Re: [tor-talk] Secure Hidden Service (was: Re: ... Illegal Activity As A Metric ...)

[coderman]

> the list goes on, and on, ...

https://code.google.com/p/pentest-bookmarks/

https://code.google.com/p/pentoo/wiki/BookmarksList
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Secure Hidden Service (was: Re: ... Illegal Activity As A Metric ...)

[coderman]

On Wed, Jun 25, 2014 at 11:50 PM, Tor Talker  wrote:
> 
> More to the point, do you have specific concerns regarding the 
> Linux/Tor/Apache/Perl stack we are using?  We do sanitize error messages to 
> prevent Apache from leaking system information, but that's really the only 
> special effort other than maintaining good overall system security.


i never use apache, php, perl. i use custom built nginx against custom
built dependencies to front custom python/c++ web services.

these hidden services have never been compromised, but they're also
not designed like most web services. (i have used bounties in the past
to attract scrutiny, but to be fair "never been compromised" is also a
pretty poor metric for security or privacy. this is more a sanity
check.)



> What sort of vulnerabilities would you expect to see?

i've seen vulnerabilities in configuration, where insecure options
enabled by default allow local execution and privilege escalation.

i've seen vulnerabilities in implementation, where poor coding implies
errors around authorization or authentication.

i've seen vulnerabilities in database communication, where failure to
sanitize inputs leads to complete compromise.

the list goes on, and on, ...


building secure systems is hard.  Tor is pretty hard, but the things
people run across it much less so; double for hidden services.



trying to remain anonymous while hosting an average site on a hidden
service?  this is difficult.

trying to remain anonymous while posting and chatting and otherwise
practicing horrible opsec?  this is near impossible.


last but not least, the entire premise of this thread is around
blatant, public illegal behavior brazenly displayed being
discover-able through search and publication - the sites that practice
good privacy aren't spamming their links everywhere.  by definition,
the original survey is collecting only the worst run sites.



too much thought wasted on this thread already.

best regards,
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

Re: [tor-talk] Secure Hidden Service (was: Re: ... Illegal Activity As A Metric ...)

[Andreas Krey]

On Thu, 26 Jun 2014 00:50:29 +, Tor Talker wrote:
...
> > enough to do it securely enough. Also, hidden services are far more
> > vulnerable than Tor users, simply because they serve stuff.
...
> What sort of vulnerabilities would you expect to see?

Problem: Your hidden server can be made to talk by accessing it
(which is not the case for tor clients). Thus correlation attacks
are possible if you have access to the bandwith data of a server
you suspect to be a hidden service. Also the downtime of a hidden
service could be correlated with obtained downtimes of IP addresses
of machines at usual hosting providers (or elsewhere; apparently
pinging the entire v4 internet is quite feasible nowadays).

Which means it might be advisable to run the hidden service in
multiple instances (no load balancing thereby, though), and use
a rock-solid server and connection.

Andreas

-- 
"Totally trivial. Famous last words."
From: Linus Torvalds 
Date: Fri, 22 Jan 2010 07:29:21 -0800
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk