Author Topic: I want a Tor Server... (Read 325 times)

Wizard X · « **Reply #60 on:** December 01, 2011, 03:56:19 AM »

Host Intrusion Prevention System & Whitelisting software is used on web servers to protect from intrusion.

The Kernel of the operating system is where actually the software meets the hardware. Once the Kernel has been compromised, the underlying physical environment including all devices is under the control of the attacker.

Wizard X · « **Reply #61 on:** December 01, 2011, 09:49:28 AM »

Since Tails has IceWease browser (FireFox for Debian OS) the add-on Browser Server 0.7 can be installed for a quick temporary web server via TOR.

Debian were Iceweasel for Mozilla Firefox. http://wiki.debian.org/Iceweasel | http://tails.boum.org/doc/anonymous_internet/iceweasel/index.en.html

Browser Server 0.7 https://addons.mozilla.org/en-US/firefox/addon/browser-server/ Embed a server in your browser! This addon is a substitute to "POW Webserver". It lets you entertain files on your computer and let others surf to them.

Since ONLY TOR users can surf to your IceWease browser web server, on port 50000 - you can serve content. The Tor Vidalia, with "New identity feature" will allow a change of TOR IP when you stop Browser Server and want to change the TOR IP.

THIS IS NOT FOR A PERMANENT DEDICATED SECURE WEB SERVER - JUST TEMPORARY!!

nigluhS · « **Reply #62 on:** December 02, 2011, 03:22:10 PM »

Quote from: Wizard X on December 01, 2011, 03:27:18 AM

If the attacker HAS COMPROMISED YOUR WEB SERVER - It's more that likely further code uploading and execution can compromise the VirtualBox & Host OS.

I assume code uploading and execution can compromise anything running in RAM as well. The nice thing would be that it all goes away with a power down. I have to bring myself up the curve on quite a few things, but I still think the idea has some merit.

Vesp, have to tried to go through that hidden services for newbie doc? I started here:

hxxp://tor2web.org/config

I emailed them asking about some of the missing very important files. I actually got a response from Aaron Swartz.

he only gives out tor2web.org.crt & tor2web.org.key when they trust people to run an official site. Not entirely sure what that means, but I assume once folks start getting connected/playing around they have some way of testing your setup. Who knows.
He suggested in the mean time using self-signed certificates from here:

hxxp://www.akadia.com/services/ssh_test_certificate.html

I never hosted anything outside of windows server, so I was at square one with apache yesterday. I am going to dive into this today:

hxxps://www.torproject.org/docs/tor-hidden-service.html.en

nigluhS · « **Reply #63 on:** December 03, 2011, 02:52:27 AM »

Paul Syverson Home Page
"I am a Mathematician at the Center for High Assurance Computer Systems (CHACS) of the Naval Research Laboratory (NRL)."

hxxp://www.syverson.org/

Vesp · « **Reply #64 on:** December 03, 2011, 03:12:54 AM »

I am starting to think the best way to do this is just with a TOR router.

https://trac.torproject.org/projects/tor/wiki/doc/Torouter and this... http://www.heise.de/tr/artikel/Tor-im-Router-1159154.html (needs translation, easy via chrome browser) and also this: http://www.geekosystem.com/tor-router/

There is a lot for me to look into... I keep running into other things but it seems like a Tor Router is the best solution to this problem, no?

Any disadvantages to the Tor Router? (besides it not being finished..)

Wizard X · « **Reply #65 on:** December 08, 2011, 05:29:47 AM »

UPDATE: Tails 0.9 + Apache httpd-2.2.21 (latest) + PHP php-5.3.8 (latest) FREEZES on a dual CPU with 2Gb of RAM. Further investigation is ongoing!!??!!

Author Topic: I want a Tor Server... (Read 325 times)

Wizard X

Re: I want a Tor Server...

Wizard X

TOR server via IceWease with add-on Browser Server 0.7

nigluhS

Re: I want a Tor Server...

nigluhS

Re: I want a Tor Server...

Vesp

Re: I want a Tor Server...

Wizard X

Re: I want a Tor Server...