On Wed, 14 Aug 2019, Pop Chunhapanya wrote:
> I feel that HTTPSProxy is too expensive. As far as I know, it needs to do
> (1) tcp handshake, (2) tls handshake, and (3) http connect. If I can use
> haproxy, it would be just one tcp handshake.
AIUI, there wouldn't be a (2).
--
> On 20 Aug 2019, at 13:31, Pop Chunhapanya wrote:
>
> Hi Tim,
>
>>
>> TCPProxy protocol host:port
>>
>> Tor will use the given protocol to make all its OR (SSL) connections through
>> a TCP proxy on host:port, rather than connecting directly to servers. You
>> may want to set
Hi Tim,
> TCPProxy protocol host:port
>
>
> Tor will use the given protocol to make all its OR (SSL) connections
> through a TCP proxy on host:port, rather than connecting directly to
> servers. You may want to set FascistFirewall to restrict the set of ports
> you might try to connect to, if
> On 16 Aug 2019, at 04:52, Pop Chunhapanya wrote:
>
> Hi Tim,
>
>> The only protocol supported right now 'haproxy'. This option is only for
>> clients. (Default: none)
>
> I think TCPProxy option is more generic than HTTPSProxy, Socks4Proxy and
> Socks5Proxy. Why don't we also allow https,
Hi Tim,
The only protocol supported right now 'haproxy'. This option is only for
> clients. (Default: none)
>
I think TCPProxy option is more generic than HTTPSProxy, Socks4Proxy and
Socks5Proxy. Why don't we also allow https, socks4, and socks5 instead of
just haproxy?
Hi Haxxpop,
> On 15 Aug 2019, at 16:53, Pop Chunhapanya wrote:
>
>
>>> So I'm thinking putting the tor daemon behind some third party TCP proxy
>>> that will protect me from this kind of DDoS attack.
>>>
>>> What do you think if I want to implement a feature that forward all the
>>> onion
> So I'm thinking putting the tor daemon behind some third party TCP proxy
> that will protect me from this kind of DDoS attack.
>
> What do you think if I want to implement a feature that forward all the
> onion service traffic to the TCP proxy before going to the Tor network?
>
> The protocol
On 8/14/19, Pop Chunhapanya wrote:
> When deploying an onion service ... the ip address
> of my machine ... is exposed to the Tor network...
> DDoS ... if someone knows my ip address.
Only your tor client, and your guard, knows your ip.
Unless you're up against a malicious guard, that's
not a
Hi,
> On 15 Aug 2019, at 05:10, Pop Chunhapanya wrote:
>
> When deploying an onion service, I noticed some problem that the ip address
> of my machine that runs tor daemon is exposed to the Tor network which is
> vulnerable to the DDoS attack if someone knows my ip address.
You can reject