[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] EFF Tor Challenge

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] EFF Tor Challenge
From: Martin Fick <mogulguy@xxxxxxxxx>
Date: Thu, 2 Jun 2011 14:50:44 -0700 (PDT)
Delivered-to: archiver@xxxxxxxx
Delivery-date: Thu, 02 Jun 2011 17:51:03 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1307051444; bh=g/GEzNCnGK2w1T63Z1ZVqfu6IdbyFFhelIQMOcCviLs=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=IxX2DdOf1lQeRF3FAMLTnuwxwiYzuN7FtM9zAGNS1M8r2+BuzLOLD24SnG3qY3QSQzinUCZ4sYaWM/eg2CZbd+DZmJPfdqx+z45GDkeL7vMdGs+9T5OEQNGdi7LrIZLZcadim5QhJe3TJHScUaCgX3djGbgqbNaHTk/VHiXnTTg=
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=bZrEqVLLJEUL1OBVPkJTO+WIDy3ZeQwVYS10uH3qwDFNtOWS0FtLMoelL00NHSTcBU3MT74XvRg8x+j82wStptswhezLwvxnk2fKxyxbKr2QWwtnHmyFXqLgrNTvaMmqUF8g5b5FIXKlUK51qQrYEC/6VDb9jcOGq4DlS58TBIo=;
In-reply-to: <201106021112.37059.CACook@xxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

--- On Thu, 6/2/11, CACook@xxxxxxxxxxxxxxx <CACook@xxxxxxxxxxxxxxx> wrote:

> For those interested, so far my best idea is running the
> daemon in a VirtualBox VM running SELinux as guest, and
> bridged to the outside.  This should substantially
> solve most problems except membership in the local
> LAN.  

I don't think that this would make for a best practice,
I think that a linux lxc should be encouraged instead,
it is way more efficient.

> If only consumer-grade routers had VLan, although routers
> aren't necessarily secure.  Maybe a switch on the WAN
> side of the router, to flange the LAN and Tor interface
> together in a class C different from the LAN.

As fir isolation, I think that a best practice 
should use iptable rules.  But if you want to 
go the cheap hardware route, buy a $5/15 nic 
and add it to your box and plug that nic into 
your modem's DMZ port, most of them have one.

-Martin

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] EFF Tor Challenge
  - From: CACook

References:
- Re: [tor-talk] EFF Tor Challenge
  - From: CACook

Prev by Author: Re: [tor-talk] EFF Tor Challenge
Next by Author: Re: [tor-talk] EFF Tor Challenge
Previous by thread: Re: [tor-talk] EFF Tor Challenge
Next by thread: Re: [tor-talk] EFF Tor Challenge
Index(es):
- Author
- Thread