[Tor-BSD] OpenBSD pf rules...
Libertas
libertas at mykolab.com
Wed Nov 26 22:23:38 EST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Could that kind of filtering cause a noticeable increase in latency?
On 11/26/2014 10:12 PM, Seth wrote:
>
> Egress filtering is just applying the 'default deny' security
> philosophy to outbound traffic.
>
> Between the Tor ReducedExitPolicy and the various ORports used in
> the Tor network, the number of ports you need to open to make it
> work on a Tor exit node is pretty insane.
>
> Does egress filtering even offer any worthwhile protection at that
> point? I'm not knowledgeable enough to say.
>
> I chose to implement it partly out of 'default deny' dogma and
> habit, partly for the challenge,
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJUdpk5AAoJELxHvGCsI27NOS0P/ibzt0G/SLA+7KsJLtykUHS+
n2YuEfvQhfRF2bxF1xNJBfqIABA2XAmSjn+lmmzTScUhDpxYKYx22rmXYcp1WMW7
HDaXFHc3Y1Samx6a1xFR4IQ4P8m/QHBQvfAwTjhMoD2suLvZTK2TeCocxv+LT5Ui
Px55vUesE+VKeIo6F1svCLY6PiJ4bicn3c5ZrplqfooezjVfid7wD1udgWAiTdGn
Pfcvvew8PI5dLbbMj5YseERL96SWqrPfAQSOZy2ywcNefTGvQ1QTkbALQs2f+Nim
BoCjuBFDOrPcP5D9dbcQvOamCkO8gNbumykJvY1tapJO+TJ4LcZaRv89tuX/lDtX
bGjOJiwvcX1mdGrPpPTQc/4jHLjWjH5IeUxshPJrTfaOmzhvqlSUA6fml035Wg8Y
+gKt5ZHeyj2bBxDHZAkHMMB+vYFbQN3UZHsKZ5EgrUDfkMujpeQE8ItLJCB6cFbf
2VdQm4QPGrIDz7FUMt6l+YqbNnAYsttI9MNB8dvHCWxzvCWHAUCvEE9ACjyp2LM+
04oL7i1Ot6Ec9/vcnudjW6RM4O5YyvBUUG0W8nl0/3eH3+itmZkIpOPyOqVmxFji
GQF/8oe2L3YCp9CnYxWeznXOtB7c2fok9/6r1xb+6XE5/fCntyP5TibOcYOUO00w
rnp5w6z3I805E0dXJJaH
=UEvm
-----END PGP SIGNATURE-----
More information about the Tor-BSD
mailing list