Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
10-12-2007, 12:49 PM
|
#1
|
Member
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675
Rep:
|
Looking For Comments (Tor Nodes)
I was thinking about turning on my TOR to allow people to connect out from it. Then I found this article...
Click Here For Article
Here is an excerpt:
Code:
Earlier this week, a hacker infiltrated the website of a company in
France, defacing the site and using it to send vulgar emails. The
hacker was not a Rose-Hulman student. But through a router maintained
by a Rose-Hulman student, the hacker was able to do this anonymously.
The student, senior computer science major David Yip, was maintaining
a router on his computer called a Tor onion router. What Tor basically
does is enable anonymous communications over the internet. Yip
downloaded and installed Tor on his computer about two months ago. His
machine became a Tor exit node on September 4, 2005.
I know the purpose of TOR and I personally love it. Is there no way to offer a TOR exit node while protecting yourself? I would like to participate in the program, however I'm not going to put myself at risk to do so.
Thanks for all of your comments.
nomb
|
|
|
10-12-2007, 01:16 PM
|
#2
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
Are you refering to system/network protection or legal protection? Many applications which are used to regulate a LAN's access to a WAN can be re-implemented to regulate outgoing Tor exit node traffic. That said, running an exit node is by definition a risky endeavour (since you don't know the intentions of people using your exit node), and no amount of precautions will change that.
|
|
|
10-13-2007, 04:51 AM
|
#3
|
Moderator
Registered: May 2001
Posts: 29,415
|
TOR configuration allows exit nodes to control what IP ranges and ports they connect with with ExitPolicy directives. So you can for instance block some ISP range and SMTP, telnet, SSH, IRC (if they reside on these std ports). Traffic inside the "TOR cloud" is encrypted but exit nodes have to decrypt that (do not confuse with SSL) to allow it to reach its destination, so after the TOR ExitPolicy directives you're free to use routing / netfilter to block .fr, .cn, .tw or whatever else. If you don't feel comfortable running an exit node you could help TOR by running it as a middleman. (Not to chide you in any way but all of this you could have read in the TOR docs.)
|
|
|
10-16-2007, 11:11 PM
|
#4
|
Member
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675
Original Poster
Rep:
|
Quote:
Originally Posted by unSpawn
TOR configuration allows exit nodes to control what IP ranges and ports they connect with with ExitPolicy directives. So you can for instance block some ISP range and SMTP, telnet, SSH, IRC (if they reside on these std ports). Traffic inside the "TOR cloud" is encrypted but exit nodes have to decrypt that (do not confuse with SSL) to allow it to reach its destination, so after the TOR ExitPolicy directives you're free to use routing / netfilter to block .fr, .cn, .tw or whatever else. If you don't feel comfortable running an exit node you could help TOR by running it as a middleman. (Not to chide you in any way but all of this you could have read in the TOR docs.)
|
Thanks guys for your responses. Oh, btw, I read the TOR docs, however I seem to have gotten the docs without your opinions/comments included in them which is why I was asking for them. If you know where the docs are that include everyone's opinions/comments by all means let me know.
Usually when I buy something I read the reviews on it first, likewise when I am thinking about implementing on my computer/network I read the 'reviews' for that as well. M$ says they are the best OS in the world but if you speak with the 'consumer' you find differently.
nomb
|
|
|
10-17-2007, 03:25 PM
|
#5
|
Moderator
Registered: May 2001
Posts: 29,415
|
Quote:
Originally Posted by nomb
Oh, btw, I read the TOR docs, however I seem to have gotten the docs without your opinions/comments included in them which is why I was asking for them. If you know where the docs are that include everyone's opinions/comments by all means let me know.
|
I should have said the TOR Wiki. Those docs are pretty good. Then there's the TOR users mailing list, pretty good discussions there too.
|
|
|
10-19-2007, 06:01 PM
|
#6
|
Member
Registered: Jan 2006
Distribution: Debian Testing
Posts: 675
Original Poster
Rep:
|
Now that's something I could sink my teeth into.
I haven't looked at the wiki yet.
nomb
|
|
|
All times are GMT -5. The time now is 08:06 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|