[tor-bugs] #14084 [Tor]: Configuration option for anti-hs-portscanning
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon Jan 5 16:44:04 UTC 2015
#14084: Configuration option for anti-hs-portscanning
------------------------+--------------------------------
Reporter: nickm | Owner:
Type: defect | Status: needs_review
Priority: normal | Milestone: Tor: 0.2.6.x-final
Component: Tor | Version:
Resolution: | Keywords: tor-hs nickm-patch
Actual Points: | Parent ID:
Points: |
------------------------+--------------------------------
Comment (by dgoulet):
I wonder if this is a bit too much technical for users:
{{{
[[HiddenServiceAllowUnknownPorts]] **HiddenServiceAllowUnknownPorts**
**0**|**1**::
If set to 1, then connections to unrecognized ports do not cause the
current hidden service to close rendezvous circuits. (Default: 0)
}}}
What is a "rendezvous circuit"? What that entails for the user to set it
or not? Should we mention that it's primarly there to make port scanning
harder on the attacker side (which is it really?). Why would someone set
it to 1, to avoid bunch of circuit being built?
The patch is ok for me. I'm no big fan of multiple error code but I don't
see any simpler way here unless an extra param is given and set if the
circuit should be close.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/14084#comment:3>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list