Rootconf 2014

On devops and cloud infrastructure

Akash Mahajan


The Little Service which wasn't there + Fun with SSH

Submitted Jan 9, 2014

A session in two parts.

Learn how to setup SSH as a TOR hidden service

In the first part we will

  • Set up SSH
  • Set up Tor
  • Make SSH a TOR Hidden Service
  • Connect to the SSH over TOR
Make life fun for SSH attackers

Since now we have a free port 22

  • Setup Kippo
  • See the logs
  • Make life fun for SSH attackers


Linux Server Hardening for the Paranoid

An intermediate level full talk that will tell you how to use TOR Hidden services to truly hide your server and stay hidden from Nation States Adversaries and Hollywood Attackers who Can Kill Everyone Remotely and in Style

I gave a talk on Securing a Linux Web Server in 10 Steps or Less. That talk covered basic principles to think about when you decide to secure your server. I got great feedback for the talk and IMHO it was a nice gentle introduction for beginners.

The only problem is, that talk was incomplete. We can’t effectively talk about security without defining or discussing security against whom. Therefore if you would like to keep your machine safe from Nation State Adversaries come learn how you can do that.


This is not a workshop. There is no point in getting people to do hands-on stuff on a linux server(which is basically a training nightmare) but it would be nice for the following to happen

If you can do the following, don’t attend the talk to just heckle me(unless you let me do the sam to you in your talk, then its all cool)

  • Know how to setup a TOR hidden service
  • Know how to setup a honeypot
  • Work for any organisation that resembles a Nation State Adversary

Speaker bio

That Web Application Security Guy @ The App Sec Lab

I run The App Sec Lab a security company that helps companies become secure. If you are confused about anything in security come and talk to me and I can help you with a roadmap on how to become secure and stay that way.

I am the co-founder+Community Manager for “null - The Open Security Community” and Co-Chapter Lead for OWASP Bangalore

TL, DR; I am a funny with an interesting take on things in life that matter - Linux, Security, Having Fun and Teaching cool things to people while they are laughing so that they really really get it.



{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

Hosted by

We care about site reliability, cloud costs, security and data privacy