Hi, I've seen some time ago a discussion about using your own Tor Relay as an Entry Node, but I'd like to have your opinion in the following two scenarios (if it makes any difference switching from 1 to 2):
1) You point at your node when you're in the same network where the node resides (I mean always by setting EntryNodes in torrc, not by using it as a SOCKS proxy)
2) You point at your node from a different network than the one in which the relay is
I think that if your node is being used by others, you would simply be one of the lots of users passing through it, with the advantage of removing the risk of a bad Entry node, what do you think about that?
And about using it as a SOCKS proxy to enter the Tor network? Do the same considerations apply or is it even worse to use a relay as a SOCKS proxy?
I'm sure that I've read about reasons to avoid using your own node, but I don't remember the considerations about this argument...
Best regards, Fr33d0m4All
On Thu, 14 Apr 2016 21:38:15 +0000 fr33d0m4all fr33d0m4all@riseup.net wrote:
And about using it as a SOCKS proxy to enter the Tor network? Do the same considerations apply or is it even worse to use a relay as a SOCKS proxy?
This is horrible and should *NEVER* be done, assuming any network not physically controlled by you is between you and the SOCKS proxy server[0], simply based on the request (and authentication if you chose to use such things) being in the clear.
Regards,
Using a relay as a SOCKS proxy is fine for the local network, just don't open it to the outside world.
Using your relay as an entry uses it as part of the circuit.
Using your relay as a local proxy creates a new circuit (without using your node in the circuit) On Apr 14, 2016 5:26 PM, "Yawning Angel" yawning@schwanenlied.me wrote:
On Thu, 14 Apr 2016 21:38:15 +0000 fr33d0m4all fr33d0m4all@riseup.net wrote:
And about using it as a SOCKS proxy to enter the Tor network? Do the same considerations apply or is it even worse to use a relay as a SOCKS proxy?
This is horrible and should *NEVER* be done, assuming any network not physically controlled by you is between you and the SOCKS proxy server[0], simply based on the request (and authentication if you chose to use such things) being in the clear.
Regards,
-- Yawning Angel
[0]: So, SOCKS over an internal network to a VM/magical anonymity box may be ok (depending on your threat model). SOCKS to a VPS somewhere is essentially always a bad idea.
tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
tor-relays@lists.torproject.org
-
fr33d0m4all -
Tristan -
Yawning Angel