[tor-talk] Ports required for Tor and hidden services

Jim jimmymac at copper.net
Mon Jan 27 05:53:24 UTC 2020

Forst wrote:
> In that case, what would be best approach to achieve that all traffic is 
> forced though Tor and direct internet connection blocked, preferably 
> even if/when the system is breached?

Roger gave a good reply for the case where the system is not breached. 
But if your firewall is on the same system as the hidden service and an 
attacker gets root then nothing can save you since the attacker could 
alter the firewall at will.  The only exception I can think of is 
SELinux *might* provide a mechanism to prevent this but I am not 
familiar with it.


More information about the tor-talk mailing list