[tor-relays] [ARM] Connecting to another host's control port with ARM: Connection refused.

Andy Isaacson adi at hexapodia.org
Sat Sep 7 01:23:06 UTC 2013


On Thu, Sep 05, 2013 at 10:35:22PM -0700, Robert Charlton wrote:
> Martin, setting ControlListenAddress to 10.0.0.3:9051 did the trick.
> I've also enabled cookie authentication. Obviously ARM running on
> something that's not a Tor server to connect to a server's control port
> has its limits, but I can still get some useful info. Thanks.

Keep in mind that setting ControlListenAddress to a 10.x address means
that anyone who can get a 10.x address (such as over WiFi DHCP) will be
able to control your Tor relay.

You may say "oh but my network is secure" which is just fine so long as
it continues to be true.  But the default state of networks is
"connected", so as time elapses your network will become less secure.

I would strongly recommend not leaving ControlListenAddress listening on
a non-localhost IP address.

-andy


More information about the tor-relays mailing list