Hello Everyone, What are the security implications of running a Tor relay on a machine behind a firewall? Is there a high probability of it being hacked somehow, and what does one do to prevent that? Thank you in advance for your time and advice. mailto:im <at> anikin.us
> What are the security implications of running a Tor relay on a machine > behind a firewall? This is a MS-focused list. Tor is designed by Unix developers, and works best (read: most securely) on Debian. Not Windows. You should view the archives of or-talk, and try asking there if you can't find the answer in archives. The or-talk list has multiple threads on known attacks to Tor. There is also a tor-relays mailing list at torproject.org, for admins of relays. > Is there a high probability of it being hacked somehow, and what does > one do to prevent that? Nothing special, general OS hardening. But again, Tor is more secure on Unix than Windows. Also, pick a good ISP, and have a lawyer on file.http://www.torproject.org/docs/tor-doc-relay.html.en https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/OperationalSecurity https://blog.torproject.org/blog/tips-running-exit-node-minimal-harassment https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorAbuseTemplates http://www.torproject.org/eff/tor-legal-faq.html.en > Thank you in advance for your time and advice. HTH.
Depends really.... If you want to just be a relay, the issues are "less" dangerous. However, you wouldn't run this on a network with sensitive stuff.....would you? Really in this mode you are just a relay/router on the Tor network and you pass traffic along to the next Tor relay. You might have issues if you want to be an exit node. This mean you are an exit point out of the Tor network, meaning your IP shows up in logs.... Traffic can be the exit point for traffic of good people trying to gain anonymity. It can also be used by bad people trying to use the same anonymity for attacking other systems/etc. You can control the exit policies though to limit the type of traffic that can exit. You can also act as a "bridge" provider of sorts. For those Tor clients that can't reach the Tor network directly and pull the core nodes, you can provide a list of those nodes to them. You have to let traffic directly to your Tor bridge service though, so you'll open up a port for that. This could attacked directly. Another dangerous function of Tor is the capability of setting up Tor services. Essentially you can have a service available "anonymously" on the Tor network. This is really scary...considering you could have a service (SSH, FTP, etc..) tunneled right into your network. The person connecting externally would of course be anonymous too. They could then attack the "service" you are providing...like a vulnerable FTP server or attack accounts on SSH with weak passwords for example. If you are controlling your instance, you have to set up the Tor services manually, so accidental Tor services configurations should be easy to avoid.(Continue reading)
I used to date an Asian girl who called me that. I would say that the implications of a Tor relay behind the fw are the same as any other service behind a firewall. You can't really look at it as a "probability of being hacked" any differently than you would for a SMTP gateway; which is to say, vendor vulnerability history aside, they should be considered equal. I guess you could look at the service workflow differently for a strict relay of IP traffic coming in and going out differently than something like a web server where you have IP coming in and file access going on in the background. Things to keep in mind are the context of the Tor service's execution, and what restrictions you can place on it. If it can run as a Guest user or LocalService, then that is way better than LocalSystem. I would also consider the least privilege model - for SMTP, it has to make its way to your infrastructure somehow (in general) so you secure it based on that need. But with Tor, your infrastructure doesn't need to see any of that traffic. I put mine up in my DMZ on a VM, but to be honest, I've not done much with it. But anyway, I try to keep the "dirty" traffic as far away from "clean" traffic as I can in the same way that I try to keep Steve Moffat as far away from my wife as I can. If there is no need for your traffic to be internal, then don't put it there. If you must, then lock that guy down as much as you can just like any other service carrying data that you do not control or trust. t >-----Original Message----- >From: listbounce <at> securityfocus.com [mailto:listbounce <at> securityfocus.com] >On Behalf Of im <at> anikin.us >Sent: Wednesday, January 12, 2011 9:28 AM >To: focus-ms <at> securityfocus.com >Subject: Tor > >Hello Everyone, > >What are the security implications of running a Tor relay on a machine behind(Continue reading)
With or without firewall, it's the same security issues. With a firewall, you have to open some ports, and run a service (Tor) on a computer. If you don't trust a computer program, but you want to run it for any reasons, it's better to isolate it from your private network and from sensitive data. Create a DMZ for Tor. Keep your firewall as closed as possible. Don't trust traffic behind your firewall coming from the computer running Tor. And keep in mind that you might be in black lists if you are running a proxy server. This can block you from having access to some servers. Just by exemple, google might ask you a gotcha for every query. -----Original Message----- From: listbounce <at> securityfocus.com [mailto:listbounce <at> securityfocus.com] On Behalf Of im <at> anikin.us Sent: Wednesday, January 12, 2011 12:28 PM To: focus-ms <at> securityfocus.com Subject: Tor Hello Everyone, What are the security implications of running a Tor relay on a machine behind a firewall? Is there a high probability of it being hacked somehow, and what does one do to prevent that? Thank you in advance for your time and advice. mailto:im <at> anikin.us(Continue reading)
RSS Feed