Submitted 3 months ago by 4rkal@lemmy.world to selfhosted@lemmy.world
This is stupid. You’re still “connecting directly” to the instance. Your concern is about logging and traffic from your ISP being logged. This is the dumbest way to achieve this though, and reads as overly paranoid.
Just because you’re hanging one side out on Tor, does not mean your traffic isn’t logged. I don’t want to devolve into basic network operations, but this is stupid.
Plus, just connecting to Tor is very much a huge exposure imho. I’d use a VPN. Now, if I’m having a VPN, probably wireguard, why would I need Tor? Some providers grant you the ability to interconnect devices under your account. So, just run the VPN on the server. This is why I love NordLynx. It’s just like tailscale.
just connecting to Tor is very much a huge exposure imho
Exposure of what, to whom?
lol I would open every port on my router and route them all to wireguard before I would ever consider doing this
Take a look at netbird or tailscale
Nebula is what I am using
Isn’t it super slow to access via Tor?
Not necessarily. It can be, but it all depends on which nodes you get when you connect. If I end up on slow nodes I usually just reconnect, and it’s fine.
Why not port knocking over TOR?
ramielrowe@lemmy.world 3 months ago
If I understand this correctly, you’re still forwarding it a port from one network to another. It’s just in this case, instead of a port on the internet, it’s a port on the TOR network. Which is still just as open, but also a massive calling card for anyone trolling around the TOR network to things to hack.
just_another_person@lemmy.world 3 months ago
Didn’t see your comment until after I responded, but yes. This is what is happening. It’s stupid.
deafboy@lemmy.world 3 months ago
Luckily, it is no longer possible to easily sniff the new v3 addresses by deploying a malicious relay. Any attack to even reveal the existence of a hidden service would require a very specialized setup. And we’re just talking discovery, not the ability to connect and attack the actual service running there.