[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Putting onion services behind a third-party TCP proxy



On 8/14/19, Pop Chunhapanya <pop@xxxxxxxxxxxxxx> wrote:
> When deploying an onion service ... the ip address
> of my machine ... is exposed to the Tor network...
> DDoS ... if someone knows my ip address.

Only your tor client, and your guard, knows your ip.
Unless you're up against a malicious guard, that's
not a problem, and if you are, firewalling doesn't
help anything there because you can't prevent
a real "DDoS" or any other modulation from
partitioning or otherwise giving away your onion.
Tor cannot defend against that class of attack.

Note that in a proper "onion only" configuration,
a box should have no inbound ports open.

There is something confusing with your wording.

If these replies don't help, please rephrase your question.

And or sanitize and post your torrc config and
invocation commandline.
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev