Most hidden services use the standard port 80, like this:
address.onion
While other services are like this:
address.onion:8080
What do you gain by doing that?
***
To unsubscribe, send an e-mail to majord...@torproject.org with
Original Message
From: Orionjur Tor-admin tor-ad...@orionjurinform.com
Is it a bad idea to use an apache for a hidden serice?
Not at all. I'm actually recommending it over any other because it's complex
and has a lot of traps for you to fall into. That sounds ridiculous
When I supervise Tor's traffic, I see that it very often contacts nodes
which are directory servers. It's not like +/-2000 nodes change their
statuses that fast.
I wish there was a way to reduce this to like 1 time each day or even less,
because it adds a lot of unnecessary traffic, at least
, because
they're both on the same box.
I'm just thinking loudly here, I'm not pretending to be a wise guy nor
a specialist. I appreciate to be proven wrong and learn something new! :)
-Hikki
***
To unsubscribe, send an e-mail
To make side channel attacks more difficult, especially for those who
don't use virtual machines to run their hidden services, I was thinking
about using a hardware firewall between the Tor computer and the Internet modem.
The hardware firewall can do IP based blocking, meaning that you
can
Every now and then, when you start Tor, it searchers for relays/descriptors.
And I've heard that it does that every now and then while it tuns as well.
Does it get this list from a few static IP addresses that never change,
or does it pick randomly from thousands of IP addresses/dir lists out
Are there any extra options you could add in the torrc file to harden hidden
services from possible attacks?
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body.
Robert Ransom:
It depends on the VM software you are using.
I did find an interesting guide to setup a hidden service on this mailing list,
explaining how to setup Qemu on Ubuntu.
I prefer a free open source VM with the ability to run as an unprivileged user.
The title says it all:
Several people recommend running a hidden service from within a VM,
to prevent attackers from doing side channel attacks and reading off your
hardware components and serial numbers.
Then I heard that attackers can actually break out of VM's if they get root
access on it
Robert Ransom:
Also, if you haven't bothered to change your MAC address, an attacker
with any UID can read it using ifconfig; your hardware manufacturers
may have kept records of where the device(s) with that MAC address were
shipped.
I have heard of these attacks, like an attacker reading
Robert Ransom:
If your web server and all of the interpreters and programs it runs are
competently written, there is no way for an attacker to get root
access, or even run a shell command. Web applications and the
special-purpose interpreters they run on are often incompetently
written.
Robert Ransom:
The VM is optional *if* and *only if* an attacker cannot possibly get
root on your hidden service.
How do external attackers get root access on a Linux system, and how do they
then communicate with the system as root, like listing directories and
changing configuration files
Robert Ransom:
Only if you trust the hardware firewall/router. I wouldn't.
Okay so there aren't that many safe options to run a hidden service really,
if any at all?
***
To unsubscribe, send an e-mail to
Do you say that Ethernet cards may have backdoors built in, or did I
misunderstand that?
-
What if you put a hardware firewall router between the first computer and
the second:
[Server box with web server] - [Hardware firewall router] - [Gateway box with
Tor] - Internet/Tor entry node
There are a lot of discussions going on over at the Onion Forum, a Tor hidden
service board, regarding a possible attack on the Tor's anonymity and safety.
It's called classifier attacks and seems to be a high probability attack that
may in a way unmask the encryption used by Tor, and in
15 matches
Mail list logo
