[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-talk] EFF Tor Challenge
--- On Thu, 6/2/11, CACook@xxxxxxxxxxxxxxx <CACook@xxxxxxxxxxxxxxx> wrote:
> For those interested, so far my best idea is running the
> daemon in a VirtualBox VM running SELinux as guest, and
> bridged to the outside. This should substantially
> solve most problems except membership in the local
I don't think that this would make for a best practice,
I think that a linux lxc should be encouraged instead,
it is way more efficient.
> If only consumer-grade routers had VLan, although routers
> aren't necessarily secure. Maybe a switch on the WAN
> side of the router, to flange the LAN and Tor interface
> together in a class C different from the LAN.
As fir isolation, I think that a best practice
should use iptable rules. But if you want to
go the cheap hardware route, buy a $5/15 nic
and add it to your box and plug that nic into
your modem's DMZ port, most of them have one.
tor-talk mailing list