[tor-talk] EFF Tor Challenge
Martin Fick
mogulguy at yahoo.com
Thu Jun 2 21:50:44 UTC 2011
--- On Thu, 6/2/11, CACook at quantum-sci.com <CACook at quantum-sci.com> wrote:
> For those interested, so far my best idea is running the
> daemon in a VirtualBox VM running SELinux as guest, and
> bridged to the outside. This should substantially
> solve most problems except membership in the local
> LAN.
I don't think that this would make for a best practice,
I think that a linux lxc should be encouraged instead,
it is way more efficient.
> If only consumer-grade routers had VLan, although routers
> aren't necessarily secure. Maybe a switch on the WAN
> side of the router, to flange the LAN and Tor interface
> together in a class C different from the LAN.
As fir isolation, I think that a best practice
should use iptable rules. But if you want to
go the cheap hardware route, buy a $5/15 nic
and add it to your box and plug that nic into
your modem's DMZ port, most of them have one.
-Martin
More information about the tor-talk
mailing list