On Tue, May 13, 2014 at 8:27 PM, Tom Ritter <t...@ritter.vg> wrote:
> This seems very similar to the idea of having private exit nodes:
> https://www.torproject.org/docs/faq#HideExits

Tor daemon must of course know its exit OR ip's+ports via some
mechanism (currently, distributed consensus), or Tor would
not work. There is no such thing as private exits in that
context. Every anon protocol learns its own peers somehow.

Running OpenVPN terminators on your exit box on a different
ip than your tor exit is unrelated to Tor itself. It is an extra/enhanced
service relay operators would choose to provide on their own.

> It's also easy to enumerate Exit IPs not by scanning up/down, by just
> building a circuit through every exit node to a server you control,
> and looking at the originating IP.

Given that very few exit relays exit via an IP not in the consensus,
enemies of tor do not have to scan or build, they can just look at
the consensus. This is not relevant to the context of this proposal.
tor-relays mailing list

Reply via email to