[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Dutch police break into webservers over hidden services

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Dutch police break into webservers over hidden services
From: Gozu-san <gozu@xxxxxxxxxxxx>
Date: Fri, 09 Sep 2011 10:14:21 +0000
Delivered-to: archiver@xxxxxxxx
Delivery-date: Fri, 09 Sep 2011 06:14:47 -0400
In-reply-to: <4E69D008.8040302@xxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <20110901132454.GD21539@xxxxxxxxxxxxxx> <4E69A796.4070007@xxxxxxxxxxxxxxxxxx> <4E69D008.8040302@xxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

Alternatively, one could run Tor on VMs that can only access the
internet via OpenVPN-based "anonymity services".  OpenVPN clients can be
run on physical routers, with tunnels routed to physical LANs that lack
management access.  Even if attackers manage to compromise VM hosts,
getting real external IPs also requires compromising the routers.  One
can readily extend this approach using nested OpenVPN tunnels.

On 09/09/11 08:36, tor@xxxxxxxxxxxxxxxxxx wrote:

> Probably the safest way to run a hidden service is to do it from inside
> a VM.
> 
> Install Tor on the host OS. Configure up the Hidden Service on the host
> OS, but point it at the IP of the VM. Set up a firewall on the VM to
> prevent all other network traffic going in or out of it. Or
> alternatively use the TransPort functionality of Tor so all traffic
> leaving the VM goes through Tor.
> 
> If the webserver on the VM is compromised, they get access to the VM,
> but the VM shouldn't know its real IP address (just the NAT'd one), or
> anything else about where it is or who it belongs to.
> 
> You're still relying on there being no vulnerabilities in the VM
> software or the Tor software which allow an attacker to access the host
> system, but that sort of attack is much more difficult to pull off than
> compromising a web server, or any of the software being served by the
> web server.
> 
> For all we know, this was a simple PHP exploit that allowed the attacker
> to make a HTTP request from the target server to a host on the wider
> Internet, to discover its IP.

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Follow-Ups:
- Re: [tor-talk] Dutch police break into webservers over hidden services
  - From: Gregory Maxwell

References:
- [tor-talk] Dutch police break into webservers over hidden services
  - From: Roger Dingledine
- Re: [tor-talk] Dutch police break into webservers over hidden services
  - From: Orionjur Tor-admin
- Re: [tor-talk] Dutch police break into webservers over hidden services
  - From: tor

Prev by Author: Re: [tor-talk] Selecting exit node by state - possible?
Next by Author: Re: [tor-talk] Dutch police break into webservers over hidden services
Previous by thread: Re: [tor-talk] Dutch police break into webservers over hidden services
Next by thread: Re: [tor-talk] Dutch police break into webservers over hidden services
Index(es):
- Author
- Thread