[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tutorial: Howto setup a middlebox routing ALL traffic through TOR from VM



redapple:
> Hi TOR-Geeks,
> 
> as I'm not sure (ok,maybe I've to less information), these Vidalia + TOR +
>  Proxy or TOR-Button, are problematic to set up correctly and there is a
> big chance to do something wrong, which would reveal your Identity.

Yes, that's why there is now the Tor Browser Bundle.

> So I came about this
> 
> HOWTO set up a Middlebox which routes ALL Traffic through TOR on a
> Hostsystem from a
> VM.<http://www.howtoforge.com/how-to-set-up-a-tor-middlebox-routing-all-virtualbox-virtual-machine-traffic-over-the-tor-network>
> 
> This great work was made by
> chris_dj<http://www.howtoforge.com/forums/member.php?u=89984> .
> I can't understand why there is so less information about him. Tell me, if
> you find out.

I am also interested. What happened to him?

> My intention is to find someone who has the brains and the geekness and who
> is willing to rewrite this tutorial on a public place especially even for
> beginners!

I and (at least) two other people used to do it.

Old article page (now deprecated):
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/

Some interesting versions...

Very first version:
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX?version=1

First version using Virtual Box:
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX?version=91

At one point we had three installation methods. A installation tutorial,
a shell script and a binary distribution.
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX?version=217

All historic versions are still alive:
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX?action=history

The more questions answered, even more new questions came up...

"We have a middlebox now. But how to add a hidden service? ... Are we
allowed to download operating system updates through Tor? What do we do
against identity correlation through circuit sharing?"

See the Dev page and the Dev archive for things we discussed:
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev
https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev/ArchivedDiscussion

The more security added, the more optional configurations added, the
bigger the tutorial became. After a becoming a documentation project, a
shell script to help with the many configuration scripts was created,
because that was still too difficult for many people, binary builds
(downloads) were created.

History of Whonix:
http://sourceforge.net/p/whonix/wiki/History/

> Unfortunately I don't have the full knowlege of all the involved parts.
> 
> But, I promise: If you write a noobfriendly HOWTO but more actual, in more
> detail and understandable for most people, I'll translate it to german!

I don't think there can be something like a noob friendly HOWTO. The
TorBOX developers were very serious about it and ended up with a
software project instead. Whonix:
https://sourceforge.net/p/whonix/wiki/Home/

A secure HOWTO, would be too big and therefore no longer noob friendly.
It's all too complex.

> I think there are a lot of advantages over the "standard" TOR installation.

Yes. Advantages, disadvantages and differences:

https://sourceforge.net/p/whonix/wiki/Comparison with Others/

> For example, no need for a proxy. And all those cryptic .onion links are
> simply machines (whithout ports). So you can set up your favorite Client to
> use OnionNet (IRC) by simply providing the .onion Address and the port
> (z.B. 6667).

Not that simple. See Stream Isolation:
https://sourceforge.net/p/whonix/wiki/Stream%20Isolation/

> And of course I would like to know what you guys think about the Idea and
> if this work makes sense in any way.

The idea is good. Makes sense. Carrying out failed. No one else was up
to it for years.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk