[tor-talk] Yet another Tor failure - DanWin1210.me Hosting hacked

bo0od bo0od at riseup.net
Sat Nov 17 00:31:00 UTC 2018 

or use Qubes OS , its useful with some knowledge about it to make it
great OS for hosting (i didnt test that for web hosting , but
theoretically possible).And more secure than docker or plain debian or
bsd ...etc.


Mirimir:
> On 11/15/2018 10:23 PM, Daniel Winzen wrote:
>> Hello,
>>
>> yes my server got hacked. How - I do not know yet and I will need to do
>> an extensive analysis. I did indeed not maintain backups, partly for the
>> reason that users should have the right to be forgotten immediately when
>> deleting their accounts. Around 1TB of data is gone.
> 
> Hey, sorry about that :( And I do got your point about backups.
> Although, in retrospect, a backup setup with relatively fast rotation,
> and thorough deletion of old backups, would be prudent.
> 
>> The scripts are open source and anyone who would like to build something
>> similar is welcome to do so. However you should note there might be a
>> risk of getting hacked too in case the vulnerability is hidden in those
>> scripts. I will re-instantiate my hosting only after the vulnerability
>> is found and fixed. https://github.com/DanWin/hosting/
> 
> As I said, shared hosting is a security nightmare. As I understand it,
> you're depending on not much more than permissions to protect users from
> each other. And in that situation, it's not _that_ hard for a skilled
> hacker to get root, and do what they like.
> 
> If I were going to attempt such an .onion hosting setup, I'd use a
> couple levels of isolation between users. But first, I'd use LUKS with
> dropbear for server FDE. It ain't perfect, but an attacker would need to
> take some care while impounding the server.
> 
> Basically, I'd setup several KVM domains, to help limit damage from a
> compromise. Within each domain, I'd put each website in a Docker
> container. Given a custom Docker-optimized kernel for the host, and XFS
> storage, it's possible to set hard limits on CPU, RAM and storage for
> each Docker container.
> 
> Docker containers rely on kernel namespaces and cgroups. That's not as
> secure as using full VMs, but _far_ lighter. And _far_ more secure than
> chroot, which many shared-hosting setups still rely on. Alternatively,
> one could use FreeBSD jails, and maybe that can also work with Docker.
> 
> Anyway, if you're interested, I'd be happy to help. I'm just a hobbyist,
> and totally self-taught. I mostly just use shell scripts. And I lack the
> patience and organization to actually operate a shared-hosting site.
> 
>> Any updates will be posted on my front page: https://danwin1210.me/
>>
>> Regards,
>> Daniel
>>
>> On 16/11/2018 06:13, Mirimir wrote:
>>> On 11/15/2018 09:52 PM, torify at secmail.pro wrote:
>>>> DanWin1210.me hosting service was hacked.
>>>> https://danwin1210.me/
>>>>
>>>> All Tor Onions are dead.
>>>
>>> I guess that he didn't maintain backups :(
>>>
>>> Maybe some of those .onion owners did, though.
>>>
>>>> FH1: Unknown
>>>> FH2: Took down by FBI
>>>> FH3: Unknown
>>>> Danwin1210: Ripped by Anonymous
>>>>
>>>> Now where is "Freedom Hosting IV"?
>>>
>>> Shared hosting is a security nightmare. Just sayin'.
>>>
>>>> And why so hate on Tor Onion service?
>>>
>>> This was just for lulz, no?
>>>
>>
>>
>>

More information about the tor-talk mailing list