[tor-onions] Debugging an ubuntu / apache2 / tor / ssl setup
Peter Brooks
peter.h.m.brooks at gmail.com
Sat Oct 13 22:08:51 UTC 2018
Why? Tor encrypts everything in transit, but not between you and the
first server, and not between the last server and the target machine.
Anybody listening to your output stream, or the stream to and from the
remote server, can see everything in plaintext - the URL, and its
parameters particularly.
With SSL, you know the URL is encrypted between your machine and the
remote server, as is the returned page.
On Sat, 13 Oct 2018 at 18:56, Adam Jensen <hanzer at riseup.net> wrote:
>
> On 10/02/2018 07:01 AM, Peter Brooks wrote:
> > I'm setting up a tor site on ubuntu, using apache2 to work with ssl.
>
> This might be a goofy question but why would SSL ever be used with a Tor
> Hidden Service?
>
> Also, isn't the Apache web server still vulnerable to application layer
> slow post denial of service attacks?
>
> https://sourceforge.net/projects/torshammer/
> https://github.com/llaera/slowloris.pl
> https://github.com/marant/goloris
> _______________________________________________
> tor-onions mailing list
> tor-onions at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-onions
--
Peter Brooks
Mobile: +27 82 717 6404
Skype: Fustbariclation
Twitter: Fustbariclation
Google+: Fustbariclation
Author Page: amazon.com/author/peter_brooks
More information about the tor-onions
mailing list