On Nov 8, 2007 4:00 PM, Jefferson Iblis <[EMAIL PROTECTED]> wrote: > On Nov 8, 2007 11:29 PM, Kyle Williams <[EMAIL PROTECTED]> wrote: > > > > > > If you want to run a hidden server, such as a web site over a .onion > > address, then that's fine. > > If your router is disallowing people to access the admin webpage > interface > > from the Internet, that's probably a good thing. > > But if running a Tor exit node opens up that admin webpage to the rest > of > > the Tor network, that's not good. At that point, anyone could > anonymously > > try and hack your router. God help you if they do get in, then your > really > > in trouble. > > > > There is no point in redirecting that type of request, it needs to be > > rejected. > > ....Maybe replying with a "bad hacker, not root for you!" webpage would > be > > funny though. > > > > Seems the simplest solution would be to, by default, disallow Tor from > accessing the local network, including what it discovers to be its > externally accessible IP. Then anyone who wants to allow local access > can explicitly turn on whatever they think is appropriate. >
Exactly.
