reconsidering default exit policy
Thomas Sjögren
thomas at northernsecurity.net
Wed Mar 16 12:47:10 UTC 2005
On Tue, Mar 15, 2005 at 11:56:57AM -0500, Rod Begbie wrote:
> As a compromise, how about blocking 6667 and 80 in the default tor
> ExitPolicy, then having in the supplied torrc:
>
> # Port 80 (HTTP) Administrators running routers with port 80 open
> # have received abuse reports regarding Google Groups, and been
> # added to the IP blacklist at Wikipedia
> #ExitPolicy accept *:80
>
> Easy to enable if you want to, and the server operator is aware of
> the risk.
Personally, I dont think blocking port 80 or 6667 should be default and
that your text is a bit to much info to add to the torrc.
A notice on where to find the default exit policy has been added to torrc
in the cvs (http://archives.seul.org/or/cvs/Mar-2005/msg00073.html).
What dou you think of adding another example?
#ExitPolicy reject *:80 # deny http, otherwise use the default policy
/Thomas
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20050316/8579bd8c/attachment.pgp>
More information about the tor-talk
mailing list