On 28 June 2016 at 04:26, Ivan Markin wrote:
>
> Worth mentioning that there is a proposal [1] for "single onion
> services" (read non-anonymous onion services) exactly for the case when
> you want to get only cryptographic identity and not anonymity.
> At the moment you can setup an anonymous oni
For comments and suggestions:
https://github.com/alecmuffett/drafts-not-complete-not-tested-do-not-use/blob/master/production-ubuntu-onion-server.md
- alec
--
http://dropsafe.crypticide.com/aboutalecm
___
tor-onions mailing list
tor-onions@lists.t
I understand the desire to advertise the new feature, but - from a
communications perspective - understand that running the new Single Onion
code requires adoption of a core Tor daemon codebase which isn't even in
"stable" yet.
Facebook _are_ running Single Onions*, they're just nor running the 2.
I concur with the discussion so far; once you are into the multi-tor-daemon
deployments the "tuning" becomes rather organic.
I would look at network throughput on the tor nodes which are serving as
reverse-proxies, and correlate that against load.
Frankly: Facebook currently delivers its entire o
Hi All,
Yesterday I pushed this out to the world:
https://github.com/alecmuffett/eotk - The Enterprise Onion Toolkit
- currently EOTK works on OSX and could probably be coerced to run on
various Linux but I have not documented nor tested that yet.
The aim is that a site administrator can edit
On 3 February 2017 at 15:49, George Kadianakis wrote:
> Cool stuff Alec :) I have no OSX boxes around here so I can't get past
> 000-setup-osx.sh unfortunately.
>
I hope to have a Ubuntu equivalent in a few days, and you can then riff on
that.
BTW, is this tool designed to be useful mainly for
For anyone else who likes Raspberry Pi, I have added Raspbian
(Debian-derived) support.
Only lightly tested so far, and it requires a few minutes to compile nginx
& tor.
Do a "git pull" for updates, and check the manual / documentation updates
at https://github.com/alecmuffett/eotk/
-a
_
If you can drive a text editor, and ubuntu, you may like the following
document except with one proviso:
https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-production-onion-server.md
...the proviso is that it does *not* take you as far as setting up a WWW
server (Apache, NGINX) b
The current limit is 2 connections per IP address.
This affects single onion services, because they don't use guards.
Can you please make sure that you only have one or two Single Onion
Services on each outbound IP address?
I think the NYT is okay (separate IPs?) but if I understand this right,
I am not going to pretend that I fully understand the DDoS mitigations yet,
but experience at two jobs has taught me that at least three entire
countries essentially present themselves from behind small numbers of
heavily NATed addresses, so I hope that the mitigations are NAT-friendly.
ISTR that
Hi All,
I think I see the shape of the DDoS mitigations now, and to test my
understanding I'm going to try to recap/quote some of the thread as I
understand it; plus, I'll voice some of the questions which linger at
the back of my head.
Stuff where I am inferring (possibly wrongly) behaviour from
On 6 March 2018 at 16:55, Michael Jonker wrote:
> I have connected to my hidden service with RFC 6455 web-socket and feel
> like a kid in a candy store streaming API requests and return data back and
> forth at good, reliable speeds.
Yay! Good to hear news of new successes. I found websockets
On 6 March 2018 at 17:54, Michael Jonker wrote:
> 2) Bisq 's infrastructural backbone runs as a P2P network over TOR
> network. Clients talk to each other and there are various hidden services
> providing network resources.
>
At the risk of blowing my own trumpet, I tried writing up suggestion
Hi!
Try this:
https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-production-onion-server.md
-a
___
tor-onions mailing list
tor-onions@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
On 28 April 2018 at 12:31, Jason S. Evans wrote:
>
> 1. If you are a non-profit or some other org/person who doesn't care if
> visitors know who they are, but they want their visitors privacy to be
> protected.
>
Literally Facebook.
https://www.facebook.com/notes/protect-the-graph/making-connect
Hello All!
A friend was asking me what the current preferred tool(s) are for mining V3
onion addresses; I am aware of mkp224o but am dimly aware of something that
Yawning hacked-up a while ago; but I don't know of much else?
-a
--
http://dropsafe.crypticide.com/aboutalecm
_
On 10 June 2018 at 21:06, flipchan wrote:
> Why do u want to mine v3 addresses ?
>
It's a secret.
--
http://dropsafe.crypticide.com/aboutalecm
___
tor-onions mailing list
tor-onions@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/l
Not to put too fine a point on it: I would start by running an onion server
on a dedicated machine in a network enclave behind NAT and with
intentionally invalid hostnames, so that any/all metadata that might leak
in (say) Apache headers, is mostly useless; the NAT-internal network would
be 10.0.0.
Mike, have you observed the behavior I have seen, of it taking several
refreshes for the onion to start being actually used, and in fact
occasionally reverting back to clearweb for some fetches?
-a
___
tor-onions mailing list
tor-onions@lists.torproject.
On Sat, 22 Sep 2018, 00:26 Arlo Breault, wrote:
>
> https://trac.torproject.org/projects/tor/ticket/27502#comment:2
Awesome! Thanks, Arlo! Is there also a ticket open to work around Arthur's
discover that Firefox Private Mode (and therefore TBB all the time) buries
the surfacing of Alt-Used hea
On Sat, 22 Sep 2018, 00:33 Alec Muffett, wrote:
>
> Awesome! Thanks, Arlo! Is there also a ticket open to work around Arthur's
> discover that Firefox Private Mode (and therefore TBB all the time) buries
> the surfacing of Alt-Used headers?
>
Answering my
I've spent the morning pulling together a bunch of draft thoughts regards
the technical pros/cons of differing forms of site onionification;
thoughts, comments & feedback are warmly welcomed:
https://medium.com/@alecmuffett/different-ways-to-add-tor-onion-addresses-to-your-website-39106e2506f9
-
Hi All,
I'm just skimming Mahrud's patch at
https://github.com/mahrud/tor/commit/a81eac6d0c0a35adc6036e736565f4a8e2f806fd
...referenced from elsewhere, and also from the blog post:
https://blog.cloudflare.com/cloudflare-onion-service/
Luckily for us, the IPv6 space is so vast that we can enco
On Sat, 22 Sep 2018 at 19:28, Dave Rolek wrote:
> The circID is scoped under a given connection between adjacent nodes.
>
> A relay node maintains a mapping of circIDs for a circuit - mapping the
> forward and backward circID - for traffic it is relaying.
>
> So for a circuit ...
>client <-ID
Hey All;
I just got Alt-Svc to mostly-work for my blog at
https://dropsafe.crypticide.com/
Here's what I did, and why:
I set up a dummy interface on my blogserver (for rationale/instructions,
see link below)
$ grep osite0 /etc/hosts
> 169.254.255.253 *osite0.onion*
> $ ifconfig dummy0
> dummy0:
Summary of things that I have learned or experienced in the past 24 hours:
- YOU WILL NEED HTTP/2; the specifications suggest that Alt-Svc can run
over http/1.1 but Firefox/TorBrowser appears to ignore "http/1.1=..."
AltSvc protocol directives.
- If I am correct, this is a tragic shame; Alt-Svc o
On Sun, 23 Sep 2018 at 11:13, Alec Muffett wrote:
> - In my previous email, I cited a fragment of Tor config which I was using
> (0.3.4.8) to create a v3 Onion; I have stopped using v3 onions for the
> testing, for the moment.
>
> - I am not sure if it's something that I di
Possibly irrelevant aside: much as I love the theory of torsocks (and am in
a former life a big fan of LD_PRELOAD) - I latterly have given up on it and
swapped entirely to 'curl -x' and variations upon 'nc' to perform onion
testing; I just got fed up with version incompatibilities between the
libra
Thread at: https://twitter.com/AlecMuffett/status/1146909965589843971
--
http://dropsafe.crypticide.com/aboutalecm
___
tor-onions mailing list
tor-onions@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
Last week I was delighted to be invited to the British Computer Society
"OpenSource Specialist Group", where I presented: "Why & How you should
start using Onion Networking"
Now available for viewing: https://www.youtube.com/watch?v=pebRZyg_bh8
(caution:
it starts a bit loud, check your volume)
T
Hi!
How about this?
https://github.com/alecmuffett/real-world-onion-sites/blob/master/README.md#index
On Tue, 10 Dec 2019, 05:46 billhadler1970,
wrote:
> Hello everyone, I am new here and am wondering if there was a .onion with
> some other useful .onions on it that could be emailed to me. Lik
Lacking a decent keyboard at the moment, but I use this:
https://github.com/alecmuffett/real-world-onion-sites/blob/master/rwos-db.py
... it's a work in progress and I have yet to implement garbage collection
for the database, but it's not too bad.
-a
> Shell, netcat, poll descriptor and service.
> You don't need some grand architecture for simple shit.
>
And then you can write a webserver in awk and attach it to inetd via
openssl and set up a cronjob to scrape and publish the result to your
monitoring dashboard via sort, uniq, col and more awk
On Thu, 24 Sep 2020 at 13:33, Vasil Dimov wrote:
> Which creates a hidden service addrwhatever.onion. Later somebody
> connects to addrwhatever.onion:8333 and the tor daemon opens a TCP
> connection like 127.0.0.1:46153 -> 127.0.0.1:8333. Next, some other
> application (not the tor daemon) connec
>
>
> The use of different [address], dedicated only for incoming tor,
> is some workaround, but it has the obvious downside that if somebody
> manages to reach it and connect outside of tor, then the target
> application will perceive it as an incoming tor connection.
>
Hi Vasil!
The rest of the
On Sat, 18 Feb 2023 at 06:53, p13dz p13dz via tor-onions <
tor-onions@lists.torproject.org> wrote:
> At the level of the Onion protocol, it would be great to increase the
> number of intro points per descriptor to a higher number (say 10x from what
> we have today).
>
Speaking as someone who expe
Unless there is some new feature in the Tor demon to deep inspect new
connections, all of the subdomain functionality happens at the HTTP level
and so you will need to block that at your reverse proxy..
Connections over Tor are analogous to TCP connections, and the subdomains
are ignored. For mor
37 matches
Mail list logo