-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 06/03/2011 02:45 PM, Jesus Cea wrote:
I run a TOR node in OVH (France). They shutdown my server several times because it was "hacked" in the sense of "we don't think a server should make outgoing port 443 connections". After a lof of complains and arguments, and a dozen of shutdowns, I restricted my node to NON-EXIT. And filter my 443 outgoing at FW level, because even connecting to port 443 of other TOR nodes were considered "you have a compromised machine".
I suppose most of the circuits attempts through your relay will break because 7 out of the 10 fastest relays have their ORPort set to 443. (in total ~30% of relays have ORPort set to 443) Your relay won't be able to publish its descriptor to all directory authorities. Would be nice to add a detection for such firewalled relays to the scanner. You might be interested into this (long term) feature request: https://trac.torproject.org/projects/tor/ticket/3028 -----BEGIN PGP SIGNATURE----- iF4EAREKAAYFAk3o3esACgkQyM26BSNOM7aLqAD/VGVNBZ4U7hzbqXk+QT2XY4Fe fEbKnrW7KsWE5fOVqD4A/35s1J9m09Vl4kXRa26BANJuWmQROMXllh/h7yhATKL9 =HVUb -----END PGP SIGNATURE-----