Delivery-Date: Sun, 10 Jan 2016 13:25:32 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.4 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,T_DKIM_INVALID,T_RP_MATCHES_RCVD,URIBL_BLACK autolearn=ham
	version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 498CC1E041F;
	Sun, 10 Jan 2016 13:25:30 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 84C1D38A34;
	Sun, 10 Jan 2016 18:25:25 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 7985238A31
 for <tor-talk@lists.torproject.org>; Sun, 10 Jan 2016 18:25:21 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id ua35vsiKkUNa for <tor-talk@lists.torproject.org>;
 Sun, 10 Jan 2016 18:25:21 +0000 (UTC)
Received: from outbound.mailhostbox.com (outbound.mailhostbox.com
 [162.222.225.13])
 by eugeni.torproject.org (Postfix) with ESMTP id 600FE38A30
 for <tor-talk@lists.torproject.org>; Sun, 10 Jan 2016 18:25:21 +0000 (UTC)
Received: from [0.0.0.0] (exit1.ipredator.se [197.231.221.211])
 (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (No client certificate requested)
 (Authenticated sender: s7r@sky-ip.org)
 by outbound.mailhostbox.com (Postfix) with ESMTPSA id A1E821A1629
 for <tor-talk@lists.torproject.org>; Sun, 10 Jan 2016 18:25:38 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sky-ip.org;
 s=20110108; t=1452450339;
 bh=OvZWTm/3N+hzVxXfpYhHUknXBq4eKaOi1F9DHQQ3g+g=;
 h=Reply-To:Subject:References:To:From:Date:In-Reply-To;
 b=ijpgrotEUEv5PJSDpfT+gZo+cSivXWnX7ZEgvamHHqsMac4K5uW5T9AGJbGysOLPD
 pB054teVNXuYf6nY8yaB0C+bZVDSJiKIhAsQr2fDz7zqnnw/uDKMZoiROw83wKzvdi
 xczfWKdpDtNycf5t8g8zWazr/SC8kS5+8UGhDDCw=
References: <n6u1bd$lk2$1@ger.gmane.org> <n6u6mt$341$1@ger.gmane.org>
To: tor-talk@lists.torproject.org
From: s7r <s7r@sky-ip.org>
X-Enigmail-Draft-Status: N1110
Message-ID: <5692A207.5080309@sky-ip.org>
Date: Sun, 10 Jan 2016 20:25:11 +0200
User-Agent: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:38.0) Gecko/20100101
 Thunderbird/38.5.0
MIME-Version: 1.0
In-Reply-To: <n6u6mt$341$1@ger.gmane.org>
X-CMAE-Score: 0
X-CMAE-Analysis: v=2.1 cv=asYScXtV c=1 sm=1 tr=0
 a=3RdfeICwYiNjctjAWxQUyw==:117 a=3RdfeICwYiNjctjAWxQUyw==:17
 a=L9H7d07YOLsA:10 a=9cW_t1CCXrUA:10 a=s5jvgZ67dGcA:10 a=N659UExz7-8A:10
 a=rKyYCurFi2V_8klnNJEA:9 a=pILNOxqGKmIA:10
X-Scanned-By: MIMEDefang 2.72 on 172.18.214.92
Subject: Re: [tor-talk] Help me secure my setup
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Hello,

Periodic consensus downloads, as well as keeping always some fresh
circuits on the list in order to attach streams to when requested via
the SocksPort. In other words, not much traffic but not 0 traffic as well.

Related to your other questions, you might be using too much
complexity which is in most of cases not desired. To be frank I didn't
understand your goals and threat model...

If I were you I would just configure a good vpn on the server in the
datacenter (say openvpn for example with my own certs and everything)
and connect to the vpn first, then normally (no bridges) to Tor. This
will probably obfuscate some adversaries in learning that you are
using Tor from home.

Connecting to the VPN after you connect to Tor will provide you an
unique static exit point from the Tor network which will make you very
very distinguishable so I would not do that if I were you.

On 1/10/2016 8:08 PM, Oskar Wendel wrote:
> Oskar Wendel <o.wendel@wp.pl>:
> 
>> 1. Maybe I should run a private (unpublished) bridge on the
>> server and a tor client on my tor PC, that would be able to
>> connect only to the bridge (through a VPN)? This way, all
>> unencrypted traffic would never exit a tor PC. This PC is secured
>> enough to assume it's secure from being hacked into. It's also
>> encrypted and never left unattended.
> 
> Additional question: For an idling client (that is, a tor client
> that is connected, but nobody connects to its socks port), what
> network activity takes place? I can think only of periodic
> consensus downloads. Anything else?
> 
> 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (MingW32)

iQEcBAEBCAAGBQJWkqIHAAoJEIN/pSyBJlsRDOAH/0GtqJJnqfe9MQDc/SgYj5fZ
nq8KAoDJ69BIyh4HcrDlQ/Qnj7oYE99wrdG1W7ES6ho0PTBIkBAegT1KrspSqS9a
nrinEoi+3GDPTbhVoSsqKdfsDXXhEsOtCLMUHqeYw7n8Za1kfr/3uPGP4JxzQTu8
+uHJOEwpL/3Ma+8uL5qAoo1y695gvVkqmL3r/rgTdBB4NfY2s64UqGh92D4i6XuL
xbFvaxa5E0owupaCxdi6DHUd/+L9MToTJLMftpayIpUxhHT42BwtYucmZEk0FEyA
JWM+sJvOrf94TIcXvSSxipuhQmIb8Javp1R88VnrhJijVQdk2jRR88MyIZtZh1g=
=End5
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

