[tor-talk] Hidden service security w. Apache/Win32

Gozu-san gozu at xerobank.net
Sun Feb 19 17:08:27 UTC 2012


It would be very dangerous to use Windows in any way for running hidden
services!  Run Linux and VirtualBox on your host machine.  Ubuntu is
probably best if you're new to Linux.  Have your host machine access the
Internet through a reputable multi-hop VPN service, and firewall it to
prevent leaks.  That way, even if something goes wrong with your Tor
setup, you're not leaking from your real IP address.  Run Tor on a
router VM, as a transparent proxy, and run Apache on a Linux VM.  LAMP
setup in Ubuntu is trivial.

If you need Windows, it would be best to use another machine.  If you
must use the same machine, run Windows as a VM.  In that case, you'll
want to use a gateway VM (e.g., pfSense) for your VPN connection
(firewalled to prevent leaks).  That way, Windows won't be advertising
the same IP address that Tor is using.

On 19/02/12 12:50, Fred Toben wrote:

> Hello Everybody
> 
> I am in the process of setting up a hidden service with Apache
> 2.2 under Windows.

SNIP

> Or is Windows an absolute no when considering running a secure
> hidden service?

SNIP


More information about the tor-talk mailing list