Question about TOR and IIS - Also hello!

Tue Jan 15 16:00:22 UTC 2008

Roger!  Thanks!  I've read and re-read that document and I just finally
realized that the directory path I've been pointing it to was not correct.
LOL.  Man....no telling how much time I've spent on it being convinced that
it was the fact that I was on a Server 2003 boc\x and not a linux box.
Sigh.   Anywho....Once I had the hidden_service directory fixed in my torrc
file, it worked like a charm.

Following your suggestion, I have it pointing to port 81 rather than 80.  At
first, Vidalia ran my processes up to 50% CPU usage for a few minutes and
then went back down to the nominal 0-1% CPU usage.  Any ideas why this is
the case?

I'm currently pouring over how to leave the website and server anonymous.
Any suggestions on how to suppress information and how to poll IIS for
information?  I want to really button this thing up!

Thank you so much!

Chris

On Jan 15, 2008 10:19 AM, Roger Dingledine <arma at mit.edu> wrote:

> On Tue, Jan 15, 2008 at 10:10:32AM -0500, Chris Burge wrote:
> > Ok...I've been running a relay on Windows (XP, Vista and Server 2003)
> for
> > the past year.
>
> Thanks. :)
>
> >  I hope this is the right list I can post this on.  Either
> > way, I a m looking to become more involved with TOR
> > (donations/development/etc)
>
> https://www.torproject.org/donate
> https://www.torproject.org/documentation#DesignDoc
> are probably two good places to start.
>
> > given that none of the leading presidential
> > candidates (except Huckabee or Ron Paul who are both lagging in the
> > polls) in the US seem to be worried about privacy, Real ID and etc..
> >
> > I am now ready to try and run a hidden service on my Server 2003 box
> > (specificly IIS) but have failed miserably.  I'm stuck with IIS for now
> as I
> > have always been a Microsoft developer (hey brings food to the table)
> and am
> > not currently confident in running Apache at this time with IIS (only
> one
> > box at this time).  Essentially, I want to run IIS with a mixture of
> sites
> > using TOR and not using TOR.  I had imagined I would use my onion
> routing
> > address in the host headers of the site I want TOR packets to hit while
> > other sites would naturally take regular packets.  Does anyone have a
> clue
> > as to what I'm trying to do and how I might solve it?  I'm not
> interested in
> > moving to Apache at this time until I'm more confident with it and with
> a
> > cms such as TYPO3.
>
> The first thing I would worry about with one webserver that handles
> hidden services and "normal" websites is if somebody can connect to the
> hidden service website, ask for the real website, and get it. This lets
> an attacker guess-and-check about where your hidden service lives. In
> apache-land this is usually solved by listening on two different ports,
> and making sure to keep the two classes of sites separate in apache's
> mind. I imagine there's a way for IIS to do it too.
>
> https://www.torproject.org/docs/tor-hidden-service#three
> has a bit more discussion.
>
> If you get it working well and want to document what you did and why,
> that would be great. Hidden services haven't received much attention
> over the past few years in terms of writing tutorials.
>
> --Roger
>
>

-- 
Interested in selling your home?  Ask me!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20080115/ed7f8236/attachment.htm>