[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor VPN Server selfmade

To: tor-talk@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-talk] Tor VPN Server selfmade
From: grarpamp <grarpamp@xxxxxxxxx>
Date: Mon, 9 Jan 2012 18:27:41 -0500
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 09 Jan 2012 18:27:56 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=65QcYUzkXhojAQTJg170AD04RqwvhXoGFi3XQJwzhUI=; b=tadab1nybh+0axfY//v1cXyxUfluFq8hI0mfHYhJ6RKacEqJnX/zX6+RY0zgXHRxxE 45cvl3eAPY9YBO35NFHNvpHhOqRsUl4mZnGZetY0xkBdeypxZ17LygSST4RYQsU/ryge fkf2FzyNlSZJs0ZFz+o8AwIkJDwdcNxASdAPI=
In-reply-to: <N1-Lo9gR8E4uZ@xxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <N1-Lo9gR8E4uZ@xxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx

> The goal is to create a bulletproof environment where nothing can leak thought configuration mistakes, dns, java, flash, plugins and even side channel attacks, local infections, trojans...
> Additionally it's also nice to know that all applications can be torified even if they do not support proxy settings

> Initial step is to learn how to setup a VPN server and how to connect to a VPN server and to use it's internet connection. After that's done this internet connection needs to be torified.

You can't trust any machine to honor it's VPN, proxy, torify,
or any other settings when under attack. Most certainly not
a Windows box running all that stuff. The only way to do it
is to let the box of wayward software run free and insert
a packet filter on it's physical wire. Then smile while you run
whatever you want. If you put the box of junk in a VM and trust the
parent OS to corral the VM's net (which is reasonable), that's
fine too. But I wouldn't ever try to point some standalone box's
stack (under VM or not) to a VPN terminator like this. That's asking
for trouble.
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor VPN Server selfmade
  - From: hmoh

Prev by Author: Re: [tor-talk] A question about Tor & Hidden Services
Next by Author: Re: [tor-talk] Tor VPN Server selfmade
Previous by thread: [tor-talk] Tor VPN Server selfmade
Next by thread: Re: [tor-talk] Tor VPN Server selfmade
Index(es):
- Author
- Thread