-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Drake Wilson wrote: > Quoth Andrew Del Vecchio <[EMAIL PROTECTED]>, on 2007-12-23 13:36:45 -0800: >> Roger, I'm good to go except for one thing: The permissions issue with >> the port being 443 (less than 1024). Is there an easy way around this >> without having to create a chroot jail, etc? I'm using the latest Ubuntu >> 7.10. I can change file permissions but I don't want to create a >> security vulnerability. > > The obvious way to handle this, if you have iptables available, is > probably to run the Tor server on some other port (say, 1443) and then > use iptables to redirect incoming connections on port 443 to port 1443 > instead.
I actually take both approaches. "Kitsune" (a regular node, not a bridge) listens on a non-privileged port, having my network's public port 443 redirected to that port. I also use northernsecurity.net's Debian scripts, which allow easy chrooting of Tor. =:o) - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHcFknbgkxCAzYBCMRCBcMAJ0SQ/jHufnhE+CHVGHO7Li8cW53OACdETSE r+8JhtGGU1xfMi981Biksd0= =0v4X -----END PGP SIGNATURE-----
