security – Hosting web site with onion share

security – Hosting web site with onion share – Webmasters Stack Exchange

github bitcoin/doc/tor.md – Automatically versus Manually creating a Bitcoin Core tor onion service

The doc I’m asking about: TOR SUPPORT IN BITCOIN. Section 1 describes how to “Run Bitcoin Core behind a Tor proxy.” Then…

  1. Automatically create a Bitcoin Core onion service

(I)f Tor is running and proper authentication has been configured,
Bitcoin Core automatically creates an onion service to listen on.

This section describes how to establish proper authentication.

  1. Manually create a Bitcoin Core onion service

You can also manually configure your node to be reachable from the Tor
network. Add these lines to your /etc/tor/torrc (or equivalent config
file):
HiddenServiceDir /var/lib/tor/bitcoin-service
HiddenServicePort 8333 127.0.0.1:8334

This section then describes the externalip, listen, and discover command line or bitcoin.conf options.

I am confused about the relation of sections 2 and 3. Are they alternatives or is 3 additive to 2? If the user, per section 3, adds the HiddenService… lines to torrc, and includes externalip=(user's public 64-char code).onion and listen=1 in bitcoin.conf, can the authentication steps of section 2 be omitted? The externalip with the user’s onion address of section 3 seems to provide advertising of the node’s reachable tor address. But if it’s omitted, how do inbound peers contact the onion service that, per section 2, is being “listen(ed) on”?

bitcoin core – Why variations in tor onion service incoming node identifcation formats?

With these bitcoin.conf parameters:

proxy=127.0.0.1:9050
listen=1
onlynet=onion
bind=127.0.0.1
externalip=(my 64-char code).onion
(plus 32 addnode=(onion address) entries)

I quickly get 18 outgoing connections to .onion addresses (and never more, even after 24+ hours?), and then after a while one or two incoming addresses identified like this:

127.0.0.1:57926 (node id: 40)
via 127.0.0.1:9050

or like this:

127.0.0.1:58152 (node id: 78)
via akuserwyfe5ehl6i.onion:32645

or like this:

127.0.0.1:58516 (node id: 189)
(that's it -- no "via"!)

What causes these node identification format variations?

tor – Onion Routing Network: Analyzing the size of the encrypted message to determine distance along a circuit

You’re not wrong (except for The Key being deduced part) but the approach is meaningless.

You are implicitly assuming information you don’t have to solve a problem that doesn’t exist. I’ll try to explain.

You are assuming that you can track a given message through all of its relays in order to compute message size reduction at each relay. First of all data is in fixed sized packets but there is no padding so in principle you could do this by counting packets but it requires an overarching knowledge of all of the network traversal packets. If you had this level of insight, you wouldn’t need to do the analysis in the first place.

The default Tor circuit is 3 nodes: Entry Node,Relay Node, Exit Node. All of the Tor nodes and types are public information already. The “distance” of the circuit is always (mostly) 3. The distance along the circuit is a function of the node in the circuit. If you’re already somehow tracing the packet, you already know the hop count without trying to compute packet reduction inference.

In short, you need comprehensive knowledge to compute something you would already know.

I don’t know what you mean by “The Key“, but it doesn’t really matter as your system requires apriori knowledge of the entire circuit, negating all of the individual hop keys anyway.

Onion Rings, anyone loves them too?

I personally really enjoy the fried onion rings from BK and most buffets and all-you-can-eat. I dip mine into the zesty sauce from BK, marinara or BBQ. How about you?

tor – Bitcoin Core Onion Service created unexpectedly

Why is Bitcoin Core onion service created when I have not mentioned anything related in bitcoin.conf?

bitcoin.conf in Windows (data directory):

prune=2048

bitcoin.conf in Fedora (running bitcoind)

prune=2048
datadir=/mnt/hgfs/mainnet

/mnt/hgfs/mainnet -> E:Core-Backupbitcoin-mainnet (Shared folder in VM)

ls /mnt/hgfs/mainnet
anchors.dat   blocks      fee_estimates.dat     peers.dat
banlist.dat   chainstate  mempool.dat           settings.json
bitcoin.conf  debug.log   onion_v3_private_key

Logs:

2021-06-12T01:19:40Z tor: Got service ID 64randomchars, advertising service 64randomchars.onion:8333
2021-06-12T01:19:40Z msghand thread start
2021-06-12T01:19:40Z addcon thread start
2021-06-12T01:19:40Z net thread start
2021-06-12T01:19:40Z AddLocal(64randomchars.onion:8333,4)

ubuntu – Security Onion 2.3 The IP being routed by Linux is not the IP address assigned to the management interface?

I have just installed Security Onion 2.3 and I faced some issue with network configuration, first of all I have 2 interface

1- Host Only for Management

2- Nat with internet connection

but I receive this error

The IP being routed by Linux is not the IP address assigned to the
 management interface?  

What’s wrong in my configuration and how canI fix it?

bitcoind – Scan ports for my onion bitcoin node and RPC calls

1: How can it be scanned? how can I see if its exposing any port, or port 8333?

Use getnetworkinfo RPC and results should have one onion address and port number mentioned if onion service is created for Bitcoin Core:

localaddresses": [
  {
    "address": "omy7kj7zwvfg5luayideh73uqb2latkoyyy5h65y4atv3fymnlxlzwqd.onion",
    "port": 8333,
    "score": 4
  }
]

2: How can I make RPC calls through Tor?…. maybe this is not the best way because of security for the RPC API and calls in plain data.

Check instructions mentioned for proxy,onlynet=onion and it’s trade-offs here:
https://github.com/prayank23/bitcoin/blob/tor-docs-add/doc/tor.md#1-run-bitcoin-core-behind-a-tor-proxy

Is there an alternative to identify a lightning node without their IP or onion address?

In the country where I live, only dynamic IPs are assigned to most customers unless you are willing to pay a lot more for a business service.
I guess not everyone in the world can get a static IP without paying a lot extra or doing something like running a VPS.
Also, a node operator with a static IP address doesn’t have total control of the IP assigned to them.

I learned that lightning uses the IP or onion address of the node to identify it, so if a node changes their IP – I guess – it assumes the node is not online anymore. Which, I understand, is a problem if you open a channel with a node.

So, my question is: is there an alternative method, implemented or not, to identify a lightning node without knowing their IP or onion address?

network – How to reliably check if your bitcoin onion node is reachable as advertised?

If getpeerinfo returns a good number of outbound onion peers but none show up as inbound:true, how do you check if your node is properly reachable as advertised?

Several guides and forum answers recommend checking with Bitnodes io but this service is unable to reach the majority of my undeniably reachable outbound onion peers. My node and others don’t show up as reachable on Bitnodes.

DreamProxies - Cheapest USA Elite Private Proxies 100 Private Proxies 200 Private Proxies 400 Private Proxies 1000 Private Proxies 2000 Private Proxies 5000 Private Proxies ExtraProxies.com - Buy Cheap Private Proxies Buy 50 Private Proxies Buy 100 Private Proxies Buy 200 Private Proxies Buy 500 Private Proxies Buy 1000 Private Proxies Buy 2000 Private Proxies ProxiesLive.com Proxies-free.com New Proxy Lists Every Day Proxies123.com Buy Cheap Private Proxies; Best Quality USA Private Proxies