Wouldn't it be safer to accept connections only on port 80? Else he would be exposing the whole machine. On Mar 30, 2012 5:43 PM, "Tom Ritter" tom@ritter.vg wrote:
It's my understanding that if you put the following Exit Policy in your torrc:
ExitPolicyRejectPrivate 0 ExitPolicy accept 97.107.139.108 ExitPolicy reject *:*
Where 97.107.139.108 is your IP address (that one's mine), you will Exit Enclave to your site, not allow any other exit traffic, you will be a normal tor relay (meaning you should check your bandwidth limits/accounting), and you will become the preferred path for Tor traffic to your site.
Hidden Services are different from Exit Enclaving. I would be surprised if there was any danger to be added by running a Hidden Service on an Exit Enclave, and if so, that should be documented better.
If anything I said is incorrect, I hope that someone will correct me in detail, and review the changes I'd like to make to the documentation - because if I misunderstood, I think the Docs need clarifying.
-tom
On 30 March 2012 10:18, Jef Heri jefheri1@yahoo.com wrote:
Hello list,
I hope this is the correct list to send these questions, if not I
apologize and please tell me where I should send this message.
I want to setup a Tor node to run as a exit enclave for a web site
(WordPress) and message board (vBulletin). However, I have found little documentation on how to accomplish this on a remote server, e.g. https://trac.torproject.org/projects/tor/wiki/doc/ExitEnclave . Is there a more throughout document/manual for exit enclaves?
Is it correct that a exit enclave will act as a 'normal' exit node, as
well as the exit enclave for its IP address ( https://trac.torproject.org/projects/tor/ticket/800)? If so, is it possible to block exit to any IP other than the node's own IP via torrc file? If not, maybe I could only allow exists to white-list IPs, such as Tor Project web site IP, EFF IP, and etc?
I believe someone who sends messages to tor-talk maintains a hardened
(OS(?) and) Tor, meant to be run as a node only, from remote server space. Does anyone have a link for that software? I looked at the Tor web site but I didn't find information. I am thinking about using that software as the exit enclave.
Lastly, is it possible (and smart - re anonymity and resources) to use
the exit enclave to offer hidden service address?
Thanks!
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays