|
Posted by Bill M. on September 20, 2006, 10:30 pm
On Wed, 20 Sep 2006 14:37:52 -0700, "Charles Newman"
>There might be a way. In the one thread about Comcast
>blocking incoming ports, one guy mentioned Tor, I have checked
>it out, and it appears that Tor will let you run a "hidden" web
>site, though that part of the software looks complicated. I do
>know that you would have to bind the IP settings of whatever
>web server software you use either to 127.0.0.1, or to the
>address of your router (if you have one). It appears that users
>would enter an address in the Tor network, which would
>forward to your "hidden" server, and back again. Since
>the server itself would only be seen by the Tor software, any
>routine scans of your system would show nothing. Tor takes
>all the user hits, and acts merely as the relay. Tor just goes
>to the directory you specify and fetches the web page, and
>sends it back to the users on Tor that are requesitng it, from
>what I can tell. The more than 10,000 servers on the Tor
>network would take all the hits, instead of your Web server
>and/or Charter Pipeline.
Umm, no, the hits to your web server and your ISP's network are the
same regardless of whether you stick a proxy such as Tor in front.
>Its also a good way to shield you from script kiddies, who
>might try and compromise your Web server. In other
>words, your Web site could not be compromised by
>hackers. As the saying goes "what cannot be seen cannot
>be hacked".
That's one of the big problems with running a (web) server on a
non-standard port, the false sense of security. It takes longer to
scan a large port range than it does to scan a smaller port range, but
it's not as if we're talking about manual labor here. Not only that,
Tor's web site describes security through obscurity, which is nothing
to be proud of.
| 
Yahoo! 
Google 
Windows Live 
del.icio.us 
digg 
Netscape 
XML site map