Discussion:
[tor-talk] Yet another Tor failure - DanWin1210.me Hosting hacked
t***@secmail.pro
2018-11-16 04:52:04 UTC
Permalink
DanWin1210.me hosting service was hacked.
https://danwin1210.me/

All Tor Onions are dead.

FH1: Unknown
FH2: Took down by FBI
FH3: Unknown
Danwin1210: Ripped by Anonymous

Now where is "Freedom Hosting IV"?
And why so hate on Tor Onion service?
--
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/lis
Mirimir
2018-11-16 05:13:40 UTC
Permalink
Post by t***@secmail.pro
DanWin1210.me hosting service was hacked.
https://danwin1210.me/
All Tor Onions are dead.
I guess that he didn't maintain backups :(

Maybe some of those .onion owners did, though.
Post by t***@secmail.pro
FH1: Unknown
FH2: Took down by FBI
FH3: Unknown
Danwin1210: Ripped by Anonymous
Now where is "Freedom Hosting IV"?
Shared hosting is a security nightmare. Just sayin'.
Post by t***@secmail.pro
And why so hate on Tor Onion service?
This was just for lulz, no?
--
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/
Daniel Winzen
2018-11-16 05:23:38 UTC
Permalink
Hello,

yes my server got hacked. How - I do not know yet and I will need to do
an extensive analysis. I did indeed not maintain backups, partly for the
reason that users should have the right to be forgotten immediately when
deleting their accounts. Around 1TB of data is gone.

The scripts are open source and anyone who would like to build something
similar is welcome to do so. However you should note there might be a
risk of getting hacked too in case the vulnerability is hidden in those
scripts. I will re-instantiate my hosting only after the vulnerability
is found and fixed. https://github.com/DanWin/hosting/

Any updates will be posted on my front page: https://danwin1210.me/

Regards,
Daniel
Post by Mirimir
Post by t***@secmail.pro
DanWin1210.me hosting service was hacked.
https://danwin1210.me/
All Tor Onions are dead.
I guess that he didn't maintain backups :(
Maybe some of those .onion owners did, though.
Post by t***@secmail.pro
FH1: Unknown
FH2: Took down by FBI
FH3: Unknown
Danwin1210: Ripped by Anonymous
Now where is "Freedom Hosting IV"?
Shared hosting is a security nightmare. Just sayin'.
Post by t***@secmail.pro
And why so hate on Tor Onion service?
This was just for lulz, no?
Mirimir
2018-11-16 21:33:20 UTC
Permalink
Post by Daniel Winzen
Hello,
yes my server got hacked. How - I do not know yet and I will need to do
an extensive analysis. I did indeed not maintain backups, partly for the
reason that users should have the right to be forgotten immediately when
deleting their accounts. Around 1TB of data is gone.
Hey, sorry about that :( And I do got your point about backups.
Although, in retrospect, a backup setup with relatively fast rotation,
and thorough deletion of old backups, would be prudent.
Post by Daniel Winzen
The scripts are open source and anyone who would like to build something
similar is welcome to do so. However you should note there might be a
risk of getting hacked too in case the vulnerability is hidden in those
scripts. I will re-instantiate my hosting only after the vulnerability
is found and fixed. https://github.com/DanWin/hosting/
As I said, shared hosting is a security nightmare. As I understand it,
you're depending on not much more than permissions to protect users from
each other. And in that situation, it's not _that_ hard for a skilled
hacker to get root, and do what they like.

If I were going to attempt such an .onion hosting setup, I'd use a
couple levels of isolation between users. But first, I'd use LUKS with
dropbear for server FDE. It ain't perfect, but an attacker would need to
take some care while impounding the server.

Basically, I'd setup several KVM domains, to help limit damage from a
compromise. Within each domain, I'd put each website in a Docker
container. Given a custom Docker-optimized kernel for the host, and XFS
storage, it's possible to set hard limits on CPU, RAM and storage for
each Docker container.

Docker containers rely on kernel namespaces and cgroups. That's not as
secure as using full VMs, but _far_ lighter. And _far_ more secure than
chroot, which many shared-hosting setups still rely on. Alternatively,
one could use FreeBSD jails, and maybe that can also work with Docker.

Anyway, if you're interested, I'd be happy to help. I'm just a hobbyist,
and totally self-taught. I mostly just use shell scripts. And I lack the
patience and organization to actually operate a shared-hosting site.
Post by Daniel Winzen
Any updates will be posted on my front page: https://danwin1210.me/
Regards,
Daniel
Post by Mirimir
Post by t***@secmail.pro
DanWin1210.me hosting service was hacked.
https://danwin1210.me/
All Tor Onions are dead.
I guess that he didn't maintain backups :(
Maybe some of those .onion owners did, though.
Post by t***@secmail.pro
FH1: Unknown
FH2: Took down by FBI
FH3: Unknown
Danwin1210: Ripped by Anonymous
Now where is "Freedom Hosting IV"?
Shared hosting is a security nightmare. Just sayin'.
Post by t***@secmail.pro
And why so hate on Tor Onion service?
This was just for lulz, no?
--
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi
bo0od
2018-11-17 00:31:00 UTC
Permalink
or use Qubes OS , its useful with some knowledge about it to make it
great OS for hosting (i didnt test that for web hosting , but
theoretically possible).And more secure than docker or plain debian or
bsd ...etc.
Post by Mirimir
Post by Daniel Winzen
Hello,
yes my server got hacked. How - I do not know yet and I will need to do
an extensive analysis. I did indeed not maintain backups, partly for the
reason that users should have the right to be forgotten immediately when
deleting their accounts. Around 1TB of data is gone.
Hey, sorry about that :( And I do got your point about backups.
Although, in retrospect, a backup setup with relatively fast rotation,
and thorough deletion of old backups, would be prudent.
Post by Daniel Winzen
The scripts are open source and anyone who would like to build something
similar is welcome to do so. However you should note there might be a
risk of getting hacked too in case the vulnerability is hidden in those
scripts. I will re-instantiate my hosting only after the vulnerability
is found and fixed. https://github.com/DanWin/hosting/
As I said, shared hosting is a security nightmare. As I understand it,
you're depending on not much more than permissions to protect users from
each other. And in that situation, it's not _that_ hard for a skilled
hacker to get root, and do what they like.
If I were going to attempt such an .onion hosting setup, I'd use a
couple levels of isolation between users. But first, I'd use LUKS with
dropbear for server FDE. It ain't perfect, but an attacker would need to
take some care while impounding the server.
Basically, I'd setup several KVM domains, to help limit damage from a
compromise. Within each domain, I'd put each website in a Docker
container. Given a custom Docker-optimized kernel for the host, and XFS
storage, it's possible to set hard limits on CPU, RAM and storage for
each Docker container.
Docker containers rely on kernel namespaces and cgroups. That's not as
secure as using full VMs, but _far_ lighter. And _far_ more secure than
chroot, which many shared-hosting setups still rely on. Alternatively,
one could use FreeBSD jails, and maybe that can also work with Docker.
Anyway, if you're interested, I'd be happy to help. I'm just a hobbyist,
and totally self-taught. I mostly just use shell scripts. And I lack the
patience and organization to actually operate a shared-hosting site.
Post by Daniel Winzen
Any updates will be posted on my front page: https://danwin1210.me/
Regards,
Daniel
Post by Mirimir
Post by t***@secmail.pro
DanWin1210.me hosting service was hacked.
https://danwin1210.me/
All Tor Onions are dead.
I guess that he didn't maintain backups :(
Maybe some of those .onion owners did, though.
Post by t***@secmail.pro
FH1: Unknown
FH2: Took down by FBI
FH3: Unknown
Danwin1210: Ripped by Anonymous
Now where is "Freedom Hosting IV"?
Shared hosting is a security nightmare. Just sayin'.
Post by t***@secmail.pro
And why so hate on Tor Onion service?
This was just for lulz, no?
--
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/lis
Mirimir
2018-11-17 18:21:12 UTC
Permalink
Post by bo0od
or use Qubes OS , its useful with some knowledge about it to make it
great OS for hosting (i didnt test that for web hosting , but
theoretically possible).And more secure than docker or plain debian or
bsd ...etc.
Yes, Qubes would be an other good choice. But, I suspect, harder to
implement. Especially interesting are recent developments that allow
Qubes system components to be distributed across multiple servers. With
secure connections, of course.

I've been meaning to play with it, off and on, for some years. Who
knows, maybe I'll give it a shot. If I can find suitable hardware for
anonymous lease, anyway :)
Post by bo0od
Post by Mirimir
Post by Daniel Winzen
Hello,
yes my server got hacked. How - I do not know yet and I will need to do
an extensive analysis. I did indeed not maintain backups, partly for the
reason that users should have the right to be forgotten immediately when
deleting their accounts. Around 1TB of data is gone.
Hey, sorry about that :( And I do got your point about backups.
Although, in retrospect, a backup setup with relatively fast rotation,
and thorough deletion of old backups, would be prudent.
Post by Daniel Winzen
The scripts are open source and anyone who would like to build something
similar is welcome to do so. However you should note there might be a
risk of getting hacked too in case the vulnerability is hidden in those
scripts. I will re-instantiate my hosting only after the vulnerability
is found and fixed. https://github.com/DanWin/hosting/
As I said, shared hosting is a security nightmare. As I understand it,
you're depending on not much more than permissions to protect users from
each other. And in that situation, it's not _that_ hard for a skilled
hacker to get root, and do what they like.
If I were going to attempt such an .onion hosting setup, I'd use a
couple levels of isolation between users. But first, I'd use LUKS with
dropbear for server FDE. It ain't perfect, but an attacker would need to
take some care while impounding the server.
Basically, I'd setup several KVM domains, to help limit damage from a
compromise. Within each domain, I'd put each website in a Docker
container. Given a custom Docker-optimized kernel for the host, and XFS
storage, it's possible to set hard limits on CPU, RAM and storage for
each Docker container.
Docker containers rely on kernel namespaces and cgroups. That's not as
secure as using full VMs, but _far_ lighter. And _far_ more secure than
chroot, which many shared-hosting setups still rely on. Alternatively,
one could use FreeBSD jails, and maybe that can also work with Docker.
Anyway, if you're interested, I'd be happy to help. I'm just a hobbyist,
and totally self-taught. I mostly just use shell scripts. And I lack the
patience and organization to actually operate a shared-hosting site.
Post by Daniel Winzen
Any updates will be posted on my front page: https://danwin1210.me/
Regards,
Daniel
Post by Mirimir
Post by t***@secmail.pro
DanWin1210.me hosting service was hacked.
https://danwin1210.me/
All Tor Onions are dead.
I guess that he didn't maintain backups :(
Maybe some of those .onion owners did, though.
Post by t***@secmail.pro
FH1: Unknown
FH2: Took down by FBI
FH3: Unknown
Danwin1210: Ripped by Anonymous
Now where is "Freedom Hosting IV"?
Shared hosting is a security nightmare. Just sayin'.
Post by t***@secmail.pro
And why so hate on Tor Onion service?
This was just for lulz, no?
--
tor-talk mailing list - tor-***@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mail
Loading...