[tor-talk] Cloak Tor Router
Lars Boegild Thomsen
lth at reclaim-your-privacy.com
Sun Nov 9 09:20:06 UTC 2014
On Thursday 06 November 2014 05:41:09 coderman wrote:
> > I will definitely look into this one. This should be quite easy to
> > implement by messing a bit with the firewall tables :)
> > Only problem I see is that to make it useful I think it would have to time
> > out at some point.
> in the past i have used OUI prefix lists to avoid known bad behavior.
> (this doesn't work if a device is spoofing MAC of course, but in that
> case they are probably savvy :)
That is one option but I generally dislike hard coding stuff like that.
> > Number of wireless networks are not an issue so I _am_ beginning to think
> > that more than two is necessary. For example:
> > 1. Open - Open network - no Tor
> > 2. Transparent proxy - all tcp traffic allowed - forced through Tor -
> > everything on separate circuits - captive warning
> > 3. Transparent proxy as 2 minus captive portal (for gadgets or someone who
> > know what they are doing)
> > 4. Isolating proxy - only https allowed - forced through Tor - everything on
> > separate circuits and everything else blocked
> the timeout behavior, perhaps you could detect "brain-dead re-attempt
> repeat" behavior for this duration, and then let through instead.
> this came up in past discussions about a device that is simply
> connected but idle, not yet seen by human. and a device that is
> headless dumb, like your media player.
In the case of my media player I don't really provide it with login details, so it is merely a matter of preventing it's chattiness to be tied to my IP address. I'll be fine if everything from that is just pushed through Tor. I don't do streaming much by the way (live in a place with relatively slow Internet), so the chattiness is mostly downloading covers, movie descriptions etc.
I am not sure I get your time out idea. Do you remember when it was discussed or the subject - then I can go back and read the archive.
> thanks again for the open discussion!
The beauty of Open Source in general :) I must admit after the Anonabox thing I expected to hit more hostility on this list, but I am quite happy with the discussion so far.
Lars Boegild Thomsen
Jabber/XMPP: lth at reclaim-your-privacy.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: This is a digitally signed message part.
More information about the tor-talk