[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[tor-talk] UseEntryGuards: 0?



Hey,

I run some onion v3 services, some are also available in the "clear net", some
only as onion services. I monitor[1] reachability of the onion services which results
in quite some false positives, although  I configured alertmanager to alert after > 1 hour (!)
of failed connection attempts.  I'd like to reduce these false positives and thought
of using "UseEntryGuards: 0" to have circuits been rebuild more often.
I'd only do this for the onion services which are also reachable in the non-tor internet
and therefore their IP adresses are known anyway.
I'd not do this for the onion-only services following the implications of
https://freehaven.net/anonbib/#hs-attack06 .

Do you think this is a viable approach security/privacy wise or am I missing something?
Any other suggestions?

Thanks,
f.


[1] https://github.com/systemli/prometheus-onion-service-exporter
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk