Thus spake Moritz Bartl (mor...@torservers.net):
> On 10.03.2011 08:21, Fabio Pietrosanti (naif) wrote:
> > Again, that's true only if you are damaging user's traffic and so your
> > "filtering" doesn't break in any case:
> > a) don't break user traffic
> > b) don't break exit scanner traffic
> >
Hi,
On 10.03.2011 08:21, Fabio Pietrosanti (naif) wrote:
> Again, that's true only if you are damaging user's traffic and so your
> "filtering" doesn't break in any case:
> a) don't break user traffic
> b) don't break exit scanner traffic
> c) break "just some kind" of more noisy and malicious/agg
On 3/9/11 11:58 PM, Gregory Maxwell wrote:
> Tor has currently has no facility for those users who are happy to
> have random third parties screw with their traffic to opt-into it, or
> those who would want to avoid it to opt out. This means that anything
> you to the traffic will have random inex
On 09.03.2011 23:29, Fabio Pietrosanti (naif) wrote:
> It's not censorship but a chance to attract more TOR exit node
> maintainer by simplifying the costs and risks in running a TOR exit node.
I'd rather stay a middle/entry node than employing shady filters.
_
On 3/10/11 2:04 AM, Robert Ransom wrote:
> On Wed, 09 Mar 2011 23:29:16 +0100
> "Fabio Pietrosanti (naif)" wrote:
>
>> On 3/9/11 11:20 PM, Robert Ransom wrote:
>>> Try running "man tor |grep -C5 OutboundBindAddress".
>>
>> You didn't got the technical need, the need is to redirect only TOR-exit
>
On Wed, 09 Mar 2011 23:29:16 +0100
"Fabio Pietrosanti (naif)" wrote:
> On 3/9/11 11:20 PM, Robert Ransom wrote:
> > Try running "man tor |grep -C5 OutboundBindAddress".
>
> You didn't got the technical need, the need is to redirect only TOR-exit
> traffic.
>
> OutboundBindAddress make *all*, in
On Wed, Mar 9, 2011 at 5:29 PM, Fabio Pietrosanti (naif)
wrote:
> Yes but that's more complex, with iptables you can redirect TCP ports,
> but from your TOR node not all traffic going for example to port 80 is
> http, but a lot of it it's TOR.
>
> If you redirect it to a transparent proxy you'll b
On 3/9/11 11:20 PM, Robert Ransom wrote:
> Try running "man tor |grep -C5 OutboundBindAddress".
You didn't got the technical need, the need is to redirect only TOR-exit
traffic.
OutboundBindAddress make *all*, including intra-tor, communications go
trough that IP address:
"Make all outbound conne
On Wed, 09 Mar 2011 19:23:15 +0100
"Fabio Pietrosanti (naif)" wrote:
> i've been thinking and playing a lot about the various possible risk
> mitigation scenarios for TOR exit node maintainer.
>
> Now i need to be able to pass all web traffic trough a transparent proxy
> in order to implement so
On 3/9/11 7:35 PM, Gregory Maxwell wrote:
> [snip]
>
> If you start inspecting and screwing with third party traffic you will
> be bad-exited.
It depends on how you do it.
The important things is to be really careful not to create "collateral
damage" while you apply some kind of security.
Avoiding
On Wed, Mar 9, 2011 at 1:23 PM, Fabio Pietrosanti (naif)
wrote:
> Hi all,
> i've been thinking and playing a lot about the various possible risk
> mitigation scenarios for TOR exit node maintainer.
>
> Now i need to be able to pass all web traffic trough a transparent proxy
> in order to implement
Hi all,
i've been thinking and playing a lot about the various possible risk
mitigation scenarios for TOR exit node maintainer.
Now i need to be able to pass all web traffic trough a transparent proxy
in order to implement some kind of filters to prevent specific
web-attacks, web-bruteforce, etc,
12 matches
Mail list logo
