[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [jarusl@xxxxxxxxxxxxxxxxxxx: Tor proxy for Virtual Machines]

To: Nick Mathewson <nickm@xxxxxxxxxxxxx>, or-dev@xxxxxxxxxxxxx
Subject: Re: [jarusl@xxxxxxxxxxxxxxxxxxx: Tor proxy for Virtual Machines]
From: Kyle Williams <kyle.kwilliams@xxxxxxxxx>
Date: Fri, 28 Mar 2008 14:46:18 -0700
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-dev-outgoing@xxxxxxxx
Delivered-to: or-dev@xxxxxxxx
Delivery-date: Fri, 28 Mar 2008 17:44:15 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; bh=mgGzZphyMuiePpeaRmg2BQuhOGzmpsX4aqFR9JZbFos=; b=qZEEq9+WxSjKw02nlUAkLV96zwmgR7N61/M7UfnVftAASDo4nVueRyMW6sIbxFVVeSpbuaNVhx5MMtDHu+Qx7rnJsU74njXoshpGVpV9eD29ouhqmmwsxbPXuRVjM80d0qa0Wjbn4Wwg5k5YSzhxlL6ArDZTiCTtsqpG+1aRfCI=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:user-agent:mime-version:to:subject:references:in-reply-to:x-enigmail-version:content-type:content-transfer-encoding; b=lBVywOQNDcmodrpimBt2MGQQgf2/8ed/4VEi+iWqyaE8fZC7hM8GvbLNE4R+fqN6uj5iRsMkgUXYfzk5gRwSzJaMq28vQ3J7QQ0IyomnxGBEkjY1ihVzXznKCFno4X5p5uWmNjxqhXCJj3z/JnpHmSQed/Ke2nPm9ea7cIBjZf4=
In-reply-to: <20080328174123.GO26841@xxxxxxxxxxxxxx>
References: <20080328174123.GO26841@xxxxxxxxxxxxxx>
Reply-to: or-dev@xxxxxxxxxxxxx
Sender: owner-or-dev@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.9 (Windows/20071031)

I've seen this and it is very interesting. I like how reference 16points to JanusVM, which basically does the same thing. JanusVM alsoworks with Qemu that has been patched to work with LibPCAP.

However, the crutch with both projects being "... that you have the PCAPand LIBNET libraries installed." Which really isn't much.

With JanusVM the host OS is using the guest OS to transport traffic overTor.With TorVTL the guest OS is using Tor from the host OS to transporttraffic. I would imagine you could run this inside a VM too if one sodesired.


Very nice. :)

- Kyle


Nick Mathewson wrote:

Forwarding this with permission.  It looks like interesting work,
especially for people pursuing VM-based anonymization strategies.

----- Forwarded message from "John R. Lange" <jarusl@xxxxxxxxxxxxxxxxxxx> -----

From: "John R. Lange" <jarusl@xxxxxxxxxxxxxxxxxxx>
To: tor-volunteer@xxxxxxxxxxxxxx
Subject: Tor proxy for Virtual Machines
X-Spam-Level:
Hi,
As part of one of our research projects, I put together a small proxy toolthat anonymizes all TCP and DNS traffic originating in a virtual machine(at least with VMWare or Xen). It currently runs under linux, but containsvery early support for Windows.
It plugs in beneath the Virtual Machine Monitor, so it is capable ofproviding TOR support for any application+OS combination without anyconfiguration or special proxy tool needing to be installed in the guestenvironment.
It works by configuring a VM's network adapter to connect to a host-onlynetwork, where none of the packets are ever transmitted out of the hostmachine. Every ethernet packet coming from the VM is then captured andtranslated into SOCKs traffic that is forwarded to a TOR proxy. If thepacket is not supported then it is simply dropped and is never transmittedon the network.
More info on the tool can be found here:
http://www.artifex.org/~jarusl/TorVTL/

While the paper can be found here:
http://www.artifex.org/~jarusl/research/pubs/hpdc07-vtl.pdf
I'm unsure whether this will be of any interest to people, but I figuredI'd let you know.
regards
--Jack
Jack Lange ; NU CS ; jarusl@xxxxxxxxxxxxxxxxxxx
http://www.cs.northwestern.edu

----- End forwarded message -----

References:
- [jarusl@xxxxxxxxxxxxxxxxxxx: Tor proxy for Virtual Machines]
  - From: Nick Mathewson

Prev by Author: Re: select()
Next by Author: Re: Improving the robustness of Tor Check
Previous by thread: [jarusl@xxxxxxxxxxxxxxxxxxx: Tor proxy for Virtual Machines]
Index(es):
- Author
- Thread