[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor as a network filter

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor as a network filter
From: WhonixQubes <whonixqubes@xxxxxxxxxx>
Date: Mon, 09 Feb 2015 15:53:10 +0000
Cc: spencerone@xxxxxxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 09 Feb 2015 10:53:22 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1423497191; bh=1StpYwAUmZbTy3sWpZ+7/uinsaNO2JPSR5a0uReaOXU=; h=Date:From:To:Cc:Subject:In-Reply-To:References:From; b=qRZCS84PxOYcHM1M9EuOjBEiuFCfoub3Qtw37/S1HYk1t8fhdFix8vCBHJmbLPYKC wxmh5FGD0smDoOnppuLgGSxfczp1ip90mJduTMjggdTIWNfL//fkYCGaYm2abcYo1Z 7dBef1iVFAL1dmg7P+/6QwzMp2VQzHzRe+OFG9h8=
In-reply-to: <54D8830A.3090204@xxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "all discussion about theory, design, and development of Onion Routing" <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <mailman.13.1423396802.4549.tor-talk@xxxxxxxxxxxxxxxxxxxx> <ddae15d25238d1049ffcf9bd4c270654@xxxxxxxxxxxxxxx> <54D8830A.3090204@xxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-talk" <tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx>
User-agent: Riseup mail

On 2015-02-09 9:51 am, Yuri wrote:

On 02/09/2015 00:55, spencerone@xxxxxxxxxxxxxxx wrote:
Yes, "..separate identification from routing.â, but isn't Torfiltering my connection to the internet by routing my connectionthrough its network? Because, if so, I am wondering if it is possibleto have that onion routing process do more than just automaticallyproxy my connection. I am thinking it could allow me to deny certainconnection attempts completely while allowing others. If applicationscan make connections to the internet through the Tor network, viaOrbot or TorBirdy, for example, how much control can I have over thison a desk/laptop environment?
Where would I look to find information on this? Is Vidalia or "systemTor" relevant to this?
No, tor doesn't filter anything. The closest definition of what tor is
would be "routing software". It routes user traffic through the
anonymization network. There is no degree of control in terms of what
is and isn't sent beyond the fact of connection. You need to really
read about tor in order to understand it. But "filter" concept doesn't
describe tor in any way. This is the misunderstanding.

Yuri



No problem. :)

Yuri is correct. Tor does not provide an internet filter forapplications.

Sounds like you are looking for what is known as an "ApplicationFirewall".

An application firewall would be on the desktop machine or as a separatemachine on the network, in-between your apps and the regular or Torinternet connection.

Then the rules you set for the application firewall would determinewhich apps get access to the internet or Tor, and at what times of day,for which users, etc.



Potential configurations might look like:

Applications --> Application Firewall --> Tor Network --> NormalInternet


Applications --> Application Firewall --> Normal Internet

Whonix works good for sending your OS's traffic through the Tor network.An application firewall could also be installed with Whonix or othersystems by the user to control the filtering of access on a perapplication basis.



WhonixQubes
--
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor as a network filter
  - From: spencerone
- Re: [tor-talk] Tor as a network filter
  - From: Yuri

Prev by Author: Re: [tor-talk] Tor as a network filter
Next by Author: Re: [tor-talk] Hidden Service (Nginx) setup guide
Previous by thread: Re: [tor-talk] Tor as a network filter
Next by thread: [tor-talk] Searching a contributor of yours
Index(es):
- Author
- Thread