[tor-onions] Connection to a hidden service with a RFC 6455 web-socket - advice on risks please
Michael Jonker
michael at openpoint.ie
Tue Mar 6 19:27:32 UTC 2018
Thanks Alec,
I am wrapping my head around alot at the moment, yesterday was the first
day I had an onion service!
I am passing the information and links you have provided back to the
Bisq network engineers (this is unfortunately not where I am at).
They have asked me to ask here also if, when connected to a hidden
service, the circuit becomes "dirty" after default 10 minutes and resets?
On 06/03/18 18:55, Alec Muffett wrote:
> On 6 March 2018 at 17:54, Michael Jonker <michael at openpoint.ie
> <mailto:michael at openpoint.ie>> wrote:
>
> 2) Bisq 's infrastructural backbone runs as a P2P network over
> TOR network. Clients talk to each other and there are various
> hidden services providing network resources.
>
>
> At the risk of blowing my own trumpet, I tried writing up suggestions
> for hardening hidden services to preserve their anonymity:
>
> https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-production-onion-server.md
>
> ...although the above was written long before I got seriously into
> EOTK, and into the amazing benefits of using Unix-domain sockets to
> connect my webservers and tor-daemons.
>
> Aside: the benefits of Unix-domain sockets include:
>
> - massively increased resistance to socket-table-filling
> denial-of-onion-service attacks, and faster recovery times
> - (probably) lower latency
> - reduced (but not eliminated) risk of IP metadata leakage of internet
> address, etc, because less reliance on network addresses
>
> But between *that* document, and some of the tech in EOTK, there may
> be some useful hardening tips for you.
>
> - alec
>
> --
> http://dropsafe.crypticide.com/aboutalecm
>
>
> _______________________________________________
> tor-onions mailing list
> tor-onions at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-onions/attachments/20180306/e6d5b4a7/attachment.html>
More information about the tor-onions
mailing list