[tor-talk] Help me secure my setup

s7r s7r at sky-ip.org
Sun Jan 10 18:25:11 UTC 2016


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

Periodic consensus downloads, as well as keeping always some fresh
circuits on the list in order to attach streams to when requested via
the SocksPort. In other words, not much traffic but not 0 traffic as well.

Related to your other questions, you might be using too much
complexity which is in most of cases not desired. To be frank I didn't
understand your goals and threat model...

If I were you I would just configure a good vpn on the server in the
datacenter (say openvpn for example with my own certs and everything)
and connect to the vpn first, then normally (no bridges) to Tor. This
will probably obfuscate some adversaries in learning that you are
using Tor from home.

Connecting to the VPN after you connect to Tor will provide you an
unique static exit point from the Tor network which will make you very
very distinguishable so I would not do that if I were you.

On 1/10/2016 8:08 PM, Oskar Wendel wrote:
> Oskar Wendel <o.wendel at wp.pl>:
> 
>> 1. Maybe I should run a private (unpublished) bridge on the
>> server and a tor client on my tor PC, that would be able to
>> connect only to the bridge (through a VPN)? This way, all
>> unencrypted traffic would never exit a tor PC. This PC is secured
>> enough to assume it's secure from being hacked into. It's also
>> encrypted and never left unattended.
> 
> Additional question: For an idling client (that is, a tor client
> that is connected, but nobody connects to its socks port), what
> network activity takes place? I can think only of periodic
> consensus downloads. Anything else?
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBCAAGBQJWkqIHAAoJEIN/pSyBJlsRDOAH/0GtqJJnqfe9MQDc/SgYj5fZ
nq8KAoDJ69BIyh4HcrDlQ/Qnj7oYE99wrdG1W7ES6ho0PTBIkBAegT1KrspSqS9a
nrinEoi+3GDPTbhVoSsqKdfsDXXhEsOtCLMUHqeYw7n8Za1kfr/3uPGP4JxzQTu8
+uHJOEwpL/3Ma+8uL5qAoo1y695gvVkqmL3r/rgTdBB4NfY2s64UqGh92D4i6XuL
xbFvaxa5E0owupaCxdi6DHUd/+L9MToTJLMftpayIpUxhHT42BwtYucmZEk0FEyA
JWM+sJvOrf94TIcXvSSxipuhQmIb8Javp1R88VnrhJijVQdk2jRR88MyIZtZh1g=
=End5
-----END PGP SIGNATURE-----


More information about the tor-talk mailing list