Wouldn't it be safer to accept connections only on port 80? Else he would be exposing the whole machine. On Mar 30, 2012 5:43 PM, "Tom Ritter" <[email protected]> wrote:
> It's my understanding that if you put the following Exit Policy in your > torrc: > > ExitPolicyRejectPrivate 0 > ExitPolicy accept 97.107.139.108 > ExitPolicy reject *:* > > Where 97.107.139.108 is your IP address (that one's mine), you will > Exit Enclave to your site, not allow any other exit traffic, you will > be a normal tor relay (meaning you should check your bandwidth > limits/accounting), and you will become the preferred path for Tor > traffic to your site. > > Hidden Services are different from Exit Enclaving. I would be > surprised if there was any danger to be added by running a Hidden > Service on an Exit Enclave, and if so, that should be documented > better. > > If anything I said is incorrect, I hope that someone will correct me > in detail, and review the changes I'd like to make to the > documentation - because if I misunderstood, I think the Docs need > clarifying. > > -tom > > On 30 March 2012 10:18, Jef Heri <[email protected]> wrote: > > Hello list, > > > > I hope this is the correct list to send these questions, if not I > apologize and please tell me where I should send this message. > > > > I want to setup a Tor node to run as a exit enclave for a web site > (WordPress) and message board (vBulletin). However, I have found little > documentation on how to accomplish this on a remote server, e.g. > https://trac.torproject.org/projects/tor/wiki/doc/ExitEnclave . Is there > a more throughout document/manual for exit enclaves? > > > > Is it correct that a exit enclave will act as a 'normal' exit node, as > well as the exit enclave for its IP address ( > https://trac.torproject.org/projects/tor/ticket/800)? If so, is it > possible to block exit to any IP other than the node's own IP via torrc > file? If not, maybe I could only allow exists to white-list IPs, such as > Tor Project web site IP, EFF IP, and etc? > > > > I believe someone who sends messages to tor-talk maintains a hardened > (OS(?) and) Tor, meant to be run as a node only, from remote server space. > Does anyone have a link for that software? I looked at the Tor web site but > I didn't find information. I am thinking about using that software as the > exit enclave. > > > > Lastly, is it possible (and smart - re anonymity and resources) to use > the exit enclave to offer hidden service address? > > > > Thanks! > > > > > > > > _______________________________________________ > > tor-relays mailing list > > [email protected] > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays > _______________________________________________ > tor-relays mailing list > [email protected] > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays >
_______________________________________________ tor-relays mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays
