reconsidering default exit policy

Rod Begbie rodbegbie at gmail.com
Tue Mar 15 16:56:57 UTC 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tue, 15 Mar 2005 00:13:59 +0100, Thomas Sjögren
<thomas at northernsecurity.net> wrote:
> Maybe I'm naive but I assume that people read at least the torrc,
> they have to since they wanted to edit the server option.

Agreed.  In-line comments in torrc are the least-possible
documentation someone can read before becoming a tor exit node.

As a compromise, how about blocking 6667 and 80 in the default tor
ExitPolicy, then having in the supplied torrc:

# Port 80 (HTTP)   Administrators running routers with port 80 open
# have received abuse reports regarding Google Groups, and been
# added to the IP blacklist at Wikipedia
#ExitPolicy accept *:80

Easy to enable if you want to, and the server operator is aware of
the risk.

Rod.

- -- 
:: Rod Begbie :: http://groovymother.com/ ::

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBQjcT1Df2HVyMgMNfEQLeTwCg7ZajXlVBJHBI2soX+uDDpmYuR0cAnR8+
zynbNnJHBF4MdS2PteS9OJIS
=SlP9
-----END PGP SIGNATURE-----



More information about the tor-talk mailing list