Hey, I run some onion v3 services, some are also available in the "clear net", some only as onion services. I monitor[1] reachability of the onion services which results in quite some false positives, although I configured alertmanager to alert after > 1 hour (!) of failed connection attempts. I'd like to reduce these false positives and thought of using "UseEntryGuards: 0" to have circuits been rebuild more often. I'd only do this for the onion services which are also reachable in the non-tor internet and therefore their IP adresses are known anyway. I'd not do this for the onion-only services following the implications of https://freehaven.net/anonbib/#hs-attack06 .
Do you think this is a viable approach security/privacy wise or am I missing something? Any other suggestions? Thanks, f. [1] https://github.com/systemli/prometheus-onion-service-exporter -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
