[tor-talk] Ports required for Tor and hidden services
jimmymac at copper.net
Mon Jan 27 05:53:24 UTC 2020
> In that case, what would be best approach to achieve that all traffic is
> forced though Tor and direct internet connection blocked, preferably
> even if/when the system is breached?
Roger gave a good reply for the case where the system is not breached.
But if your firewall is on the same system as the hidden service and an
attacker gets root then nothing can save you since the attacker could
alter the firewall at will. The only exception I can think of is
SELinux *might* provide a mechanism to prevent this but I am not
familiar with it.
More information about the tor-talk