[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Iptables configuration for a transparent proxy for a single user

On Fri, May 15, 2009 at 2:00 PM, unknown <unknown@xxxxxxxxx> wrote:
>... Any possible vulnerabilities here?

make sure control port is disabled or properly authenticated;
otherwise a good setup.

an improvement is white listing Tor process with direct access and all
other traffic is transparently re-routed through Tor. this protects
against attacks where embedded content or network filesystem based
URIs are used to initiate requests through a kernel subsystem or other
process not associated with the anonymous Tor network user. (this is a
relevant issue on Windows, less so unix like systems)

best regards,