[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-relays] Questions about exit enclaves

To: tor-relays@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-relays] Questions about exit enclaves
From: Konstantinos Asimakis <inshame@xxxxxxxxx>
Date: Fri, 30 Mar 2012 18:02:04 +0300
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 30 Mar 2012 11:02:16 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=h1zG+dbid4ZYVv9mlNfg0GQeBxcYquBUMKAumV6Vnfc=; b=K2yVAczdetB9glj6ZjvmWT+fV406HqqvOEx4BcGzZoQ+G2W+1H4uvBEiarxpJEQCRY PJ+XEq2GtSZaiyqVSuybQQ9wwmvOVYc8sAmDrWmOdUcprRux5sdrmXws6/ZA5vUjYCq1 1cyVas2anaqIe+qNcYmtpcWlJ6vFrfK+WBdwQ9OMGgJPs5hE2/08cspkFfeIBmqtgq2v 1aBx2GvcPvoJwhixIaBk9UzmlHl0yHLywig620mvL9YBhxzvWYCvERhh02so0b17hm5i E5qYEabdUFpviAgAgMqojVZIV5BPBF/XC96iFMVhUl3iOSx7iH6Cb5gCDBENmehP7/bT vAFQ==
In-reply-to: <CA+cU71=-XOZ5JHBOnSig5d6rgTwep+kKH=9=rOeaSEKBDX7V=A@xxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-relays>
List-help: <mailto:tor-relays-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for support and questions about running Tor relays \(exit, non-exit, bridge\)." <tor-relays.lists.torproject.org>
List-post: <mailto:tor-relays@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-relays>, <mailto:tor-relays-request@lists.torproject.org?subject=unsubscribe>
References: <1333117115.54936.YahooMailClassic@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <CA+cU71mz-SSy1QNW3LU7bVH9re==-bqPuJF8FhPRu=uwwNp57A@xxxxxxxxxxxxxx> <CAOg8jqoQrAskCYhSPdCEqHSuOAbLV3Ftjq0unUpK5+bBbyx2Xw@xxxxxxxxxxxxxx> <CA+cU71=-XOZ5JHBOnSig5d6rgTwep+kKH=9=rOeaSEKBDX7V=A@xxxxxxxxxxxxxx>
Reply-to: tor-relays@xxxxxxxxxxxxxxxxxxxx
Sender: tor-relays-bounces@xxxxxxxxxxxxxxxxxxxx

I bet it will bypass the firewall but until someone else answers play it safe and allow only the ports you need. ;-)

On Mar 30, 2012 5:58 PM, "Tom Ritter" <tom@xxxxxxxxx> wrote:

On 30 March 2012 10:50, Konstantinos Asimakis <inshame@xxxxxxxxx> wrote:
> Wouldn't it be safer to accept connections only on port 80? Else he would be
> exposing the whole machine.

Hm. ÂI don't know. ÂIf you have a local firewall that blocks access to
say, samba, from external addresses, but allows it locally - would tor
allow you to access the port, because it appears that the connection
from coming locally?

If you're already exposing port 22 on the internet, I would argue
allowing it through tor exit enclaving isn't increasing your risk any.
ÂBut if tor lets you bypass the firewall - then there's a concern.

-tom
_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

_______________________________________________
tor-relays mailing list
tor-relays@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays

References:
- [tor-relays] Questions about exit enclaves
  - From: Jef Heri
- Re: [tor-relays] Questions about exit enclaves
  - From: Tom Ritter
- Re: [tor-relays] Questions about exit enclaves
  - From: Konstantinos Asimakis
- Re: [tor-relays] Questions about exit enclaves
  - From: Tom Ritter

Prev by Author: Re: [tor-relays] Questions about exit enclaves
Next by Author: Re: [tor-relays] Questions about exit enclaves
Previous by thread: Re: [tor-relays] Questions about exit enclaves
Next by thread: Re: [tor-relays] Questions about exit enclaves
Index(es):
- Author
- Thread