Delivery-Date: Fri, 02 Jan 2015 21:30:17 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,T_DKIM_INVALID,UNPARSEABLE_RELAY,
	URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 27C491E0AF2
	for <archiver@seul.org>; Fri,  2 Jan 2015 21:30:15 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id E66FA32987;
	Sat,  3 Jan 2015 02:30:11 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id 3EF3B32985
 for <tor-talk@lists.torproject.org>; Sat,  3 Jan 2015 02:30:08 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 355nDhwgb-GV for <tor-talk@lists.torproject.org>;
 Sat,  3 Jan 2015 02:30:08 +0000 (UTC)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id 00DD332571
 for <tor-talk@lists.torproject.org>; Sat,  3 Jan 2015 02:30:07 +0000 (UTC)
Received: from berryeater.riseup.net (berryeater-pn.riseup.net [10.0.1.120])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client CN "*.riseup.net",
 Issuer "COMODO RSA Domain Validation Secure Server CA" (verified OK))
 by mx1.riseup.net (Postfix) with ESMTPS id 1DB5041D1F
 for <tor-talk@lists.torproject.org>; Sat,  3 Jan 2015 02:30:05 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak;
 t=1420252205; bh=WISymKRgv8kwynu+y//5e6pbn/pvOIu0vDSoWQ/PKfg=;
 h=Date:From:To:Subject:References:In-Reply-To:From;
 b=rK31IYh69ZdsbefydvBgrqcKf2+XvAHaM3b78xer5DRP8/riFegbDRRYqzAZs5xXU
 ZE4giOnamqyrEdR4dy59ym67edWfr0yaQL6mLe8EH/mqiJojUASEQs2348oQwwwd1v
 1ErDUWRcRqhA0eV9nAhbiZS1uWYRZ6Rq17HXg9g0=
Received: from [127.0.0.1] (localhost [127.0.0.1])
 (Authenticated sender: thomaswhite) with ESMTPSA id 0E4DA41FBA
Message-ID: <54A75417.2000908@riseup.net>
Date: Sat, 03 Jan 2015 02:29:43 +0000
From: Thomas White <thomaswhite@riseup.net>
MIME-Version: 1.0
To: tor-talk@lists.torproject.org
References: <54A719CC.8080905@cni.net>
 <CAJaLD9Ko___=_EGaq=qSm95_v_N8XLEAi+oRF2Vcq1C025Eqow@mail.gmail.com>
In-Reply-To: <CAJaLD9Ko___=_EGaq=qSm95_v_N8XLEAi+oRF2Vcq1C025Eqow@mail.gmail.com>
X-Virus-Scanned: clamav-milter 0.98.5 at mx1
X-Virus-Status: Clean
Subject: Re: [tor-talk] Hidden Service Hosting (Free experimental, offer)
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Very similar to the setup I have in terms of using one virtual machine
as a Tor gateway for others to connect to via an internal network. My
concern is how well the model will scale and whether it can hold
multiple high traffic hidden services. I am looking around the config
options to see what can be optimised etc.

Question to the tor devs: In the torrc when setting "NumEntryGuards
NUM", does this specify how many guards may be used simultaneously or
only how many from a pool may be rotated between? Any input on how to
speed up the connection (losing a little location anonymity is fine
right now) for hidden services would also be appreciated :)

T

Xiaolan.Me:
> I am using another way to solve IP leaks problem. my host-os is
> CentOS and only installed VirtualBox I have 2 virtual machines
> running on the host-os the first one is a CentOS with 2 network
> adapter, one is NAT , another is Internal(ip: 192.168.222.1). it
> running Tor and ShadowSocks(bypass GFW) , Tor through ShadowSocks
> and listen on 192.168.222.1:9050 (Internal Adapter)
> 
> 
> Another is also CentOS and running apache, only one network 
> adapter(Internal ip:192.168.222.2) when this virutal machine wants
> to access internet , must set socks5 proxy to 192.168.222.1:9050 so
> even this VM gets hacked, the attacker still can't know the real
> IP....
> 
> 2015-01-03 6:21 GMT+08:00 Larry Brandt <lbrandt@cni.net>:
> 
>> I'm interested but a slow mover.  Work sometimes gets in my way.
>> I am putting together pages for a hidden site but I don't think I
>> can be ready to put it on line til month's end.  It will be a
>> legal site everywhere. This is a wonderful offer Thomas.  Hope
>> someone takes you up on it. Larry Brandt
>> 
>> 
>> Just wanted to point out that I think it's awesome Thomas is
>> doing this! Buy him a beer if you see him.
>> 
>> Tom
>> 
>> 
>> 
>> Thomas White schreef op 02/01/15 om 09:42:
>> 
>> Hey all,
>>> 
>>> So following my other mail, I just want to offer people on
>>> this mailing list a chance to test something out before I go
>>> into the wider public with it.
>>> 
>>> I have been reviewing some ways in which to offer "hosting"
>>> solutions for hidden services, and although there are ways to
>>> do like regular shared hosting environments by isolating users
>>> on an apache server for example, I feel a little experimental
>>> way to give people more freedom is to assign individual VPS's
>>> which are accessed via a separate .onion over SSH. For example,
>>> the HS address would be example1*.onion but to SSH into it, for
>>> security, would use a different address such as 
>>> sshaddress*.onion. This ensures no user of the service would
>>> know the true IP of the server it is hosted on and allows for
>>> shared environments without putting others at risk.
>>> 
>>> If anyone wants to test this out with me, I am offering the VPS
>>> for free for a few weeks/months so I can get the architecture
>>> right and fine tune the setup. All the traffic on the VPS is
>>> automatically routed through Tor so IP leaks won't be a huge
>>> problem, but of course you still maintain responsibility for
>>> the security of your machine and whatever you install on it.
>>> The use cases are unlimited but for obvious reasons it must be
>>> legal under British & Swedish law (feel free to ask beforehand
>>> but if it is legal I will defend it to the best of my
>>> ability).
>>> 
>>> If you'd like to take up this offer and try it out please email
>>> me privately (my key is below). I ask that if you wish to
>>> request one, please mention anything specific like RAM/CPU/Hard
>>> disk requirements (no bandwidth limitations) so I can
>>> appropriately assign them. For now unfortunately only debian
>>> installs will be available and nothing except sshd will come
>>> preconfigured on the VPS so if you aren't familiar with the
>>> command line on debian you may not find this useful. Also any
>>> custom onion address you want please keep it to 7 characters or
>>> below for now as my GPU is really on it's last limb after 
>>> generating over 1.4 million keys.
>>> 
>>> I offer no guarantees on the availability of this, nor do I
>>> take responsibility for it, this is an entirely experimental
>>> project and I am hoping any participants take up this offer to
>>> perhaps mirror/reverse proxy their blogs, or of course bring
>>> any interesting ideas to the table. All feedback on it is
>>> welcome too
>>> 
>>> Time to give these hidden services some lovin'
>>> 
>>> Regards, T
>>> 
>> -- tor-talk mailing list - tor-talk@lists.torproject.org To
>> unsubscribe or change other settings go to 
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
>> 

- -- 
Activist, anarchist and a bit of a dreamer.

PGP Keys: key.thecthulhu.com
Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983
Key-ID: 0CCA4983
Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0
Key-ID: EF1009F0

Twitter: @CthulhuSec
XMPP: thecthulhu at jabber.ccc.de
XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJUp1QUAAoJEFwqjFoMykmD41UP/1j6Zs07l7dAwW0fcXOe6qci
7S2VUEkcXVujm7g2QI+rdoz5FdnoFoXchd4J3Umx5LZ4sLrGwORWW/gAjSnUw59s
I92akGl7QjEHUKOkbN99+ZtiKFHRF/1rbU7jwt1Cb87Iegi15Vhajog0IWfHH9x8
+gNTgIGtPft1JW8jE9XbO1/QXy6TnM2DHHmedn0SJFJ9yyNgLUgbYn/6o+vve4XZ
UIVU1J2M6xMK8RlTdQA6f9pUVpDYovLTq/leQzjeHnB+koGPphlIc/bsQEbZKv4e
qAgPwx+7R2kvCO3LQwzhEjbKBO9NDYea8tcb9+aoy9JIfRfuMQtTRHSVOSqRBdPB
Gkrv+yJSPvE9RyXkaeVOdaXeXHGlVFt263OnL3RiAaPRV/71ZSyFvjOBFk5ddVwQ
8avr8X3QXWA7Xu55K0aiNd8qeBvIflFpboomfo4dWEgUam/R6tKfH4Q5l5E7F6xc
LtRGlY7qSgK78JwxedwWJwqqesJ+4PG8MEzcRu0AI5Xe3/F2KE1g2vt/C/QiDc/M
wAuPv8A+z+IXPXKbE5amFm7h8nWooPqCNYvJ5ozYRBjZuakQy0QSsP9W+V1Y8u0d
CfKIiDGKskmlZcW038hekBxcB9iJ64Bfh0PjIfnkKCPr6ycxWBbUQikfCjxEj2wo
F1mgjD5pNLmPL++jNhFe
=pdyG
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

