Setting up a Tor hidden service--is this secure?

Discussion in 'privacy technology' started by FuZzY_BuBbLeS, May 5, 2012.

Thread Status:
Not open for further replies.
  1. FuZzY_BuBbLeS
    Offline

    FuZzY_BuBbLeS Registered Member

    I want to set up a Tor hidden service (for legitimate, but possibly illegal reasons). I have an old PC that I got from a company Win XP Pro installed. I will be using Ubuntu for the OS and thttpd as the web server software. I have a few questions:

    1) Would it be reasonable to install Ubuntu alongside Windows so that I can set up FDE with Truecrypt in Windows? Or should I man up and sort out encrypted LVM etc.?

    2) How can I make my server more secure? I mean, Ubuntu is a relatively safe OS, but I feel like if I'm going to be running a hidden service on it then I will need to harden it a bit more.

    3) Are there any thttpd-specific configuration changes I should make?
  2. PaulyDefran
    Offline

    PaulyDefran Registered Member

    No idea about #2 or #3, but for #1, if you don't care that someone could tell that there is encryption, then LUKS it should be. If you want to hide the fact, then a TC Hidden OS option may serve you better. You'll be sacrificing hard drive space for the decoy, and some would question using Windows as the host when anonymity is the goal. Since this Hidden Service is probably going to be up 24/7, realize that the encryption keys will be in memory and one of the first things grabbed during triage on an incident response.

    PD
  3. mirimir
    Online

    mirimir Registered Member

    As PaulyDefran said, you'll be hosed if they get the server while it's up. Running from home is OK when you're learning and testing. But, if you have hidden services up 24/7, and they handle sensitive information, you want to be using hosted servers. Specifically, you want bulletproof hosting, and you want to pay for it anonymously. And you SSH to it only through Tor.

    For security, you have your servers running in VMs, with Tor on the host machine. That way, even if the server is compromised, is has no Internet access except through Tor. Check the tor-talk archives, and the seedier sections of THW, and you'll find instructions and FAQs.
Thread Status:
Not open for further replies.