So it turns out that Shodan - a kind of multi-protocol Google-alike search engine for metadata and protocol headers - has indexed a bunch of Onion sites which were configured to leak their (onion) hostnames into protocol headers.
https://www.shodan.io/search?query=.onion%2F This is... tragic, perhaps, and avoidable to varying extents (eg: my proposed setup process*) but the situation also possibly presents an opportunity for anyone who has identified addresses of sibyl/other naughty tor-infra-impacting activity, to maybe check some logs and see if any badly-configured onions were also hosted on the same addresses/subnets, get some concept of what hidden services were hosted there, and what they may have been up to? - alec * https://github.com/alecmuffett/the-onion-diaries/blob/master/basic-production-onion-server.md -- http://dropsafe.crypticide.com/aboutalecm -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
