Delivery-Date: Fri, 08 Aug 2014 20:48:30 -0400
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id AFD3F1E06FE;
	Fri,  8 Aug 2014 20:48:28 -0400 (EDT)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id 6BCF72EBE0;
	Sat,  9 Aug 2014 00:48:24 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3FBB22432F
 for <tor-talk@lists.torproject.org>; Sat,  9 Aug 2014 00:48:19 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at eugeni.torproject.org
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id H1TyRaeeOtdo for <tor-talk@lists.torproject.org>;
 Sat,  9 Aug 2014 00:48:19 +0000 (UTC)
X-Greylist: delayed 563 seconds by postgrey-1.34 at eugeni;
 Sat, 09 Aug 2014 00:48:19 UTC
Received: from ruggedinbox.com (ruggedinbox.com [94.156.77.238])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id 0ADC820973
 for <tor-talk@lists.torproject.org>; Sat,  9 Aug 2014 00:48:19 +0000 (UTC)
Mime-Version: 1.0
Date: Sat, 09 Aug 2014 00:38:20 +0000
From: ml@ruggedinbox.com
To: tor-talk@lists.torproject.org
Message-ID: <bf685c8b06f43e103e1df464e4d9c400@ruggedinbox.com>
X-Sender: ml@ruggedinbox.com
Subject: [tor-talk] Three questions
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi sorry if wrong list.
Well first of all, thanks for developing and supporting Tor !!

We are trying to build a decent email service and have two questions 
that weren't able to answer on our own :)

1. when running a service as a hidden service, for example a web server, 
the client IP address is always 127.0.0.1.
Is there a way to have some more 'unique' information about the visitor, 
in order to mitigate a DDOS attack ?


2. when I connect to a hidden service, as a client, for example using 
TBB or ssh, does any of the nodes in the circuit know my final 
destination ?
Or Tor is so great that also the onion name is encrypted end-to-end ? :)


3. about connecting to ssh as a hidden service: many howtos explain to 
edit ~/.ssh/config and add a 'ProxyCommand' definition, for example this 
resource: 
http://unethicalblogger.com/2012/06/13/ssh-as-a-hidden-service.html
but we found that also torsocks (for example: torsocks ssh 
root@s4bysmmsnraf7eut.onion) works well.
We did some (simple) packet sniffing and analysis and weren't able to 
find any leak.
We prefer using torsocks because if you forget to add the ProxyCommand 
definition (thus trying to directly connect to the onion address), the 
onion address may be DNS leaked.

What do you think about using torsocks to connect to ssh as a hidden 
service ?


Thank you very much for your attention and sorry again if wrong list,
RuggedInbox team
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

