Focus on Microsoft
Back to list
Jan 12 2011 05:28PM
im anikin us
Jan 14 2011 02:30AM
Claude Petit (petc webmail us)
Jan 13 2011 03:55AM
MNelson (mnelson nels-sec com)
-----BEGIN PGP SIGNED MESSAGE-----
If you want to just be a relay, the issues are "less" dangerous. However,
you wouldn't run this on a network with sensitive stuff.....would you?
Really in this mode you are just a relay/router on the Tor network and you
pass traffic along to the next Tor relay.
You might have issues if you want to be an exit node. This mean you are an
exit point out of the Tor network, meaning your IP shows up in logs....
Traffic can be the exit point for traffic of good people trying to gain
anonymity. It can also be used by bad people trying to use the same
anonymity for attacking other systems/etc. You can control the exit
policies though to limit the type of traffic that can exit.
You can also act as a "bridge" provider of sorts. For those Tor clients that
can't reach the Tor network directly and pull the core nodes, you can
provide a list of those nodes to them. You have to let traffic directly to
your Tor bridge service though, so you'll open up a port for that. This
could attacked directly.
Another dangerous function of Tor is the capability of setting up Tor
services. Essentially you can have a service available "anonymously" on the
Tor network. This is really scary...considering you could have a service
(SSH, FTP, etc..) tunneled right into your network. The person connecting
externally would of course be anonymous too. They could then attack the
"service" you are providing...like a vulnerable FTP server or attack
accounts on SSH with weak passwords for example. If you are controlling
your instance, you have to set up the Tor services manually, so accidental
Tor services configurations should be easy to avoid.
Like any service you run on a system whether Windows or *nix, it would be a
good idea to harden the system. Just run the relay on a separate system and
only run the relay on it.
- -----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On
Behalf Of im (at) anikin (dot) us [email concealed]
Sent: Wednesday, January 12, 2011 11:28 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
What are the security implications of running a Tor relay on a machine
behind a firewall?
Is there a high probability of it being hacked somehow, and what does one
do to prevent that?
Thank you in advance for your time and advice.
mailto:im (at) anikin (dot) us [email concealed]
-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 10.1.0 (Build 860)
-----END PGP SIGNATURE-----
[ reply ]
Jan 13 2011 01:48AM
Thor (Hammer of God) (thor hammerofgod com)
Jan 12 2011 06:43PM
Lee Fisher (blibbet gmail com)
Copyright 2010, SecurityFocus