"iff" is shorthand for "if and only if", as opposed to "if [and maybe
otherwise]"
On 02/03/2017 12:16 AM, anondroid wrote:
>> I was wondering what the minimum exit policy was (wrt port 80 and 443) for a
>> Tor exit relay.
>
> https://gitweb.torproject.org/torspec.git/tree/dir-spec.txt#n2294
>
If a pluggable transport is HTTP(S)-ish, I would expect nginx to be able
to use SNI or a Host header (or the lack) to decide whether to serve web
content or proxy to tor or the transport. I'm not sure if nginx can
decide to proxy tcp based on SNI, but it would be worth reading the docs.
If this
I agree. I just bin these, or send the standard "abuse" response
template, which includes a snippet about using a DNSBL.
On 10/20/2015 04:57 PM, AMuse wrote:
>
>
> The TOR directory of exit nodes is readily available for ISP's and
> website operators to apply in their filters. I don't see why
Okay, I'm not familiar with the implementation. That leaves the other
point and question though:
- The attack described would require a lot of resources to significantly
pull down the utilization of one family (and adding those relays to the
network might help it more than hurt).
- Are there any
Out of curiosity, what is the need for ensuring a node cannot be put
into a family without its consent? What would be wrong with, say, a
FamilyName directive? Set the same FamilyName on each node you control,
and routes will avoid multiples.
On 07/22/2015 03:48 PM, Virgil Griffith wrote:
Thanks
True, but unless one family controls a large part of the network (which
is bad even with the current system), this is barely worse than an
attacker flooding the current network with new relays in a family. I
believe what you describe is possible in the current system as well.
The only thing I can
[::1] is the IPv6 loopback address - use [::] to listen on any address.
On 05/13/2015 03:09 AM, torser...@ittk.it wrote:
I have enabled it at 1 VPS and 1 Root.
And I enabled it on 2 instances which are connected via
broadbandconnections with dynamic addresses for IPv4 and IPv6. There I got
it. Try specifying a globally reachable address
explicitly.
what do you think?
Marcel
JovianMallard t...@sec.gd hat am 13. Mai 2015 um 15:27 geschrieben:
[::1] is the IPv6 loopback address - use [::] to listen on any address.
On 05/13/2015 03:09 AM, torser...@ittk.it wrote:
I have
Matt,
Inspired by the options to confirm domain ownership with Google,
Could you ask the relay operator to include a randomly generated (by
you) token in their contact field? It may take a while to propagate and
it requires action on the operator's part, but it's not difficult and I
expect it