[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: FYI: ultimate security proxy with tor
On Wed, Oct 29, 2008 at 04:08:09PM +0100, eugen@xxxxxxxxx wrote 1.9K bytes in 30 lines about:
: 1. 8 tor processes, each using separate spool directory
: 2. 8 privoxy processes, each configured to talk to separate tor.
Why 8? Why not 1? 2? 16?
: 3. First squid, with malware domains blacklist, will have 8 round robin cache peers configured. (squid-in)
Using blacklists seems like a recipe for disaster. Much like the
various lists floating around of suspect tor nodes, I suspect these
blacklists are based on very little research and more on "I
heard my 3rd cousin once received a virus from some site that looked
like this". I could be wrong.
: 4. Havp, with squid-in as parent. (Anti-virus proxy, using clamav :) )
: 5. Second squid, that will use havp as parent (squid-out). Users will connect to this one.
Why the double proxy? And does this open up a new threat for shared
users on the system to see when/how someone downloaded something through
this setup based on how long it takes to retrieve an object?
--
phobos@xxxxxxxxxxxxx
SDF Public Access UNIX System - http://sdf.lonestar.org