This is my TOR experiments: I was create some hidden services: Don't use standard port for SSH The server's uses a weak password in a virtual machine. Keep secret the hidden service address. Only tor can connect to the net.
2/3 server was scanned via SSL login bruteforce.
What is the way to know the non publicated hidden service address?
Somebody can download he HS descriptors from tor network?
On Fri, 15 May 2015 15:04:17 +0200 Liste listsmlm@tramacci.org wrote:
What is the way to know the non publicated hidden service address?
Somebody can download he HS descriptors from tor network?
Not download, but you can run a relay and hope that it will be used as Onion Service Rendevous.
A way to further protect yourself is setting up HidServAuth like detailed in https://www.void.gr/kargig/blog/2015/04/10/onion-service-authorization-cooki...
Sincerely,
Malte
-
Liste -
malte@wk3.org