-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I don't exactly understand your concern here so excuse me if my reply is off topic.
Doesn't matter if a Tor instance only handles a hidden service. Tor has built in client functionality end establishes some circuits, keeping them in case they will be needed. Even if you don't have a SocksPort enabled, built in client functionality will not be disabled. Also, a Tor instance running a hidden service will also open other types of circuits besides rendezvous, such as introduction points circuits and circuits needed to publish descriptors to the HSDirs responsible for the hosted hidden service. So, it's normal for you to see in your Tor client -> guard -> relay -> exit circuits and it is not a threat to the anonymity of your hidden service, and no, it's impossible for an exit (or a client, or any other relay/bridge) to connect to your hidden service without using a rendezvous circuits. There are other aspects to consider in your hidden service if you fear such leaks, such as: can an attacker game the application hosted on the hidden service in order to make arbitrary requests to a clearnet address? can an attacker game the application hosted on the hidden service in order to find out relevant info about its internet connectivity, public IP address or other connection related information? This won't be related to Tor anyway, it requires hardening and much reading of opsec documentation. torproject.org and tails.boum.org as well as whonix.org have some great articles about this topic - do read. On 7/20/2015 9:06 PM, me wrote: > My primary question is about the established "exit circuits". > > If the exit circuits are established, as they are by default, can > an exit node initiate contact with my HS without ever going through > a rendezvous or even knowing the onion address by simply using the > pre-established circuit? > -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQEcBAEBCAAGBQJVraPyAAoJEIN/pSyBJlsRoFEH/03vNN5NA3wPfUc8/5g+YfLW t1ipU6C4NRO45y15WWrGQO1NT5Da644+8OCyn88PoQKW9pH/UAIWS9jqZYwJKurI ACyeR94aimRyx+pKnlNNN6R+VxCa2O/pbhf5+NWRneqnAxCpnJ7qZzMGnT50QFli q+aWKMx7LlP6R1LKyl9WLVDbYXJT2xoAuF0tAclWT7UTdxuRMcSGUxFcYJq6AAdS TKWEvs7ye8x0/8QmMX+wrePCF54/IV9PD+y5xJ7Xq41vAa+3eHHqonFUO+BpOvsD ly19t47ZUj0x78RQQ6+hJFnDVoka09MJt/QAykFfm6GhZSLf3PafjDx9mx+LZnA= =bGP7 -----END PGP SIGNATURE----- -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
