[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Silk Road taken down by FBI



On Tue, 08 Oct 2013 01:20:36 +0000
mirimir <mirimir@xxxxxxxxxx> allegedly wrote:

> On 10/06/2013 10:32 AM, mick wrote:
> >>
> > Forgive me, I'm not sure I understand this. Could you elaborate
> > please on the nesting of the VPN tunnels with Tor? Since Tor does
> > not (currently) support UDP, what architectural model do you have
> > in mind? (e.g. openVPN tunnelled through openVPN to a Tor guard
> > entry?)
> 
> Yes, Tor supports only TCP. But OpenVPN can optionally use TCP, and
> once the VPN tunnel is established, it supports both TCP and UDP
> traffic. It's easy to tunnel a VPN through Tor using Whonix in
> VirtualBox. First get a free SecurityKISS account. Then install
> network-manager-openvpn on the Whonix workstation, and configure
> Network Manager for SecurityKISS in TCP mode. By default, Whonix will
> use the transproxy port for OpenVPN. Once the VPN tunnel is up, you
> can use both TCP and UDP with remote sites. However, you can't access
> hidden services, for obvious reasons.
> 
> You can also run an OpenVPN server in TCP mode as a Tor hidden
> service. You install the server on the Whonix workstation, and
> configure torrc on the Whonix gateway. Alternatively, you can use
> ra's Tor gateway, which is an OpenWRT VM with a Tor client and DHCP
> server, plus a Debian VM for the OpenVPN server.
> 
> More generally, you can use multiple pfSense router/firewall VMs as
> clients for various VPN providers, and OpenWRT Tor gateway VMs.
> Internet traffic routing reflects the local routing of gateway VMs.
> 

Mirimir

Thank you for taking the time to reply. I haven't used whonix so
far, but now I think I'll have a play to make sure I can get it set up
properly.

Best

Mick 
---------------------------------------------------------------------

 Mick Morgan
 gpg fingerprint: FC23 3338 F664 5E66 876B  72C0 0A1F E60B 5BAD D312
 http://baldric.net

---------------------------------------------------------------------

Attachment: signature.asc
Description: PGP signature

-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk