Some of my books i wrote for CTS GMBH (http://CTS.at) are published by them at DigitalBooks24. The full list of published books is available here.


Hier verfügbar bei DigitalBooks24


This book shows a perfect setup for Tor Hidden Services using a real life example. To be safe, even your service is fully compromised or hacked, Tor daemon and services are on different systems or virtual machines. Works with virtual machines, cheap hardware or raspberry systems.

All needed configuration files included! 100% free Open Source!

Table of Contents


Table of Contents

Legal Notes

Introduction to the Tor Network

What is the Tor Network

Bad boys net only?

Preparing our Tools

Preparing the Tor browser

Using Tails Linux

General security rules

Domains and .onion addresses

Domains and IPv4 addresses

.onion addresses

The project of this e-book

Firewall Setup

Tor Hidden Service setup

The Management Network

Firewall Setup

Nginx Web Server System Setup

More Features

About The Author

Other Books By (Author)

Link List for this e-book

Tor project page

Tails Linux project page

DuckDuckGo Search Engine

The Hidden Wiki

Can I Ask A Favour?

The project of this e-book

This book will show you how to setup all required systems and services to offer anonymous and secure Tor Hidden Services.

Firewall Setup

We will setup a firewall based on a FreeBSD minimum installation. This firewall will work on most old PC’s with 3 network interfaces or a virtual machine running on Top of VMWare, KVM or Virtual Box.

The Tor daemon will run on this firewall and handle the connections between the Tor Network and your Tor Hidden Services system.

The Firewall will block all traffic from your Tor systems to the clearnet without using the Tor Proxy. We also setup a DNS Proxy using the Tor Network to avoid DNS exploits.

This way, even your system offering the hidden services is fully hacked or compromised, all requests are running through the Tor Network and you are not unmasked because of it. Furthermore, the hacked system only knows its internal 10.x.x.x address and there is no way to find out the real IP address.

We will create a management network, able to access these systems only. Management network is operated on an internal IP range too. There is no way to access the clearnet. Management Network can use the Tor proxy if needed.

Tor Hidden Service setup

We will create a system running the nginx web server to anonymously serve content on its own .onion address.

Because of running the services on a different system we can add as much systems, servicing Tor Hidden Services, as needed.

The Management Network

You can use any system running the Tor Browser Bundle or Tails Linux inside the management network.

About The Author

Karl M. Joch is founder of CTS GMBH with more than 30 years experience in national and international projects. He worked in over 15 countries.

A CTS Solutions IT-Pro Book