[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Set up a webproxy to TOR - tor-proxy.net



On Mon, Sep 24, 2007 at 12:42:31AM +0200, Ricky Fitz wrote:
> It is running on the same server my TOR-Server is running (called
> GrossATuin).

Does your proxy use a separate Tor client, do you exclude your node as
as an entry?

I was wondering recently about the security implications of such a setup.

I was thinking of using a vpn to access my Tor server. From there, all vpn
traffic would be proxied through another tor instance running in client mode
with no bw limitations. Would that be more secure because a tor server
is already running there or less secure because, if in some way, the
traffic from the two instances could be differenciated and the vpn
connections would make the whole system less secure because they would
allow timing and statistical attacks relating vpn traffic to the second
tor traffic?

If this is insecure then you could expose your users by using a second
instance.

If it is secure then it is a necessary mesure, I think. Otherwise, you
could be offering access to a lesser secure version of Tor for your
users by circumventing the three nodes "by-design" circuits of Tor.

Attachment: pgp5BPWKsEG7D.pgp
Description: PGP signature