I posted this on StackExchange before I found your mailing list. Re-asking here for a more authoritative answer.
My question is about how TOR handles routing of traffic. Here's the situation: User has laptop1 and server1 on a LAN. The server runs a hidden service (say a webserver) sharing over TOR only, i.e. open to localhost only, at xxyyzzaabbcc.onion. The server allows TOR proxy connections from the LAN.
If the user points configures his laptop to use server1:9050 as a proxy and navigates to xxyyzzaabbcc.onion, does the local TOR instance on server1 recognize that traffic as local and simply forward the request to localhost, or does the traffic first go out over the TOR network, then back to server1's localhost to get to the webserver?
Put another way, if someone on the LAN uses server1's proxy to access that proxy's hidden service, does the traffic stay local?
one could argue that in my example traffic is essentially local to the server itself, similar to a user on the server accessing a service on the server, and that there is an arguable decrease in security by traffic going out through TOR nodes and returning because it increases the attack surface of the traffic. I’m curious what the pros think about this scenario, however.
Thank you for your time
Hi,
You may have better luck getting an answer to this question on the tor-talk mailing list instead.
Thanks,
Pili — Project Manager: Tor Browser, UX and Community teams pili at torproject dot org gpg 3E7F A89E 2459 B6CC A62F 56B8 C6CB 772E F096 9C45
On 17 Feb 2020, at 23:37, Michael Robinson tor-mailing-list@felinefamily.org wrote:
I posted this on StackExchange before I found your mailing list. Re-asking here for a more authoritative answer.
My question is about how TOR handles routing of traffic. Here's the situation: User has laptop1 and server1 on a LAN. The server runs a hidden service (say a webserver) sharing over TOR only, i.e. open to localhost only, at xxyyzzaabbcc.onion. The server allows TOR proxy connections from the LAN.
If the user points configures his laptop to use server1:9050 as a proxy and navigates to xxyyzzaabbcc.onion, does the local TOR instance on server1 recognize that traffic as local and simply forward the request to localhost, or does the traffic first go out over the TOR network, then back to server1's localhost to get to the webserver?
Put another way, if someone on the LAN uses server1's proxy to access that proxy's hidden service, does the traffic stay local?
one could argue that in my example traffic is essentially local to the server itself, similar to a user on the server accessing a service on the server, and that there is an arguable decrease in security by traffic going out through TOR nodes and returning because it increases the attack surface of the traffic. I’m curious what the pros think about this scenario, however.
Thank you for your time _______________________________________________ tor-community-team mailing list tor-community-team@lists.torproject.org mailto:tor-community-team@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-community-team https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-community-team
tor-community-team@lists.torproject.org