I'm not against a guide. I just think the focus should be less about the technical, and more about common sense.
During one of the last hack discussions a forum member posted that he properly secured his server, citing various technical precautions. He mentioned he did this to protect the X amount of funds stored on the server, and he was glad for the high bandwidth line to his office allowing him to have the server there.
Another poster said er it's probably not a good idea to tell people where your server holding these funds is at. For example, one could look up where you are located and pay the cleaning lady 10K to look the other way. That would be worth it for a theft worth say 60K plus.
Low tech security precautions shouldn't be ignored in favor of high tech ones.
i wonder if it would be possible to 'hide' the hot wallet server by putting it on its own box, and only allowing tor hidden service connections in.
that way, the IP at least would never be known...
Again, you're thinking a lack of high tech solutions is the problem. It's not. In the example about the cleaning lady there are other ways to go about finding the location to commit the crime. For example, if it was me I would start collecting information on the target. I'd do several things first:
1. Do a WHOIS lookup on the member's domain name; unless intentionally obscured this will provide the member's real name or company name...
2. Click the forum member's profile, see what else I can learn about him, like an email address (which I might try to phish email)
3. Do a forum search of all the member's posts; did he ever mention where he was located?
Only after starting with the above would I even get into tracking down IP addresses. See? Low tech is often FAR more effective.
