On Mon, Sep 24, 2007 at 03:22:34AM +0200, Ricky Fitz wrote: > Am Sonntag, den 23.09.2007, 20:50 -0400 schrieb tor-op@xxxxxxxxxxxx: > > On Mon, Sep 24, 2007 at 12:42:31AM +0200, Ricky Fitz wrote: > > > It is running on the same server my TOR-Server is running (called > > > GrossATuin). > > > > Does your proxy use a separate Tor client, do you exclude your node as > > as an entry? > > No, it does not use a seperate Tor-Client. Therefore it doesn't make > sense to exklude my node. It uses the Tor-Session which runs as a > tor-node. So if you spy on the traffic of the server, you will not be > able to see, which traffic is from routing traffic for acting as a > server, and which from acting as a client. I think that's safer than > using a second client. I was also wondering how this affects your proxy users anonymity. Even if you don't disclose your proxy in the headers, there still is a superior risk due to the fact that an attacker knows that there is a more than average proportion of your users that are using you as first node. This proportion is derivable from your proxy trafic (as you mention there is some risk in having a second, different service that access tor). Adding a fourth node to your server circuits could plug this hole, even make it more secure for some users, I guess, but it would also make it slower, probably for every users (I'm not sure it would affect trafic for which you are not the entry node). > > I was wondering recently about the security implications of such a setup. > > > > I was thinking of using a vpn to access my Tor server. From there, all vpn > > traffic would be proxied through another tor instance running in client mode > > with no bw limitations. Would that be more secure because a tor server > > is already running there or less secure because, if in some way, the > > traffic from the two instances could be differenciated and the vpn > > connections would make the whole system less secure because they would > > allow timing and statistical attacks relating vpn traffic to the second > > tor traffic? > > I really don't know, if it will be possible to identify the > vpn-connection because of the data which is transferred. > But it would be possible, to see that there is another servicei > running than tor. Also, what Bluestar is doubled. I already use the vpn for other things local to that network so it's not obvious that the trafic coming in is going out through tor or staying in. At the network level both tor connections look the same (random local port -> tor server port). I was mostly asking if at Tor's level there would be some abnormal behavior (like connecting twice to the same node) that could tell an attacker that there is two tor instances generating those connections and, eventually allow him to tell their trafic apart. > If we build a VPN from my server to yours, not > only me is theoretical able to spy on the traffic, but also you. (Not > that I want to say I do not trust you, but it kills the advantages of > onion-system. I was talking of a proxied vpn access to tor for tcp protocols. It's a generalisation of your setup and so has the same implications security-wise. I'm not sure what a tunnel between servers could be used for (let alone a vpn ;) Since you bring it up, I'm not sure but I think it could be considered as an extension the family concept for tor servers... Nice work on tor-proxy, anyway. Regards
Attachment:
pgp3N34NMyszV.pgp
Description: PGP signature