[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: reconsidering default exit policy

To: or-talk@xxxxxxxxxxxxx
Subject: Re: reconsidering default exit policy
From: Rod Begbie <rodbegbie@xxxxxxxxx>
Date: Tue, 15 Mar 2005 11:56:57 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Tue, 15 Mar 2005 11:57:24 -0500
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=hEiKimb+/Udrd/4yFbJmQjd3ndzupqD9u1WLM1Mm2f7DjZz632lDMqX2J9PlcojddX3h6rfFoe3AhOFzVcXgYOLxRmr6abyMdGKBSjWDCXeJwZC/WX8AXD079Yesw0fOcsgQHxLThuya2uQX02W2rzdi3f5ePWXI4C+6l6Zb8sM=
In-reply-to: <20050314231358.GA2985@northernsecurity.net>
References: <42316CC4.3080102@pobox.com> <20050311142943.GA21617@eecs.harvard.edu> <4231B456.1010006@pobox.com> <20050311194453.GN28567@eff.org> <20050311202453.GA22908@csail.mit.edu> <4232F544.6090502@pobox.com> <ee95cb32050312075217f4d19e@mail.gmail.com> <20050312160032.GA30293@northernsecurity.net> <ee95cb3205031408235bd2de20@mail.gmail.com> <20050314231358.GA2985@northernsecurity.net>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 15 Mar 2005 00:13:59 +0100, Thomas Sjögren
<thomas@xxxxxxxxxxxxxxxxxxxx> wrote:
> Maybe I'm naive but I assume that people read at least the torrc,
> they have to since they wanted to edit the server option.

Agreed.  In-line comments in torrc are the least-possible
documentation someone can read before becoming a tor exit node.

As a compromise, how about blocking 6667 and 80 in the default tor
ExitPolicy, then having in the supplied torrc:

# Port 80 (HTTP)   Administrators running routers with port 80 open
# have received abuse reports regarding Google Groups, and been
# added to the IP blacklist at Wikipedia
#ExitPolicy accept *:80

Easy to enable if you want to, and the server operator is aware of
the risk.

Rod.

- -- 
:: Rod Begbie :: http://groovymother.com/ ::

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQjcT1Df2HVyMgMNfEQLeTwCg7ZajXlVBJHBI2soX+uDDpmYuR0cAnR8+
zynbNnJHBF4MdS2PteS9OJIS
=SlP9
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: reconsidering default exit policy
  - From: Jonathan D. Proulx
- Re: reconsidering default exit policy
  - From: Thomas Sjögren

References:
- Re: reconsidering default exit policy
  - From: Valient Gough
- Re: reconsidering default exit policy
  - From: Geoffrey Goodell
- Re: reconsidering default exit policy
  - From: Valient Gough
- Re: reconsidering default exit policy
  - From: Chris Palmer
- Re: reconsidering default exit policy
  - From: Jonathan D. Proulx
- Re: reconsidering default exit policy
  - From: Valient Gough
- Re: reconsidering default exit policy
  - From: Rod Begbie
- Re: reconsidering default exit policy
  - From: Thomas Sjögren
- Re: reconsidering default exit policy
  - From: Rod Begbie
- Re: reconsidering default exit policy
  - From: Thomas Sjögren

Prev by Author: Re: reconsidering default exit policy
Next by Author: Re: reconsidering default exit policy
Previous by thread: Re: reconsidering default exit policy
Next by thread: Re: reconsidering default exit policy
Index(es):
- Author
- Thread