Udo van den Heuvel wrote: >> Compare your graph and bandwidth settings with that of this randomly >> picked router: >> http://torstatus.blutmagie.de/router_detail.php?FP=611a96764577d2a2ff490666ba732382bae08bbc >> > > Yes, looks different. > But how come? > > How can I find out? Would a debug log be helpful? Please let me know. Udo
Hi, unfortunately Petname tool is not working on this site: https://slo-tech.com/ It says "unauthenticated", and I cannot change that. Any other solution? bye, Matej
On Thu, Jan 01, 2009 at 05:52:18PM +0100, matej.kovacic <at> owca.info wrote 0.2K bytes in 10 lines about: : unfortunately Petname tool is not working on this site: : https://slo-tech.com/ : It says "unauthenticated", and I cannot change that. That's what it is supposed to say until you give it a name. The assumption is that you use out of band methods to authenticate the cert is correctly assigned. And then you type whatever nickname you want to give it into the petname field. Should the slo-tech.com cert change, you'll receive a red box instead of green. -- -- Andrew
On Thu, Dec 18, 2008 at 06:24:46PM -0000, 6cnf6cp02 <at> sneakemail.com wrote 0.7K bytes in 10 lines about: : I want to provide basic free anonymous blogging services using Tor's hidden services. Are there any tutorials for this, apart from the basic setup information on Torproject.org? More specifically, how can I stop my users from identifying my server? What do I have to pay attention to? There is no tutorial that I know of. Each piece of software has different concerns and configurations to protect both your and your users anonymity. : How can I block connection attempts by Apache using my external network interface, eg. if the users execute scripts that contact external addresses? What information is exposed by environment variables, and how can I stop the user from reading them? For example, can I modify timezone/timestamps to obfuscate my server location? Just some thoughts. Run apache on localhost. Set the system time to UTC. Check the 404 page and such so that it doesn't give out the hostname. Run apache in a jail, etc. Run the jail/vm on a system without a public IP; such that if someone does break apache, they find the IP address is 192.168.1.2 (or some other RFC1918 scheme). : What settings do I have to change to fully remove Apache's IP logging to protect my users? Disable access logging. -- -- Andrew
On Thu, Jan 01, 2009 at 08:01:51AM +0100, udovdh <at> xs4all.nl wrote 0.3K bytes in 16 lines about: > Would a debug log be helpful? info level is probably good enough. -- -- Andrew
Does anyone here jail, sandbox or chroot the applications they use with Tor? I have been trying to adapt the Wiki's transparent proxy recommendations to a FreeBSD jail for the last couple weeks with no luck. What is the best way to isolate applications completely for use with Tor?
On Thu, Jan 1, 2009 at 6:56 PM, Adlesshaven <adlesshaven <at> embarqmail.com> wrote: > Does anyone here jail, sandbox or chroot the applications they use with Tor? >... What is the best way > to isolate applications completely for use with Tor? situations vary but my personal preference is for distinct virtual machines to run groups of applications and Tor separately. the main benefit this provides is stronger isolation from arbitrary execution and other exploits as well as providing a virtual network address that does not provide any hints about the topology or configuration of your internal LAN / Internet connection. being able to configure Tor'ified applications in freebsd jails would be useful though; i've only tried to do that (owner match) with iptables on linux though... best regards,
I think it was hdm that pointed out this link:
http://www.codefromthe70s.org/sslblacklist.aspx
From the page:
SSL Blacklist now detects and warns about certificate chains that use the MD5 algorithm for RSA signatures.
On Thu, Jan 01, 2009 at 05:52:18PM +0100, matej.kovacic <at> owca.info wrote 0.2K bytes in 10 lines about:
: unfortunately Petname tool is not working on this site:
That's what it is supposed to say until you give it a name. The
assumption is that you use out of band methods to authenticate the cert
is correctly assigned. And then you type whatever nickname you want to
give it into the petname field. Should the slo-tech.com cert change,
you'll receive a red box instead of green.
--
Andrew
Adlesshaven <adlesshaven <at> embarqmail.com> wrote: > Does anyone here jail, sandbox or chroot the applications they use with Tor? I'm running Tor and Privoxy in FreeBSD jails, Xorg applications (which probably pose a bigger thread) are running on the host system, though. > I have been trying to adapt the Wiki's transparent proxy recommendations > to a FreeBSD jail for the last couple weeks with no luck. I wrote about trans-proxy-tor running in a FreeBSD jail at: http://www.fabiankeil.de/blog-surrogat/2006/06/15/jail-experimente-mit-ezjail.html The text is in German but the only thing that really matters is the /etc/devfs.rules example to make /dev/pf visible in the jail. Nowadays I use Tor's TransPort option instead of trans-proxy-tor, but the configuration is pretty much the same. Fabian
RSS Feed256 | |
|---|---|
266 | |
373 | |
188 | |
323 | |
231 | |
269 | |
435 | |
475 | |
356 | |
364 | |
40 | |
200 | |
338 | |
291 | |
347 | |
485 | |
390 | |
335 | |
308 | |
409 | |
348 | |
283 | |
136 | |
255 | |
249 | |
314 | |
9 | |
17 | |
15 | |
40 | |
16 | |
4 | |
9 | |
6 | |
9 | |
18 | |
17 | |
20 | |
34 | |
28 | |
18 | |
8 | |
5 | |
179 | |
318 | |
405 | |
385 | |
132 | |
130 | |
149 | |
309 | |
196 | |
350 | |
286 | |
273 | |
199 | |
388 | |
180 | |
259 | |
251 | |
231 | |
222 | |
305 | |
513 | |
368 | |
337 | |
300 | |
469 | |
229 | |
249 | |
220 | |
234 | |
173 | |
418 | |
274 | |
228 | |
179 | |
253 | |
326 | |
407 | |
343 | |
129 | |
176 | |
373 | |
198 | |
187 | |
295 | |
149 | |
242 | |
285 | |
259 | |
397 | |
319 | |
143 | |
262 | |
148 | |
215 | |
165 | |
77 |
