-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 05/27/2011 03:44 PM, [email protected] wrote: > On Thursday 26 May, 2011 06:44:19 [email protected] wrote: >> On Thursday 26 May, 2011 05:37:06 Eugen Leitl wrote: >>> Why don't you like Linux vserver? My relay did some 350 >>> GByte/day, in a vserver guest on a low-end Atom box. >> >> It must necessarily share the network setup with the host, and so >> the LAN class C since I can't set up the router downstream with >> multiple IPs. Not secure. Also it would have the same firewall >> settings, and that is not acceptable either. > > So nobody's actually thought about security for a relay and the need > for a relay to be in the same class C as the LAN in order to access > the router? What can be done?
You do not mention the threats you worry about and assets you care about (thread model + security requirements). In [1] you mentioned "can monitor traffic" and Marsh gave you already hints how to address this (VLAN, virtual host only networks) [2]. [1] https://lists.torproject.org/pipermail/tor-talk/2011-May/020441.html [2] https://lists.torproject.org/pipermail/tor-talk/2011-May/020442.html If you want specific answers you should pose specific questions. "security for a relay" is quite general. -----BEGIN PGP SIGNATURE----- iF4EAREKAAYFAk3fvvYACgkQyM26BSNOM7ZaRwD9GfFRAHgryR71FbrXTPJrind2 bWGwqZpSUsXeoOntdSwBAKD9Wrn86LjwLIvohlqCV4bZBPC9SjjxqLGIoKeUH9Zj =0Q8T -----END PGP SIGNATURE----- _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
