Opened 12 days ago

Last modified 2 days ago

#31103 new enhancement

Support ORPort picking a random port that persists across restarts

Reported by: phw Owned by:
Priority: Medium Milestone:
Component: Core Tor/Tor Version:
Severity: Normal Keywords: network-team-roadmap-november
Cc: ahf, gaba Actual Points:
Parent ID: #30471 Points: 1
Reviewer: Sponsor: Sponsor28-can

Description

A bridge's transport port and OR port are semi-secret. We don't want a bridge to listen on port 9001 because it would facilitate Internet-wide scanning: a censor could scan the entire IPv4 address space for port 9001 and block all bridges they discover this way. We therefore encourage operators to not set ServerTransportListenAddr, which makes Tor pick a random port and write it to its state file, so it persists across restarts. Bridge operators can then whitelist this port in their firewall configuration.

Bridge operators may welcome a similar option for ORPort. However, when setting ORPort to auto, Tor attempts to find a new port each time it starts. This means that operators would have to re-configure their firewalls after each restart.

In the short term, we should instruct operators to pick their own ports and explicitly set them for both ORPort and ServerTransportListenAddr but in the long term we may want ORPort to be able to pick a random port and save it to Tor's state file.

Child Tickets

Change History (4)

comment:1 Changed 12 days ago by phw

Parent ID: #30471

comment:2 Changed 12 days ago by teor

Cc: gaba added

Gaba, this seems important, should we put it in the PT sponsor?

comment:3 Changed 2 days ago by gaba

Keywords: anti-censorship-roadmap-november added
Points: 0.51
Sponsor: Sponsor28-can

comment:4 Changed 2 days ago by gaba

Keywords: network-team-roadmap-november added; anti-censorship-roadmap-november removed
Note: See TracTickets for help on using tickets.