Thanks Alec,
I am wrapping my head around alot at the moment, yesterday was the first day I had an onion service!
I am passing the information and links you have provided back to the Bisq network engineers (this is unfortunately not where I am at).
They have asked me to ask here also if, when connected to a hidden service, the circuit becomes "dirty" after default 10 minutes and resets?
On 06/03/18 18:55, Alec Muffett wrote:
On 6 March 2018 at 17:54, Michael Jonker <michael@openpoint.ie mailto:michael@openpoint.ie> wrote:
2) Bisq 's infrastructural backbone runs as a P2P network over TOR network. Clients talk to each other and there are various hidden services providing network resources.At the risk of blowing my own trumpet, I tried writing up suggestions for hardening hidden services to preserve their anonymity:
https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-productio...
...although the above was written long before I got seriously into EOTK, and into the amazing benefits of using Unix-domain sockets to connect my webservers and tor-daemons.
Aside: the benefits of Unix-domain sockets include:
- massively increased resistance to socket-table-filling
denial-of-onion-service attacks, and faster recovery times
- (probably) lower latency
- reduced (but not eliminated) risk of IP metadata leakage of internet
address, etc, because less reliance on network addresses
But between *that* document, and some of the tech in EOTK, there may be some useful hardening tips for you.
- alec
-- http://dropsafe.crypticide.com/aboutalecm
tor-onions mailing list tor-onions@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions