Using Tor, you can:
Hidden, in this context, means that these services will only be accessible through Tor.
A good proxifying application is called tsocks
, that allows you to prefix a command-line invocation of an application so that it gets relayed through Tor. tsocks
is essentially a SOCKS wrapper that forwards TCP connections to Tor's SOCKS port. It can be configured by editing its configuration file, usually found at /etc/torsocks.conf
.
After configuring the local
subnets, the only required lines are:
server = 127.0.0.1 server_type = 5 server_port = 9050
that relay all the TCP traffic to Tor, listening on 127.0.0.1
and on port 9050
.
An invocation of tsocks
, could then be:
tsocks mysql -u user -p -h vva33zlardffgeet.onion
that would connect to a hidden database, at the .onion
address vva33zlardffgeet.onion
over the Tor network.
Setting-up your own services behind Tor is a fairly trivial task. The relevant directives for the Tor configuration file are the following:
HiddenServiceDir /var/lib/tor/hidden_server/ HiddenServicePort 80 127.0.0.1:8800
which instructs Tor to relay all traffic coming from the Tor network on TCP port 80
to the address 127.0.0.1
and port 8800
. This implies that a web-server will be listening to requests on 127.0.0.1
and port 8800
as specified by the HiddenServicePort
.
The .onion
address is automatically generated and can be read from (in the case above):
/var/lib/tor/hidden_server/hostname
You can have multiple HiddenServicePort
lines for every service you wish to make available to the .onion
network.