[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Disable anything but hidden services

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Disable anything but hidden services
From: Andreas Krey <a.krey@xxxxxx>
Date: Wed, 5 Sep 2012 09:15:10 +0200
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 05 Sep 2012 03:15:28 -0400
In-reply-to: <BDC0E1C6-CF1C-4ECB-8AA9-1ADA78618BDD@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <COL121-W229C47CEF30DFF8582FA9DEAA0@xxxxxxx> <BDC0E1C6-CF1C-4ECB-8AA9-1ADA78618BDD@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mutt/1.4.2.1i

On Wed, 05 Sep 2012 02:15:21 +0000, Justin Aplin wrote:
...
> ExitPolicy accept 127.0.0.1:*
> ExitPolicy reject *:*
> 
> This will allow exiting (connecting) to the local machine (where the hidden service should be listening) on all ports, and reject all other traffic.

No, you don't need an ExitPolicy; hidden services are independent of
the exit policies, which control non-hidden service access. That
accept line either has unfortunate consequence (allowing acces to
*all* local services), or may be ignored altogether.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds <torvalds@*.org>
Date: Fri, 22 Jan 2010 07:29:21 -0800
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Disable anything but hidden services
  - From: Justin Aplin

References:
- [tor-talk] Disable anything but hidden services
  - From: John Kipper
- Re: [tor-talk] Disable anything but hidden services
  - From: Justin Aplin

Prev by Author: Re: [tor-talk] Does tor browser bundle can goes on Mac App Store?
Next by Author: Re: [tor-talk] scaling .onion site?
Previous by thread: Re: [tor-talk] Disable anything but hidden services
Next by thread: Re: [tor-talk] Disable anything but hidden services
Index(es):
- Author
- Thread