[tor-talk] Making TOR exit-node IP address configurable

Fabio Pietrosanti (naif) lists at infosecurity.ch
Wed Mar 9 18:23:15 UTC 2011


Hi all,

i've been thinking and playing a lot about the various possible risk
mitigation scenarios for TOR exit node maintainer.

Now i need to be able to pass all web traffic trough a transparent proxy
in order to implement some kind of filters to prevent specific
web-attacks, web-bruteforce, etc, etc

One very interesting feature that's now missing from TOR and that would
need to implement such kind of proxying is to be able to bind the
TOR-exit traffic to a specific IP address.
That way would be possible to "mark" with iptables the TOR exit traffic
and just mangle this.

That kind of added feature would also allow a TOR exit node to re-route
the TOR exit traffic go away trough multiple interface in round-robin
for example, for multi-homed TOR routers.

Sounds to me like a small patch, but frankly speaking i'm not a c-coder.
Some volunteer?

-naif
http://infosecurity.ch


More information about the tor-talk mailing list