privoxy (was Re: ipv6)

Michael Laccetti michael at
Mon Aug 9 14:03:35 UTC 2004

Privoxy can be setup to use ACLs; it will only accept connections from the
IPs you specify.  That way it can listen on, but only respond to
certain requests.

-----Original Message-----
From: owner-or-dev at [mailto:owner-or-dev at] On
Behalf Of Eugen Leitl
Sent: August 9, 2004 9:58 AM
To: or-dev at
Subject: privoxy (was Re: ipv6)

On Mon, Aug 09, 2004 at 09:19:35AM -0400, Patrick McFarland wrote:
> On Mon, 9 Aug 2004 14:47:00 +0200, Eugen Leitl <eugen at> wrote:
> > Speaking of privoxy, is running an open one ( a security/abuse
> > I.e., can it get my IP blacklisted?
> Its a security issue. Though, I've assumed you turned off remote 
> access features, and it's pointed at tor, so I'm not sure how big of a

Thanks for pointing out that remote access can be turned off. Switched off
Privoxy is pointed at tor indeed.

Is there a way to authenticate privoxy access? (I don't have IPsec up yet).

Another question: is it possible to wrap sessions to privoxy in SSL? Is
Stunnel the way to go?

> security issue it is. Its something I wouldn't do.

Do you have a specific threat model in mind, or is this the classical
"minimize the number of unnecessary services" rule?

Eugen* Leitl <a href="">leitl</a>
ICBM: 48.07078, 11.61144  
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

More information about the tor-dev mailing list