Wouldn't it be safer to accept connections only on port 80? Else he would be exposing the whole machine.

On Mar 30, 2012 5:43 PM, "Tom Ritter" <tom@ritter.vg> wrote:
It's my understanding that if you put the following Exit Policy in your torrc:

ExitPolicyRejectPrivate 0
ExitPolicy accept 97.107.139.108
ExitPolicy reject *:*

Where 97.107.139.108 is your IP address (that one's mine), you will
Exit Enclave to your site, not allow any other exit traffic, you will
be a normal tor relay (meaning you should check your bandwidth
limits/accounting), and you will become the preferred path for Tor
traffic to your site.

Hidden Services are different from Exit Enclaving.  I would be
surprised if there was any danger to be added by running a Hidden
Service on an Exit Enclave, and if so, that should be documented
better.

If anything I said is incorrect, I hope that someone will correct me
in detail, and review the changes I'd like to make to the
documentation - because if I misunderstood, I think the Docs need
clarifying.

-tom

On 30 March 2012 10:18, Jef Heri <jefheri1@yahoo.com> wrote:
> Hello list,
>
> I hope this is the correct list to send these questions, if not I apologize and please tell me where I should send this message.
>
> I want to setup a Tor node to run as a exit enclave for a web site (WordPress) and message board (vBulletin). However, I have found little documentation on how to accomplish this on a remote server, e.g. https://trac.torproject.org/projects/tor/wiki/doc/ExitEnclave . Is there a more throughout document/manual for exit enclaves?
>
> Is it correct that a exit enclave will act as a 'normal' exit node, as well as the exit enclave for its IP address (https://trac.torproject.org/projects/tor/ticket/800)? If so, is it possible to block exit to any IP other than the node's own IP via torrc file? If not, maybe I could only allow exists to white-list IPs, such as Tor Project web site IP, EFF IP, and etc?
>
> I believe someone who sends messages to tor-talk maintains a hardened (OS(?) and) Tor, meant to be run as a node only, from remote server space. Does anyone have a link for that software? I looked at the Tor web site but I didn't find information. I am thinking about using that software as the exit enclave.
>
> Lastly, is it possible (and smart - re anonymity and resources) to use the exit enclave to offer hidden service address?
>
> Thanks!
>
>
>
> _______________________________________________
> tor-relays mailing list
> tor-relays@lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
_______________________________________________
tor-relays mailing list
tor-relays@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays