[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: The best way to run a hidden service: one or two computers?

To: or-talk@xxxxxxxxxxxxx
Subject: Re: The best way to run a hidden service: one or two computers?
From: katmagic <the.magical.kat@xxxxxxxxx>
Date: Sat, 18 Sep 2010 13:35:51 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sat, 18 Sep 2010 13:36:30 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:date:from:to:subject :message-id:in-reply-to:references:x-mailer:mime-version :content-type; bh=P4wCfFY4En88dV3/TNz31I2jEtMRQ6ImCLt9q+pmTXs=; b=Lik8MnuYdqv9m3tExyOFCcQ/py4d1ax7Z4P//l0uXBeFtBml6s/KhfZrvRJ+zJ58ee TCBWeEBxKROk8hWB02JfOriEJ6tSV3AaRdw3Q9tvBUX/M8TzHJVAY2/TEQ7tAoBdG1lV WIIBdeznnvEkNW+8pSFrQ/r1+sRz4NrUBIBgA=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=date:from:to:subject:message-id:in-reply-to:references:x-mailer :mime-version:content-type; b=G3S/IPKdO+GuVofTAwkLGy4Iv6vRHraHHq9DrekrxRaVDmlNt77Y9HWkaSA+L9N0Sg 2bE3G1ATjFtaTSXuVe5BgSHjo3313LZQ+h+LwZvCNagOwOgH9SIoB5Nw1xgDbUqottIK NhqX81vaUqzOLXChIdYtg+sGjFJINrgVp7QUc=
In-reply-to: <N1-m0I9y7QkOJ@xxxxxxxxxxxxx>
References: <N1-m0I9y7QkOJ@xxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx

On Fri, 17 Sep 2010 16:36:16 -0400
hikki@xxxxxxxxxxxxx wrote:

> Robert Ransom:
> 
> > Only if you trust the hardware firewall/router. I wouldn't.
> 
> Okay so there aren't that many safe options to run a hidden service
> really, if any at all?
> ***********************************************************************
> To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
> unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/

The router issue is only relevant if you're exploited, and if you're
running a firewall, get exploited on the root level, too. I'd look into
privilege separation software if you're really serious about security,
specifically AppArmor and SELinux, or systrace if you're on *BSD.
(AppArmor is much simpler than SELinux, though SELinux is probably more
powerful. Personally, I like systrace the best.) Just make sure you
update frequently, and you'll probably be good. :-)

--
more than just a leitmotif
PGP Key ID: 33E22AB1

Attachment: signature.asc
Description: PGP signature

References:
- Re: The best way to run a hidden service: one or two computers?
  - From: hikki

Prev by Author: VisiTor - or: a script to tell you how many of your users are probably Tor users
Next by Author: Re: gratuitous change blocks upgrade to 0.2.2.15-alpha :-(
Previous by thread: Re: The best way to run a hidden service: one or two computers?
Next by thread: Re: The best way to run a hidden service: one or two computers?
Index(es):
- Author
- Thread