Please run a bridge relay! (was Re: Tor 0.2.0.13-alpha is out)
F. Fox
kitsune.or at gmail.com
Tue Dec 25 01:13:11 UTC 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Drake Wilson wrote:
> Quoth Andrew Del Vecchio <firefox-gen at walala.org>, on 2007-12-23 13:36:45 -0800:
>> Roger, I'm good to go except for one thing: The permissions issue with
>> the port being 443 (less than 1024). Is there an easy way around this
>> without having to create a chroot jail, etc? I'm using the latest Ubuntu
>> 7.10. I can change file permissions but I don't want to create a
>> security vulnerability.
>
> The obvious way to handle this, if you have iptables available, is
> probably to run the Tor server on some other port (say, 1443) and then
> use iptables to redirect incoming connections on port 443 to port 1443
> instead.
I actually take both approaches.
"Kitsune" (a regular node, not a bridge) listens on a non-privileged
port, having my network's public port 443 redirected to that port.
I also use northernsecurity.net's Debian scripts, which allow easy
chrooting of Tor. =:o)
- --
F. Fox: A+, Network+, Security+
Owner of Tor node "kitsune"
http://fenrisfox.livejournal.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFHcFknbgkxCAzYBCMRCBcMAJ0SQ/jHufnhE+CHVGHO7Li8cW53OACdETSE
r+8JhtGGU1xfMi981Biksd0=
=0v4X
-----END PGP SIGNATURE-----
More information about the tor-talk
mailing list