<p>Wouldn't it be safer to accept connections only on port 80? Else he would be exposing the whole machine. </p>
<div class="gmail_quote">On Mar 30, 2012 5:43 PM, "Tom Ritter" <<a href="mailto:tom@ritter.vg">tom@ritter.vg</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
It's my understanding that if you put the following Exit Policy in your torrc:<br>
<br>
ExitPolicyRejectPrivate 0<br>
ExitPolicy accept 97.107.139.108<br>
ExitPolicy reject *:*<br>
<br>
Where 97.107.139.108 is your IP address (that one's mine), you will<br>
Exit Enclave to your site, not allow any other exit traffic, you will<br>
be a normal tor relay (meaning you should check your bandwidth<br>
limits/accounting), and you will become the preferred path for Tor<br>
traffic to your site.<br>
<br>
Hidden Services are different from Exit Enclaving. I would be<br>
surprised if there was any danger to be added by running a Hidden<br>
Service on an Exit Enclave, and if so, that should be documented<br>
better.<br>
<br>
If anything I said is incorrect, I hope that someone will correct me<br>
in detail, and review the changes I'd like to make to the<br>
documentation - because if I misunderstood, I think the Docs need<br>
clarifying.<br>
<br>
-tom<br>
<br>
On 30 March 2012 10:18, Jef Heri <<a href="mailto:jefheri1@yahoo.com">jefheri1@yahoo.com</a>> wrote:<br>
> Hello list,<br>
><br>
> I hope this is the correct list to send these questions, if not I apologize and please tell me where I should send this message.<br>
><br>
> I want to setup a Tor node to run as a exit enclave for a web site (WordPress) and message board (vBulletin). However, I have found little documentation on how to accomplish this on a remote server, e.g. <a href="https://trac.torproject.org/projects/tor/wiki/doc/ExitEnclave" target="_blank">https://trac.torproject.org/projects/tor/wiki/doc/ExitEnclave</a> . Is there a more throughout document/manual for exit enclaves?<br>
><br>
> Is it correct that a exit enclave will act as a 'normal' exit node, as well as the exit enclave for its IP address (<a href="https://trac.torproject.org/projects/tor/ticket/800" target="_blank">https://trac.torproject.org/projects/tor/ticket/800</a>)? If so, is it possible to block exit to any IP other than the node's own IP via torrc file? If not, maybe I could only allow exists to white-list IPs, such as Tor Project web site IP, EFF IP, and etc?<br>
><br>
> I believe someone who sends messages to tor-talk maintains a hardened (OS(?) and) Tor, meant to be run as a node only, from remote server space. Does anyone have a link for that software? I looked at the Tor web site but I didn't find information. I am thinking about using that software as the exit enclave.<br>
><br>
> Lastly, is it possible (and smart - re anonymity and resources) to use the exit enclave to offer hidden service address?<br>
><br>
> Thanks!<br>
><br>
><br>
><br>
> _______________________________________________<br>
> tor-relays mailing list<br>
> <a href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a><br>
> <a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
_______________________________________________<br>
tor-relays mailing list<br>
<a href="mailto:tor-relays@lists.torproject.org">tor-relays@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays</a><br>
</blockquote></div>