[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The best way to run a hidden service: one or two computers?

On Thu, 16 Sep 2010 15:32:21 -0400
hikki@xxxxxxxxxxxxx wrote:

> Do you say that Ethernet cards may have backdoors built in,

Yes.  I read a report years ago that at least one model of Ethernet
card had a remote âfirmware upgradeâ âfeatureâ built in, with
absolutely no authentication of the new firmware blob.  The card
firmware had access to the host's DMA hardware, which can be used to
root the host.

>                                                             or did I 
> misunderstand that?


> What if you put a hardware firewall router between the first computer and 
> the second:
> [Server box with web server] -> [Hardware firewall router] -> [Gateway box with Tor] -> Internet/Tor entry node
> And computer 1 and computer 2 operate on two different IP ranges, while 
> the firewall router sets all the firewall directives between them.
> Could this be safer?

Only if you trust the hardware firewall/router.  I wouldn't.

> (I'm not sure if this message came within the thread, since I'm not yet sure about how to reply like that.)

It did.

Robert Ransom

Attachment: signature.asc
Description: PGP signature