[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: funneling a wireless net's outbound connections through tor



Scott Bennett wrote:

I'm trying to set up a free wireless service for those of my neighbors
within range of a little wireless router I have.  To keep things safe for
me and at least somewhat safer for them, I want to route all the outbound
connections from that router through tor using pf under FreeBSD 6.2-STABLE
(i386).
Do not do that.
I am going to do that and as soon as I can figure out how to do it
correctly.
You should not make traffic go transparently through tor, unless the
people using your network fully understand what tor is about, and what
are the associated security risks (such as exit nodes performing MITM
attacks on SSL certificates).

Thank you for your opinion, but it was not particularly relevant to
what I posted. First, please reread what I wrote.  I will be providing a *free
wireless access* service to my neighbors.  Even if I tell them *nothing*,
they will be better off than without the service.  They do not even have
to know that it is going through any sort of anonymizing process.  Just
the fact that they will have a free, if rather pokey, service available
will be an enhancement to my neighborhood.

If you set up something like that you're opening up all sorts of attacks against the people who use your service. If they don't know that all of their plain text traffic can be read and modified by, "dodgy," exit nodes, and almost certainly *will* be at some point...

Mike