I need your experience in restricting the Tor for use in an internal network. Normally, anyone who knows the IP address and Tor port can use it as a proxy:
I know that Tor itself does not have the ability to restrict based on username and password, what tool do you use to restrict based on username and password?
What do you do to limit bandwidth? For example, limit the bandwidth of a specific range of IP addresses.
I’m not going to suggest any specific action on your part. I’m assuming you have control over the internal network.
With DHCP you can assign specific LAN IP addresses to specific MACs and then only allow those IPs access to the Tor server using iptables of Linux. Of course there is MAC spoofing once the inside users know which IPs get Tor access. What kind of a crowd is in the internal network and how many? sounds like they are all black hat.
I’m not sure if iptables can limit bandwidth but you can search for that.
None of this has anything to do with Tor itself, it is all just networking.
I’m not sure if it’s possible in this case, but a VPN can be used to restrict access to services. By configuring Tor to only expose itself through the VPN network, only those connected to the VPN will be able to see it and use it.
For example, I use Wireguard to securely access my home server.
Thank you so much for your reply.
Is it possible to combine
Tinyproxy with Tor? It means that users connect to the Tor through
Tinyproxy servers, and then use these proxy servers to authenticate.
I somehow think this is related to post SocksPolicy scenario