[tor-talk] Tor VPN Server selfmade
grarpamp
grarpamp at gmail.com
Mon Jan 9 23:27:41 UTC 2012
> The goal is to create a bulletproof environment where nothing can leak thought configuration mistakes, dns, java, flash, plugins and even side channel attacks, local infections, trojans...
> Additionally it's also nice to know that all applications can be torified even if they do not support proxy settings
> Initial step is to learn how to setup a VPN server and how to connect to a VPN server and to use it's internet connection. After that's done this internet connection needs to be torified.
You can't trust any machine to honor it's VPN, proxy, torify,
or any other settings when under attack. Most certainly not
a Windows box running all that stuff. The only way to do it
is to let the box of wayward software run free and insert
a packet filter on it's physical wire. Then smile while you run
whatever you want. If you put the box of junk in a VM and trust the
parent OS to corral the VM's net (which is reasonable), that's
fine too. But I wouldn't ever try to point some standalone box's
stack (under VM or not) to a VPN terminator like this. That's asking
for trouble.
More information about the tor-talk
mailing list