1 |
On Tue, Apr 24, 2018 at 2:10 PM, Hubert Hauser <hubot@××××.com> wrote: |
2 |
> I want to run a few Tor hidden services. My home network is behind a |
3 |
> carrier gateway NAT so I can't make server from Raspberry Pi. I consider |
4 |
> run Tor hidden services on VPS. What do you think about it? Is cgNAT |
5 |
> obstacle if I want to run Tor hidden services? |
6 |
> |
7 |
|
8 |
A hidden service listens to connections from a Tor daemon. The |
9 |
recommended setup has both on the same machine, so the web service is |
10 |
only accepting connections from the machine it is run on. It does not |
11 |
need to be outwardly accessible. |
12 |
|
13 |
Tor will work even if you are behind NAT, assuming you do not run it |
14 |
in a mode where it accepts Tor to Tor connections or Internet to Tor |
15 |
connections. |
16 |
|
17 |
|
18 |
Running a hidden service on a VPS, assuming you are not breaking the |
19 |
laws in your jurisdiction, is likely the better idea. It will have |
20 |
higher bandwidth and if an attacker succeeds in resolving its location |
21 |
(which is possible to do and rather easy) they will get a datacenter, |
22 |
not your neighborhood. |
23 |
|
24 |
If you are breaking laws in your jurisdiction of residence I would |
25 |
highly recommend moving. Whether or not it is a better idea to |
26 |
self-host in this case is a tossup. On one hand, if you self-host and |
27 |
the authorities resolve your hidden service's location, they get you, |
28 |
but you may have a chance to destroy evidence. On the other hand, if |
29 |
you VPS-host and the authorities resolve your hidden service's |
30 |
location, they may subpoena the datacenter and get your details and |
31 |
also the information on the server. |
32 |
|
33 |
Cheers, |
34 |
R0b0t1 |