for the hidden service. The problem then, is that the vm
> has to access the web. ...
>
> Of course, one could always run a hidden service on the host machine and
> then redirect all traffic to the vm, but the pitfalls in this are
> obvious....
> Does anybody have any solutions to this dilemma or thoughts on ways to
> restructure the model so this isn't a problem?
in such a configuration i prefer to use two virtual machines.
one vm has host-only networking to serve hidden service content.
second vm hosts Tor router with hidden service pointed at vm host.
host uses iptables redirect and/or tcp proxy to connect hidden service
connections from Tor VM to hidden service VM port at host-only
endpoint.
(there are variations on this theme...)
best regards,