[tor-talk] layer 2 separation: relay in a Host-only network (was: EFF Tor Challenge)
CACook at quantum-sci.com
CACook at quantum-sci.com
Thu Jun 2 23:59:38 UTC 2011
On Thursday 2 June, 2011 15:45:04 tagnaq wrote:
> > At the end, you will have achieved Bridged networking, so why
> > bother?
>
> If your Host OS acts as a router your relay running in a VM won't be
> able to perform layer 2 attacks on your LAN as long as the VM can't
> compromise the Host OS.
This has merit.
And come to think of it, using Shorewall to masquerade the guest through the host, I could force all the guest's traffic to the router -only-.
I think with the guest running Debian SELinux it is unlikely to be compromised, so this may be a good solution.
Criticisms?
More information about the tor-talk
mailing list