[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] TOR middlebox and vm routing all traffic through tor



ghost:
> Hi tor-talk,
> I set up a tor middlebox and a VM that (hopefully) routes all traffic
> through tor. This way:
> http://www.howtoforge.com/how-to-set-up-a-tor-middlebox-routing-all-virtualbox-virtual-machine-traffic-over-the-tor-network
> 
> So am I right that I can use this vm as completely isolated "identity"?
> 
> And I've heard of malicious javascript, that could "break out" of TOR
> browser bundle and leak information and compromise your anonymity.
> But as ALL traffic is routed through tor from my vm, I'm safe?
> 
> What things have I to be aware of?
> 
> Regards,
> ghost
> 

There is tons of stuff that can go wrong:
- not using Tor Browser
- Tor over Tor
- identity correlation through circuit sharing
- malconfigured firewall
- IPv6 leak
- network time synchronization

And lots of questions open up:
- How to configure hidden services?

Look into https://www.whonix.org (Free Software & Open Source) - we've
been both, theoretically and practically, perusing this approach for
some time now.
-- 
tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx
To unsusbscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk