On Tue, Apr 24, 2018 at 2:10 PM, Hubert Hauser <hu...@mail.com> wrote:
> I want to run a few Tor hidden services. My home network is behind a
> carrier gateway NAT so I can't make server from Raspberry Pi. I consider
> run Tor hidden services on VPS. What do you think about it? Is cgNAT
> obstacle if I want to run Tor hidden services?
>
A hidden service listens to connections from a Tor daemon. The
recommended setup has both on the same machine, so the web service is
only accepting connections from the machine it is run on. It does not
need to be outwardly accessible.
Tor will work even if you are behind NAT, assuming you do not run it
in a mode where it accepts Tor to Tor connections or Internet to Tor
connections.
Running a hidden service on a VPS, assuming you are not breaking the
laws in your jurisdiction, is likely the better idea. It will have
higher bandwidth and if an attacker succeeds in resolving its location
(which is possible to do and rather easy) they will get a datacenter,
not your neighborhood.
If you are breaking laws in your jurisdiction of residence I would
highly recommend moving. Whether or not it is a better idea to
self-host in this case is a tossup. On one hand, if you self-host and
the authorities resolve your hidden service's location, they get you,
but you may have a chance to destroy evidence. On the other hand, if
you VPS-host and the authorities resolve your hidden service's
location, they may subpoena the datacenter and get your details and
also the information on the server.
Cheers,
R0b0t1
