User Controls
Setting up a hidden service.
-
2016-10-01 at 3:04 PM UTCIf you know how to set up a web server and some type of web app, like a forum or what have you it might be more cost effective to just make a hidden service instead of paying for hosting and a domain name.
Here are a couple of articles to help with that.
https://www.torproject.org/docs/tor-hidden-service.html.en
https://riseup.net/en/security/network-security/tor/onionservices-best-practices
Now i was entertaining the idea of hosting a deepweb infosec forum or more general forum. Without CP(Preferably) since i am not confident enough with my skills as system administrator and OPSEC ninja to do so. However what i would like would be to use this thread to discuss best practises, general security considerations when hosting any type of web service locally deepweb or clearweb and web app security from a defensive standpoint. Are there any solutions that you like? Is there such a thing as "security out of the box" or do we need to be in general, more intelligent in terms of web dev and design for security? I think we should. Please let me know what you think. -
2016-10-01 at 4:41 PM UTCWe should exit node raid a DNM vendor and take em for all he's got. PI threats for bitcoin.
-
2016-10-01 at 4:51 PM UTC
We should exit node raid a DNM vendor and take em for all he's got. PI threats for bitcoin.
This is probably harder than you imagine it to be. -
2016-10-01 at 5:16 PM UTC
This is probably harder than you imagine it to be.
Lets say I have unlimited funds and time though.
-
2016-10-01 at 5:22 PM UTC
Lets say I have unlimited funds and time though.
Do-able. -
2016-10-01 at 9:20 PM UTCLast night, feeling like shit, this very question crossed my mind. I read a couple articles discussing, two of which were the links you provided.
-
2016-10-02 at 3:58 AM UTCSo my server is now running a tor service and I have a .onion site, but how could I transfer request to/from the clear net? I have a service that allows me to redirect request to my domain to any ip/url on any port. Visitors to my site would most likely not be using tor.
-
2016-10-02 at 1:54 PM UTC
So my server is now running a tor service and I have a .onion site, but how could I transfer request to/from the clear net? I have a service that allows me to redirect request to my domain to any ip/url on any port. Visitors to my site would most likely not be using tor.
Clearnet mirror? I don't think it's possible to directly access an onion from the clearnet, for one, there is no such thing as domain name resolution on the tor network. If you use the tor browser for instance to access a clearnet site the exit node makes the DNS request and this is how you can go from deep to clear but it doesn't work the other way around. -
2016-10-02 at 2:32 PM UTC
-
2016-10-03 at 7:16 AM UTC
-
2016-10-03 at 8:26 AM UTC
Here it is…
http://jlp4t5i2pvwdvkx3.onion:8080/
Can't connect for some reason. -
2016-10-03 at 2:39 PM UTCTry now. I'll leave it on for a little while.
-
2016-10-03 at 2:58 PM UTCInteresting.
-
2016-10-03 at 3:07 PM UTCIt's very slow and seems buggy though.
-
2016-10-03 at 5:04 PM UTC
It's very slow and seems buggy though.
It's running from an app I made on my phone. A customized NanoHTTPD. Also my internet connection isn't that great where I am at. I could probably make a whole forum that is just an app, or I could just run a server on my phone. But I like tge idea of my own custom server. -
2016-10-03 at 5:17 PM UTC
It's running from an app I made on my phone. A customized NanoHTTPD. Also my internet connection isn't that great where I am at. I could probably make a whole forum that is just an app, or I could just run a server on my phone. But I like tge idea of my own custom server.
I like that idea too, but yeah a bit more speed. Funny you should mention phones though because i was just thinking that you can get orfox and orbot on Android and run a hidden service from your phone as well. Was the purpose of the app you made to provide for secure mobile communication over the internet? Or was it more just a project to try a few things out? I think it's pretty cool if we could have our own deep web chat. -
2016-10-03 at 7:14 PM UTCI just did it for fun. Although a prepaid phone registered with fake info, running a hidden tor service, sounds cool.
-
2016-10-03 at 9:13 PM UTCCome join the chat. I think I'll turn it into a miniforum. Maybe three/four sections. With a full sign up and customizable user profiles.
-
2016-10-03 at 9:39 PM UTC
Come join the chat. I think I'll turn it into a miniforum. Maybe three/four sections. With a full sign up and customizable user profiles.
I'll see if you're there. -
2016-10-04 at 2:03 AM UTC
We should exit node raid a DNM vendor and take em for all he's got. PI threats for bitcoin.
you can only run exit node attacks against people using the clear internet via tor, not people accessing hidden services you mong
