[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Hidden service security w. Apache/Win32

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Hidden service security w. Apache/Win32
From: Gozu-san <gozu@xxxxxxxxxxxx>
Date: Sun, 19 Feb 2012 17:08:27 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Sun, 19 Feb 2012 12:04:13 -0500
In-reply-to: <1Rz6E3-000Fdr-HE@xxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1Rz6E3-000Fdr-HE@xxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

It would be very dangerous to use Windows in any way for running hidden
services!  Run Linux and VirtualBox on your host machine.  Ubuntu is
probably best if you're new to Linux.  Have your host machine access the
Internet through a reputable multi-hop VPN service, and firewall it to
prevent leaks.  That way, even if something goes wrong with your Tor
setup, you're not leaking from your real IP address.  Run Tor on a
router VM, as a transparent proxy, and run Apache on a Linux VM.  LAMP
setup in Ubuntu is trivial.

If you need Windows, it would be best to use another machine.  If you
must use the same machine, run Windows as a VM.  In that case, you'll
want to use a gateway VM (e.g., pfSense) for your VPN connection
(firewalled to prevent leaks).  That way, Windows won't be advertising
the same IP address that Tor is using.

On 19/02/12 12:50, Fred Toben wrote:

> Hello Everybody
> 
> I am in the process of setting up a hidden service with Apache
> 2.2 under Windows.

SNIP

> Or is Windows an absolute no when considering running a secure
> hidden service?

SNIP
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Hidden service security w. Apache/Win32
  - From: Fred Toben

References:
- [tor-talk] Hidden service security w. Apache/Win32
  - From: Fred Toben

Prev by Author: Re: [tor-talk] Cannot finish handshake with directory server (Kazakhstan)
Next by Author: [tor-talk] Changing IP addresses
Previous by thread: Re: [tor-talk] Hidden service security w. Apache/Win32
Next by thread: Re: [tor-talk] Hidden service security w. Apache/Win32
Index(es):
- Author
- Thread