Karsten Loesing <karsten.loesing@xxxxxxx> wrote: > > In the documentation it tells you to set up an example hidden service > > pointing at google.com, eg: > > > > HiddenServicePort 80 www.google.com:80 > > > > I've just started looking at hidden services so I'm not exactly sure > > how they work yet, but if I'm correct, by setting that up and testing > > it surely you'll be connecting to www.google.com on port 80 from the > > server with your hidden service and doing a: > > > > GET / HTTP/1.1 > > Host: youronionaddress > > > > Wont that give google a map of Real IP -> Hidden service name? > > In fact, that is not the information you want to hide. The server that > is to be hidden may know which Tor node is actually hiding it. Hidden > services are meant to hide the locations of the servers (here: Google) > from others. The problem is that: http://tor.eff.org/docs/tor-hidden-service.html.en instructs the user to first test the setup with Google as hidden service, and then switch to the real on, using the same onion address: |Step Three: Connect your web server to your hidden service | |This part is very simple. Open up your torrc again, and change the |HiddenServicePort line from "www.google.com:80" to "localhost:5222". |Then restart Tor. Make sure that it's working by reloading your hidden |service hostname in your browser. Sounds like a pretty bad idea to me too. Fabian
Attachment:
signature.asc
Description: PGP signature