[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
- From: "F. Fox" <kitsune.or@xxxxxxxxx>
- Date: Wed, 25 Jun 2008 09:15:15 -0700
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Wed, 25 Jun 2008 12:15:38 -0400
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:content-type:content-transfer-encoding; bh=t9KDZtGSroMlbshqCgAhUtwYdp8a1DJmaiJDJVKXIJE=; b=iHE/CnsO1DcDyoU66utXFAEpLdcqHp20ZgTVmcxYEcYv1IXxKUtPU4i3WNifbM7YYA mFUab03BQnF4Fy/js6zrCK5wjU07rdmGHVyvtEyB/+8orZ0hL/0U4ywu3lbxERqYB2Nv L9NElPGnzumATN1mn3SptrzzkY59FsYF+F+BA=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:content-type :content-transfer-encoding; b=cONSXAFB68gOmHzd0vgmc7ANy9plTpmsHdxaJ6c0L1V89aU6/xagdSOIpObCSFkBEU oXRGmpe2H/SQ7h8HCBGlLTBsahrXhmZ/X0KGOO3kjB3neFxaFOgu7RAjCMD2iIueBp0t Vk9CgDqKUKJ7kLnB1GyqpklBAMlgjVkgJtgSY=
- In-reply-to: <4862451C.4040705@xxxxxxxxx>
- References: <200806221054.53587.bf@xxxxxxxxxxxxxxxx> <48616892.9020101@xxxxxxxxx> <200806251315.04758.bf@xxxxxxxxxxxxxxxx> <4862451C.4040705@xxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Mozilla-Thunderbird 2.0.0.14 (X11/20080509)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
7v5w7go9ub0o wrote:
(snip)
>
> 1. Connecting via TOR would be an extra, minor security option to
> conceal the fact that my home is running a VNC server - eavesdropping
> kids at the hotspot may try to make it a hacking "prize".
You should know that VNC is considered an insecure protocol; the wise
thing to do, is to allow it only to run over a secure tunneling protocol
(e.g., SSH, or a VPN program).
This is not only because many variations of VNC don't provide their own
encryption (remember, exit nodes can sniff - and they can see WAY too
much if you're using plain VNC!), but also because such a protocol would
strengthen the authentication required to get in.
>
> 2. Out of general principle, I see no reason to record my home IPA in
> the various hotspot logs. I wish to come and go quietly without "signing
> in".
This is what I mentioned in my last email - Tor is good for concealing
this sort of thing.
But please, set up SSH or a VPN to provide security for your VNC.
- --
F. Fox
AAS, CompTIA A+/Network+/Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iQIVAwUBSGJvEuj8TXmm2ggwAQjKYxAAvd7OrpI6E4A1kfn3U1xylKw3EskrYiwX
BTzfhprf9ShcObklMR9kziq/1DWmcbhWlPyIvOmCEJtLC8qrHNinG1O3G9dYKOWr
L3FEsHm1LNDLNPFY3Wyjsxx4RgVC5ZX3gXp85ajES6Ac8E4A9HIwiAdeFTwGYdFw
bBr4YaYsTy/GJJTCxMEbqKx/9YN3qYi8GTus6/lbysDit4oG27083DQVa9F70I2x
9kFKYZoLVXCHDyjzd2lXEAn2Yg+lGuDhK6DNf0AC6j2LDC6evnFx91+Ghj7l20eE
BkurE/2MtfHMbaR3iAV8iJZA39ozulakxBCSOSnF0MvmhWAK/I1igBq5jDQhLvUh
YAPqLK5V/DcJ/HwL1S22+ukChlyJoJGW5sY1+/l8Lw+JRQAesIs/+RWuRCeQabbS
qtPX39teP0Q5FjPTCyLbhFd8+6p7XXLDU5oIV/sO2eX94iYe5iGw0BXko9eFXUgU
/F3hxXsMkMOntnbvMOqBmcRP/SesqZv9oSTSyxbo1ImL3AP7SdyrSn8mDM8WmTY8
pcPGyysOPqHUNAgioBUDXDUbTpL+gk6jTbj4GGUQeliIp9+zor4zBkZ6q6JDz0Og
f7cmP8WQIUI9dsnMZuxwIbYgodhWacwv5hCJ6CzWjZNQ5acolmrLBF4V/FBV5Iiz
dBC2oW436K0=
=WoHk
-----END PGP SIGNATURE-----