Index ¦ Archives ¦ Atom

Alternative Networks for this site - Tor

Last week I looked a few alternative censorship resistant networks and setup an I2P eepsite. This week I've made Exotic Security available as a Tor hidden service.


I like vanity domain names so first I downloaded Scallion and generated an onion address that started with 'exoticsec'.

Scallion was very easy to use, just a simple git clone, xbuild and then

mono scallion.exe -c exoticsec

I was very impressed with how well it ran, my GPU a GeForce GTX 680 got 470 MH/s and found two names that matched in under 10 hours1.

I then installed Tor following their guide for Debian and set it to run automatically sudo systemctl enable tor.service

The I setup apache, I edited /etc/apache2/ports.conf

# Tor Hidden service
# Just a random port number I generated, there is no significance to it.

my sites-enabled

# Tor Hidden Service
    # Host settings
    ServerName exoticsecv6kd6fw.onion

    DocumentRoot /var/www/tor-hidden-service
    ErrorDocument 404 /pages/404-not-found.html

    # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
    # error, crit, alert, emerg.
    # It is also possible to configure the loglevel for particular
    # modules, e.g.
    #LogLevel info ssl:warn

    # As we are hosting on localhost, by default the server-status and
    # server-info pages are avalible.
    <Location /server-status>
        Order allow,deny
        Deny from all
    <Location /server-info>
        Order allow,deny
        Deny from all

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined

Then I edited /etc/tor/torrc and uncommented the two lines to enable a hidden service

HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80

Restarted tor to create the HiddenServiceDir

systemctl restart tor.service

Then I replaced /var/lib/tor/hidden_service/private_key with the key I'd generate with Scallion and I was done.

I was surprised how easy it was to get up and running. Admittedly it might have been a bit more involved if I'd been trying to hide my identity, I probably would have used Whonix as the host instead but even so it was very easy to get up and going.

  1. Although I'm pretty sure that was mostly luck, the predicted time for one hash that matched was a little over 10 hours. 

Creative Commons License
Content on this site is licensed under a Creative Commons Attribution 4.0 International License.
Built using Pelican. Based on a theme by Giulio Fidente on github.