[tor-talk] Tor VPN Server selfmade
hmoh at Safe-mail.net
hmoh at Safe-mail.net
Tue Jan 10 04:15:16 UTC 2012
> > The goal is to create a bulletproof environment where nothing can leak thought configuration mistakes, dns, java, flash, plugins and even side channel attacks, local infections, trojans...
> > Additionally it's also nice to know that all applications can be torified even if they do not support proxy settings
>
> > Initial step is to learn how to setup a VPN server and how to connect to a VPN server and to use it's internet connection. After that's done this internet connection needs to be torified.
>
> You can't trust any machine to honor it's VPN, proxy, torify,
> or any other settings when under attack. Most certainly not
> a Windows box running all that stuff. The only way to do it
> is to let the box of wayward software run free and insert
> a packet filter on it's physical wire. Then smile while you run
> whatever you want. If you put the box of junk in a VM and trust the
> parent OS to corral the VM's net (which is reasonable), that's
> fine too. But I wouldn't ever try to point some standalone box's
> stack (under VM or not) to a VPN terminator like this. That's asking
> for trouble.
I agree. If I understand everything correctly your advice has been incorporated into the TorVPN server guide.
By the way the guide is done, now needs feedback and testing.
https://trac.torproject.org/projects/tor/wiki/doc/TorVPN
More information about the tor-talk
mailing list