[tor-talk] Shodan & Hidden Services
Alec Muffett
alec.muffett at gmail.com
Fri Apr 21 22:35:45 UTC 2017
So it turns out that Shodan - a kind of multi-protocol Google-alike search
engine for metadata and protocol headers - has indexed a bunch of Onion
sites which were configured to leak their (onion) hostnames into protocol
headers.
https://www.shodan.io/search?query=.onion%2F
This is... tragic, perhaps, and avoidable to varying extents (eg: my
proposed setup process*) but the situation also possibly presents an
opportunity for anyone who has identified addresses of sibyl/other naughty
tor-infra-impacting activity, to maybe check some logs and see if any
badly-configured onions were also hosted on the same addresses/subnets, get
some concept of what hidden services were hosted there, and what they may
have been up to?
- alec
*
https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-production-onion-server.md
--
http://dropsafe.crypticide.com/aboutalecm
More information about the tor-talk
mailing list