[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Rumors of Tor's compromise



On Wed, Oct 26, 2011 at 07:28:24PM +0000, Orionjur Tor-admin wrote:

> It is very interesting for me, if I run hidden service on my remote
> server not for hiding it from external world but for increasing my
> anonymity in matter of managing that server (I usually connect to them
> using hidden service runnig on ssh-port), is it possible todeanonymize
> me if my server (any soft on it) will be compromised?! Not of
> localiztion of my server but loclization of me, its admin?

I recommend running a somewhat hardened operating system (Linux, *BSD,
especially, virtualized (jails, virtual guests) to compartmentalize
services and contain potential compromises) and use low-resource 
high-performance web servers (e.g. nginx) and also
offer hardened web services (e.g. anything PHP is terribly difficult
to make water-tight, and many PHP developers are completely 
threat-ignorant, so caveat emptor).

There should be a FAQ/HOWTO for something like that.

-- 
Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk