[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Tutorials for providing Hidden Services?
- To: or-talk@xxxxxxxxxxxxx
- Subject: Re: Tutorials for providing Hidden Services?
- From: Ringo Kamens <2600denver@xxxxxxxxx>
- Date: Thu, 18 Dec 2008 16:28:47 -0500
- Delivered-to: archiver@xxxxxxxx
- Delivered-to: or-talk-outgoing@xxxxxxxx
- Delivered-to: or-talk@xxxxxxxx
- Delivery-date: Thu, 18 Dec 2008 16:29:07 -0500
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :x-enigmail-version:openpgp:content-type:content-transfer-encoding; bh=02Dvwd50Io2j7i+D+S57Ph8yt0lpHMd7B63KtP8gH4U=; b=XzJDp1WGQF2cT0bKRxCSdXaLUhXCr7bDo1EgLCPiNgjKfWmjek+VpkIKc+N/WxHO5y AQjP78qqCvlfsWiHqCEKIrm/QvCqKxsfoT6T16/ukzCf5EjFqL+l37/oxiFz3Z5lnLKn i52goMhTE3MVpRIJlePdJOHmNONyVhTgLUgYk=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:x-enigmail-version:openpgp:content-type :content-transfer-encoding; b=OwGGj/KqAqalYb/mt5xEVau5QQ1uIfEf+s/IAhl3cJyJTOxIa3e4+lVO6p7/jJiw9l hSpZI5lErNPqIM0ey6x+acTmToSQcSuaWuvvfHTuuCrUTyFrFPZtLa0/6yFAiRjla/eO CA74QnpBgt/8Sabz7FfCrC9E+LfofXJXNB8Hw=
- In-reply-to: <16515-34926@xxxxxxxxxxxxxx>
- Openpgp: id=2739044E
- References: <16515-34926@xxxxxxxxxxxxxx>
- Reply-to: or-talk@xxxxxxxxxxxxx
- Sender: owner-or-talk@xxxxxxxxxxxxx
- User-agent: Thunderbird 2.0.0.18 (X11/20081125)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
6cnf6cp02@xxxxxxxxxxxxxx wrote:
> Hi!
>
> I want to provide basic free anonymous blogging services using Tor's hidden services. Are there any tutorials for this, apart from the basic setup information on Torproject.org? More specifically, how can I stop my users from identifying my server? What do I have to pay attention to?
>
> How can I block connection attempts by Apache using my external network interface, eg. if the users execute scripts that contact external addresses? What information is exposed by environment variables, and how can I stop the user from reading them? For example, can I modify timezone/timestamps to obfuscate my server location?
>
> What settings do I have to change to fully remove Apache's IP logging to protect my users?
>
> Thanks,
> Daniel
>
If you're running a hidden service, you don't have to turn off Apache's
logging because it will all look like it's coming from Localhost. You
should start a guide on the NoReply wiki or maybe one of the hidden ones.
Ringo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFJSsCO6pWcWSc5BE4RAsCxAKCHn9uIVIAmd+Y1TLZaY+bI8hT7LQCgxNCG
4hVbEhYrgkaexSmDIC1QWqA=
=lz6G
-----END PGP SIGNATURE-----