Rocksolid Light

Welcome to Rocksolid Light

mail  files  register  newsreader  groups  login

Message-ID:  

A formal parsing algorithm should not always be used. -- D. Gries


computers / Tor / Re: Security and Anonymity Tips

SubjectAuthor
* Security and Anonymity TipsAnonymous
+* Security and Anonymity TipsAnonymous
|+- Security and Anonymity TipsAnonymous
|`- Security and Anonymity TipsMarc SCHAEFER
+- Security and Anonymity TipsAnonymous
`* Security and Anonymity TipsAnonymous
 `* Security and Anonymity TipsAnonymous
  `* Security and Anonymity TipsAnonymous
   `- Security and Anonymity TipsNeodome Admin

1
Security and Anonymity Tips

<e6f425046a0e27c1277b983f668f8825$1@novabbs.com>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=148&group=rocksolid.shared.tor#148

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!.POSTED!not-for-mail
From: Anonymous@novabbs.i2p (Anonymous)
Newsgroups: rocksolid.shared.tor
Subject: Security and Anonymity Tips
Date: Thu, 11 Feb 2021 00:05:47 +0000
Organization: novaBBS
Message-ID: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="19873"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs
X-Rslight-Site: $2y$10$TNIIIZsbWCt59/u.i8aOYO.03a8opepfYvTTqFHKgjo.NrQkgtvM6
 by: Anonymous - Thu, 11 Feb 2021 00:05 UTC

Just got a question about Tor, Let’s assume you run an onion website through an Ubuntu OS. What steps do to you have to take (software, passwords, SQL injection, etc) to make sure that your website is as safe and that users are as anonymous as possible?
--
Posted on novaBBS
novabbs.com

Re: Security and Anonymity Tips

<0c65b593afade3f1a59a1b5968ec1702$1@news.novabbs.org>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=150&group=rocksolid.shared.tor#150

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!.POSTED!not-for-mail
From: Anonymous@rslight.i2p (Anonymous)
Newsgroups: rocksolid.shared.tor
Subject: Re: Security and Anonymity Tips
Date: Thu, 11 Feb 2021 00:49:57 +0000
Organization: Rocksolid Light
Message-ID: <0c65b593afade3f1a59a1b5968ec1702$1@news.novabbs.org>
References: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="28419"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Rslight-Site: $2y$10$zmFu/tPA1sCnuR4f9eoTWOiMq70yX8vMQFoWymheu5PPLtdhG4mxG
 by: Anonymous - Thu, 11 Feb 2021 00:49 UTC

Anonymous wrote:

> Just got a question about Tor, Let’s assume you run an onion website through an Ubuntu OS. What steps do to you have to take (software, passwords, SQL injection, etc) to make sure that your website is as safe and that users are as anonymous as possible?

Simple starting points, but by no means everything:

1. Do not allow any connections to your site from anything but tor on your machine. Meaning, don't let it accept connections from clearnet, localnet or anything. It's best if it's in a VM that cannot be accessed by anything but your tor instance.

2. Change what your webserver advertises that it is. You can find how to do this online pretty easily.

3. Don't log anything, disable all logging.

4. Passwords, sql injections stuff, is mostly the same as any site. A simpler site leaves less open to attack, but of course can still be messed with.

That's just a starting point, others can add what they think.
--
Posted on Rocksolid Light
news.novabbs.org

Re: Security and Anonymity Tips

<8254bca9d7686b91b5b2ccfc5b43997a$1@dkzerogt6z6ybhcj.onion>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=151&group=rocksolid.shared.tor#151

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!.POSTED!not-for-mail
From: Anonymous@rslight.i2p (Anonymous)
Newsgroups: rocksolid.shared.tor
Subject: Re: Security and Anonymity Tips
Date: Thu, 11 Feb 2021 02:52:22 +0000
Organization: Rocksolid Light
Message-ID: <8254bca9d7686b91b5b2ccfc5b43997a$1@dkzerogt6z6ybhcj.onion>
References: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com> <0c65b593afade3f1a59a1b5968ec1702$1@news.novabbs.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="19234"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Spam-Level: **
X-Rslight-Site: $2y$10$0fjKvt.DB21w.wXGvudKbuqLqz96FQig4rhx4wPnvAolyhCiwML5e
 by: Anonymous - Thu, 11 Feb 2021 02:52 UTC

Anonymous wrote:

> Anonymous wrote:

>> Just got a question about Tor, Let’s assume you run an onion website through an Ubuntu OS. What steps do to you have to take (software, passwords, SQL injection, etc) to make sure that your website is as safe and that users are as anonymous as possible?

> Simple starting points, but by no means everything:

> 1. Do not allow any connections to your site from anything but tor on your machine. Meaning, don't let it accept connections from clearnet, localnet or anything. It's best if it's in a VM that cannot be accessed by anything but your tor instance.

> 2. Change what your webserver advertises that it is. You can find how to do this online pretty easily.

> 3. Don't log anything, disable all logging.

> 4. Passwords, sql injections stuff, is mostly the same as any site. A simpler site leaves less open to attack, but of course can still be messed with.

> That's just a starting point, others can add what they think.

Don't let your timezone give you away. Set it to utc.
--
Posted on Rocksolid Light
dkzerogt6z6ybhcj.onion

Re: Security and Anonymity Tips

<s02le0$8au$1@shakotay.alphanet.ch>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=152&group=rocksolid.shared.tor#152

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!i2pn.org!weretis.net!feeder8.news.weretis.net!news.uzoreto.com!news.alphanet.ch!alphanet.ch!.POSTED.localhost!news.alphanet.ch!not-for-mail
From: schaefer@alphanet.ch (Marc SCHAEFER)
Newsgroups: rocksolid.shared.tor
Subject: Re: Security and Anonymity Tips
Date: Thu, 11 Feb 2021 08:13:04 +0100 (CET)
Organization: Posted through ALPHANET (https://news.alphanet.ch/)
Lines: 6
Message-ID: <s02le0$8au$1@shakotay.alphanet.ch>
References: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com> <0c65b593afade3f1a59a1b5968ec1702$1@news.novabbs.org>
Injection-Info: shakotay.alphanet.ch; posting-host="localhost:127.0.0.1";
logging-data="8543"; mail-complaints-to="usenet@alphanet.ch"
User-Agent: tin/2.4.3-20181224 ("Glen Mhor") (UNIX) (Linux/4.19.0-13-amd64 (x86_64))
 by: Marc SCHAEFER - Thu, 11 Feb 2021 07:13 UTC

Anonymous <Anonymous@rslight.i2p> wrote:
> 2. Change what your webserver advertises that it is. You can find how to do this online pretty easily.

Disable the mod-status on apache2 and other web servers, because as your
tor process accesses the web server as localhost presumably, it will be
allowed to look at the server-status by default.

Re: Security and Anonymity Tips

<to.461.2hpcz4@anon.com>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=153&group=rocksolid.shared.tor#153

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!rocksolid2!.POSTED.127.117.190.215!not-for-mail
From: poster@anon.com (Anonymous)
Newsgroups: rocksolid.shared.tor
Subject: Re: Security and Anonymity Tips
Date: Thu, 11 Feb 2021 00:46:55 -0800
Organization: rocksolid2 (novabbs.org)
Message-ID: <to.461.2hpcz4@anon.com>
References: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com>
Content-Type: text/plain; charset=UTF-8
Injection-Info: novabbs.org; posting-account="def.i2p"; posting-host="127.117.190.215";
logging-data="8756"; mail-complaints-to="usenet@novabbs.org"
 by: Anonymous - Thu, 11 Feb 2021 08:46 UTC

>>0ba340009c6e8517a2
>>e39ec4f603c647ca68
That.

Other points:

-check the software you use: prefer code that has been around for some time over new software. Check the track record of bugs for each piece of software you use. Consider a different setup if you find that a software has had a lot of bugs in the past (points to sloppy coding habits on the side of the developers). For the sake of your users, don't use javascript on your site or at least make sure that it is not mandatory for the basic functions of your site.

-minimize attack surface: take out or disable each feature that you don't really need for your site. Following this thinking: consider to use something other than Ubuntu (best) or uninstall all the features that are not needed from your system.
Prefer simple software over software with a lot of external libs.

-use several physical machines for the different functions and separate them by firewalls, so one machine for the tor server and another one for the webserver (you can achieve results almost as good by using a VM for the webserver, but physical machines are better).
Consider what happens if an attacker manages to penetrate your webserver, and make sure that he cannot connect to the outside world (so: set up a firewall that only allows incoming connections to the webserver, but not outgoing).
If you think you must have tor and the webserver on one machine, do not use the tor server as a node in the tor network.

-make sure that the physical location/IP of your tor server cannot be tracked easily. Don't brag to your friends about your kewl new site, don't tell anyone where the site is hosted (or that you host it at all). Make sure that you have some constant traffic to/from your tor server to prevent correlation attacks. For the same reason, preferably host the site on a connection that is not interrupted too often.

-SQL injections: check the SQL statements in the code you are using, make sure that they are predefined and don't take their critical parameters from GET/POST requests.

-limit the functionality of your website to the minimum, in particular disable admin interfaces and rather manage it via SSH if possible.

-if your site has an upload function, make sure that the uploaded content is properly checked before it is saved somewhere (to prevent upload of executable code). If you want to enable arbitrary uploads, make sure that uploaded code cannot be executed.

-make sure that the machines you are using don't contain any traces that can be used to identify you. If you have used the machines before for other purposes, better do a fresh installation.

-apply patches and updates as soon as possible, preferably by cron job.

-try to keep a low profile in all the aspects of the OS and software: prefer commonly used software to rarely used software.

-make sure not to link your anonymous service to non-anonymous aspects (simple example: if you advertise your service on your facebook profile, you are burned. More advanced example: don't run the same site that you have already used in clearnet).

Of course all of this is just for starters. The subject is very complex and you can spent a long time researching it without covering all aspects.

--
Posted on def2

Re: Security and Anonymity Tips

<to.462.gr3nb@anon.com>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=155&group=rocksolid.shared.tor#155

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!rocksolid2!.POSTED.novabbs-internal!not-for-mail
From: poster@anon.com (Anonymous)
Newsgroups: rocksolid.shared.tor
Subject: Re: Security and Anonymity Tips
Date: Sat, 13 Feb 2021 02:48:56 -0800
Organization: def2
Message-ID: <to.462.gr3nb@anon.com>
References: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary=1b25a9007cc72f796ba4fe721a90f9ef97acde08
Injection-Info: novabbs.org; posting-account="def2"; posting-host="novabbs-internal:10.136.143.187";
logging-data="32665"; mail-complaints-to="usenet@novabbs.org"
 by: Anonymous - Sat, 13 Feb 2021 10:48 UTC
Attachments: ubuntu_microsoft.jpg (image/jpeg)

>>805d98d0a8924b17ee
>onion website through an Ubuntu OS

Better think twice about that one. To be clear: I do use Ubuntu myself (on the desktop), but for an onion site that wishes to be anonymous, it is not the right choice imho.

They behave kind of creepy on occasion:

https://twitter.com/LucaBongiorni/status/1359560585990537216

Attachments: ubuntu_microsoft.jpg 
Re: Security and Anonymity Tips

<3e98fbade2b0de2647babea71701a064$1@www.novabbs.com>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=156&group=rocksolid.shared.tor#156

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!.POSTED!not-for-mail
From: Anonymous@novabbs.i2p (Anonymous)
Newsgroups: rocksolid.shared.tor
Subject: Re: Security and Anonymity Tips
Date: Sun, 14 Feb 2021 17:54:51 +0000
Organization: novaBBS
Message-ID: <3e98fbade2b0de2647babea71701a064$1@www.novabbs.com>
References: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com> <to.462.gr3nb@anon.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="4224"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs
X-Rslight-Site: $2y$10$XMhwNX7Ayll47YFKiOWYZOF.X20aDWUZltKQE3RMa7mRtHvJeTSt.
 by: Anonymous - Sun, 14 Feb 2021 17:54 UTC

Wow. That’s creepy. Do you know any personal recommendations of a proper OS by any chance?
--
Posted on novaBBS
www.novabbs.com

Re: Security and Anonymity Tips

<8630e5a09dc6eabae6147122b3569121$1@dkzerogt6z6ybhcj.onion>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=157&group=rocksolid.shared.tor#157

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!.POSTED!not-for-mail
From: Anonymous@rslight.i2p (Anonymous)
Newsgroups: rocksolid.shared.tor
Subject: Re: Security and Anonymity Tips
Date: Sun, 14 Feb 2021 19:21:35 +0000
Organization: Rocksolid Light
Message-ID: <8630e5a09dc6eabae6147122b3569121$1@dkzerogt6z6ybhcj.onion>
References: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com> <to.462.gr3nb@anon.com> <3e98fbade2b0de2647babea71701a064$1@www.novabbs.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Info: i2pn2.org; posting-account="retrobbs1";
logging-data="21718"; mail-complaints-to="usenet@i2pn2.org"
User-Agent: Rocksolid Light (news.novabbs.com/getrslight)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on novabbs.org
X-Spam-Level: **
X-Rslight-Site: $2y$10$fMdbLZOn7/ugXl0KOlHaXugg5oWRVj5Hpc0APdQRbx9svprbK0C0W
 by: Anonymous - Sun, 14 Feb 2021 19:21 UTC

>personal recommendations of a proper OS

Debian
Archlinux
FreeBSD
OpenBSD
--
Posted on Rocksolid Light
dkzerogt6z6ybhcj.onion

Re: Security and Anonymity Tips

<s0vit7$10me$1@neodome.net>

 copy mid

https://news.novabbs.org/computers/article-flat.php?id=159&group=rocksolid.shared.tor#159

 copy link   Newsgroups: rocksolid.shared.tor
Path: i2pn2.org!i2pn.org!news.neodome.net!.POSTED!not-for-mail
From: admin@neodome.net (Neodome Admin)
Newsgroups: rocksolid.shared.tor
Subject: Re: Security and Anonymity Tips
Date: Mon, 22 Feb 2021 06:27:51 -0000 (UTC)
Organization: Neodome
Message-ID: <s0vit7$10me$1@neodome.net>
References: <e6f425046a0e27c1277b983f668f8825$1@novabbs.com>
<to.462.gr3nb@anon.com>
<3e98fbade2b0de2647babea71701a064$1@www.novabbs.com>
<8630e5a09dc6eabae6147122b3569121$1@dkzerogt6z6ybhcj.onion>
Mime-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Injection-Date: Mon, 22 Feb 2021 06:27:51 -0000 (UTC)
Injection-Info: neodome.net; mail-complaints-to="abuse@neodome.net"
User-Agent: NewsTap/5.4.1 (iPhone/iPod Touch)
Cancel-Lock: sha1:ttBxnPhWfJ9gFIzOvHMkt1TcLxk=
 by: Neodome Admin - Mon, 22 Feb 2021 06:27 UTC

Anonymous <Anonymous@rslight.i2p> wrote:

> FreeBSD
> OpenBSD

Can recommend.

--
Neodome

1
server_pubkey.txt

rocksolid light 0.9.7
clearnet tor