[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor VPN Server selfmade



> > The goal is to create a bulletproof environment where nothing can leak thought configuration mistakes, dns, java, flash, plugins and even side channel attacks, local infections, trojans...
> > Additionally it's also nice to know that all applications can be torified even if they do not support proxy settings
> 
> > Initial step is to learn how to setup a VPN server and how to connect to a VPN server and to use it's internet connection. After that's done this internet connection needs to be torified.
> 
> You can't trust any machine to honor it's VPN, proxy, torify,
> or any other settings when under attack. Most certainly not
> a Windows box running all that stuff. The only way to do it
> is to let the box of wayward software run free and insert
> a packet filter on it's physical wire. Then smile while you run
> whatever you want. If you put the box of junk in a VM and trust the
> parent OS to corral the VM's net (which is reasonable), that's
> fine too. But I wouldn't ever try to point some standalone box's
> stack (under VM or not) to a VPN terminator like this. That's asking
> for trouble.

I agree. If I understand everything correctly your advice has been incorporated into the TorVPN server guide.

By the way the guide is done, now needs feedback and testing.

https://trac.torproject.org/projects/tor/wiki/doc/TorVPN
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk