[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

More Secure Tor Browsing Through A Virtual Machine in Ubuntu

I would appreciate any feedback people have on this. This is just an
idea and it's kind of beta, so don't use this unless you know what
you're doing. PGP key at bottom of message

More Secure Tor Browsing Through A Virtual Machine in Ubuntu

Whenever somebody uses the internet through Tor using the standard
set-up, they are assuming that the program (such as Firefox) they're
using is immune to serious remote attacks such as code execution attacks
that could allow an adversary to run commands on their system. It is
possible to use Tor without making these assumptions, thus making Tor
use safer.

The basic idea behind securing Tor browsing through a virtual machine is
to put the user's programs in a sandbox. A virtual machine is the
ultimate example of this. Even if an attacker were to be able to gain
command-line access through a vulnerability in a program such as
Firefox, they still wouldn't be able to obtain the user's IP address,
look at their file system, or gain access to any other
personally-identifiable information.

As an added benefit of running a virtual machine, you can also allow
scripts, flash, and all sorts of other nasty code to run in your browser
as even if it tries to break out it won't be able to. You should be
aware that this will break your anonymity across identities through
things like flash cookies. We'll discuss that more later as well as
steps that can be taken to prevent it.

Unfortunately, virtual machines require a lot of memory, cpu time, and
disk space. If you don't have extra of these, you might want to consider
building a chroot jail instead. If you want to install a virtual
machine, keep reading.

I'll be using Xubuntu for this guide because it's an easy distribution
for newbies to use and it's relatively lightweight. If you're dealing
with less system resources, you might want to try doing this with Damn
Small Linux or installing Fluxbox. If you get it to work, please
document how it was done so other people can lean from your experience.

Part One: Download Xubuntu
The first thing we'll have to do is grab a copy of Xubuntu. If you have
lots of spare resources, you can use Ubuntu as the instructions will be
almost identical.
You can get the 9.04 (Jaunty Jackalope) version of Xubuntu at
http://www.xubuntu.com/get#jaunty. I strongly suggest you use the
Torrents they provide at

Part Two: Configure Your Host System
While we're waiting for Xubuntu to download, let's set up your host
system. The first thing we'll need to do is create a user to run the
virtual machine. Go to System>Administration>Users and Groups and add a
new user. You'll need to set a password for them, so make sure you write
it down when you do. Also, go to advanced and write down the user id.
I'm calling this user “torify” in my examples.
I'm assuming you already have Tor/Privoxy set up at the standard ports
(9050 and 8118) if not, please install them and remember any
non-standard configurations you have.
Let's set up our firewall so the “torify” user can only access localhost:
sudo iptables -t nat -A OUTPUT -m owner --uid-owner torify -j DNAT

This firewall rule will only stick around until you restart your system
(or re-connect to the network). If you want to make it persistent,
there's a guide at https://help.ubuntu.com/community/IptablesHowTo which
explains how to even if you're using the Gnome or Xcfe Network Manager.

If you have any software listening on any port (even if it's only
accessibly from localhost) then the virtual machine will be able to see
it. This is not a risk if you're browsing Tor safely in your virtual
machine but if you allow flash, java, etc. then it could become a risk.
A common open port on Linux systems is port 631, which is the CUPS
service's web interface for managing print jobs. If you open
http://localhost:631 in your web browser, you should be able to see if
it's there or not. You can temporarily disable it by going to the System
Monitor (in System>Administration), finding cupsd in the process list,
and killing it. This will only kill CUPS until the next system restart
(or possibly the next login).

Next, we'll install the software required to run the virtual machine.
Type the following command in the terminal (Start>Accessories>Terminal).
If your processor doesn't support virtualization, you should only
install qemu. If you don't know if your processor supports it, go ahead
and install it as you can always remove it later.
sudo aptitude install qemu kqemu-common kqemu-source

Once this is installed, you'll have to restart. Go ahead, I'll still be

Now that you've got Qemu/KVM installed, let's do the final step in
configuring your system. Remember where I asked you to write down the
user id? Replace “id” in the following two commands with the id of your
“torified” user.
sudo adduser `id -un` libvirtd
sudo adduser `id -un` kvm

This allows your torify user (and virtual machine) to take advantage of
advanced virtualization features if you have them.

Part Three: Install and Browse
So you're almost ready to start browsing via Tor.  First we'll need to
make a hard drive for your virtual machine. I suggest around 8G
(gigabytes) but you can do more. To make a hard drive of this size in
your current directory, run this command:
qemu-img create -f raw file.disk 8G

Run this command to start installing your virtual machine. You can
change what's after -m if you have more or less available memory
(megabytes). Some processors have additional virtualization support.
Instead of using qemu, just try using kvm (same text after the command).
If you get errors or it doesn't work, you should probably stick with
qemu. Next, run this command to boot your torified operating system.

qemu -hda file.disk -m 512 -name TorMachine -cdrom
xubuntu-9.04-desktop-i386.iso -boot d

Select “try xubuntu without any changes..” and then double-click the
install icon on the desktop when it's loaded. The instructions are
pretty straight-forward. When it asks you for a network proxy, type in so it can grab updates.

Once Xubuntu is installed, be sure to restart and update everything
before browsing the web. It will automatically notify you of updates. If
it doesn't notify you of any updates, something may have gone wrong so
manually check by running the command “sudo update-manager”.

Part Four: Using Your Virtual Machine
Alright, we're all done setting up your virtual machine. All of your
proxy settings in Xubuntu should be the same as in your host system
except that you should replace with I strongly
suggest installing TorButton and NoScript in your web browser but
allowing scripts is also a possibility.

Before you start your virtual machine, make sure you've applied the
iptables rules and disabled CUPS. Then, use this command from the
directory with your virtual hard drive to start your virtual machine. Go
in and tweak the settings just how you like them.
qemu -hda file.disk -m 512 -name TorMachine

In the future, if you're not planning on changing settings, saving
files, etc. or you're taking the risk of allowing active scripts to run,
make sure you add “-snapshot” to the end of the command you start your
virtual machine with. This will stop your virtual machine from saving
any changes that are made to it, like flash cookies. Changes will be
stored while only you're using the virtual machine, so when you close it
and re-open it, it's like starting a fresh system.

If you have any suggestions for changes to this guide, feedback, or
questions please drop me an email at ringo{at}hackbloc.org.

Version: GnuPG v1.4.9 (GNU/Linux)