On Tue, Apr 24, 2018 at 2:10 PM, Hubert Hauser <hu...@mail.com> wrote: > I want to run a few Tor hidden services. My home network is behind a > carrier gateway NAT so I can't make server from Raspberry Pi. I consider > run Tor hidden services on VPS. What do you think about it? Is cgNAT > obstacle if I want to run Tor hidden services? >
A hidden service listens to connections from a Tor daemon. The recommended setup has both on the same machine, so the web service is only accepting connections from the machine it is run on. It does not need to be outwardly accessible. Tor will work even if you are behind NAT, assuming you do not run it in a mode where it accepts Tor to Tor connections or Internet to Tor connections. Running a hidden service on a VPS, assuming you are not breaking the laws in your jurisdiction, is likely the better idea. It will have higher bandwidth and if an attacker succeeds in resolving its location (which is possible to do and rather easy) they will get a datacenter, not your neighborhood. If you are breaking laws in your jurisdiction of residence I would highly recommend moving. Whether or not it is a better idea to self-host in this case is a tossup. On one hand, if you self-host and the authorities resolve your hidden service's location, they get you, but you may have a chance to destroy evidence. On the other hand, if you VPS-host and the authorities resolve your hidden service's location, they may subpoena the datacenter and get your details and also the information on the server. Cheers, R0b0t1