[tor-bugs] #17142 [Tor]: allow remote portforwarding on exit nodes
Tor Bug Tracker & Wiki
blackhole at torproject.org
Fri Sep 25 13:25:10 UTC 2015
#17142: allow remote portforwarding on exit nodes
-----------------------------+---------------------------------
Reporter: iwtcitp | Owner:
Type: enhancement | Status: new
Priority: minor | Milestone: Tor: very long term
Component: Tor | Version:
Resolution: | Keywords:
Actual Points: | Parent ID:
Points: |
-----------------------------+---------------------------------
Comment (by iwtcitp):
if the exit node owns enough ip adresses it could redirect multiple
services with the same port. thats probably only affordable with ipv6 ips.
if only one ip is available then at least for tls connections with sni
several services could share one port. im not sure though if a connection
could be securely redirected without decrypting it.
if a user has to register his hidden server at a whitelist provider(using
email or captcha) and the hidden servers pull the list on a regular basis
then it would be like any other provider who provides free access to
limited resources. And that works most of the time. besides that the exit
nodes could also tell the whitelist provider who is using their ports so
users who use the same port on multiple exit nodes at the same time get
banned.
Since many services would probably be webservers who should use tls anyway
and since for most other services the availability of the default port is
not important, collisions should not be that frequent.
...yeah that sounds like a lot of work but its not intrinsically flawed.
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17142#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list