<br><br><div class="gmail_quote">On Nov 8, 2007 4:00 PM, Jefferson Iblis <<a href="mailto:fleshheap@gmail.com">fleshheap@gmail.com</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Nov 8, 2007 11:29 PM, Kyle Williams <<a href="mailto:kyle.kwilliams@gmail.com">kyle.kwilliams@gmail.com</a>> wrote:<br>><br>><br>> If you want to run a hidden server, such as a web site over a .onion
<br>> address, then that's fine.<br>> If your router is disallowing people to access the admin webpage interface<br>> from the Internet, that's probably a good thing.<br>> But if running a Tor exit node opens up that admin webpage to the rest of
<br>> the Tor network, that's not good. At that point, anyone could anonymously<br>> try and hack your router. God help you if they do get in, then your really<br>> in trouble.<br>><br>> There is no point in redirecting that type of request, it needs to be
<br>> rejected.<br>> ....Maybe replying with a "bad hacker, not root for you!" webpage would be<br>> funny though.<br>><br><br></div>Seems the simplest solution would be to, by default, disallow Tor from
<br>accessing the local network, including what it discovers to be its<br>externally accessible IP. Then anyone who wants to allow local access<br>can explicitly turn on whatever they think is appropriate.<br></blockquote>
</div><br>Exactly.<br>