[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Dutch police break into webservers over hidden services

On 09.09.2011 08:36, tor@xxxxxxxxxxxxxxxxxx wrote:
> On 09/09/11 06:43, Orionjur Tor-admin wrote:
>> Very intresting what is the vulnerabilities they used for breaking systems?
>> In the lite of that facts I don't know what I need to advice my clients
>> - setting up hidden services on their home computers or on overseas
>> vdses? (My clients are not providers of child pornography but they are
>> fighters with tyrannical regim).
>> The first method is the best from the point of view of information
>> defense but the second method is the best for defense of persons of
>> operators of that services...
> Probably the safest way to run a hidden service is to do it from inside
> a VM.
> Install Tor on the host OS. Configure up the Hidden Service on the host
> OS, but point it at the IP of the VM. Set up a firewall on the VM to
> prevent all other network traffic going in or out of it. Or
> alternatively use the TransPort functionality of Tor so all traffic
> leaving the VM goes through Tor.
> If the webserver on the VM is compromised, they get access to the VM,
> but the VM shouldn't know its real IP address (just the NAT'd one), or
> anything else about where it is or who it belongs to.
> You're still relying on there being no vulnerabilities in the VM
> software or the Tor software which allow an attacker to access the host
> system, but that sort of attack is much more difficult to pull off than
> compromising a web server, or any of the software being served by the
> web server.
> For all we know, this was a simple PHP exploit that allowed the attacker
> to make a HTTP request from the target server to a host on the wider
> Internet, to discover its IP.

How I need to set my VM for thas purposes?
I use a VirtualBox under transparently torified user on host machine for
the most secure browsing in the Internet  but I cannot to get access to
that machine through ssh from my host machine inspite setting up
suitable port forwarding in VBox settings.
I think that the settings of my host firewall prevent that access.
So, I'll probably have such problem in the connection between my host
and guest machines if I set up a web-server on VM, and my hidden service
on my host.

tor-talk mailing list