[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: [tor-relays] Exit policy question
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
On 06/03/2011 02:45 PM, Jesus Cea wrote:
> I run a TOR node in OVH (France). They shutdown my server several times
> because it was "hacked" in the sense of "we don't think a server should
> make outgoing port 443 connections". After a lof of complains and
> arguments, and a dozen of shutdowns, I restricted my node to NON-EXIT.
> And filter my 443 outgoing at FW level, because even connecting to port
> 443 of other TOR nodes were considered "you have a compromised machine".
I suppose most of the circuits attempts through your relay will break
because 7 out of the 10 fastest relays have their ORPort set to 443.
(in total ~30% of relays have ORPort set to 443)
Your relay won't be able to publish its descriptor to all directory
authorities.
Would be nice to add a detection for such firewalled relays to the scanner.
You might be interested into this (long term) feature request:
https://trac.torproject.org/projects/tor/ticket/3028
-----BEGIN PGP SIGNATURE-----
iF4EAREKAAYFAk3o3esACgkQyM26BSNOM7aLqAD/VGVNBZ4U7hzbqXk+QT2XY4Fe
fEbKnrW7KsWE5fOVqD4A/35s1J9m09Vl4kXRa26BANJuWmQROMXllh/h7yhATKL9
=HVUb
-----END PGP SIGNATURE-----
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays