Delivery-Date: Sun, 10 Jan 2016 11:37:33 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	RCVD_IN_DNSWL_MED,T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 9860D1E0183;
	Sun, 10 Jan 2016 11:37:31 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id C9B50380C4;
	Sun, 10 Jan 2016 16:37:23 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id F2210380B3
 for <tor-talk@lists.torproject.org>; Sun, 10 Jan 2016 16:37:19 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id q0C96KOiNaLQ for <tor-talk@lists.torproject.org>;
 Sun, 10 Jan 2016 16:37:19 +0000 (UTC)
Received: from plane.gmane.org (plane.gmane.org [80.91.229.3])
 (using TLSv1 with cipher AES256-SHA (256/256 bits))
 (Client did not present a certificate)
 by eugeni.torproject.org (Postfix) with ESMTPS id C0CF3380A8
 for <tor-talk@lists.torproject.org>; Sun, 10 Jan 2016 16:37:19 +0000 (UTC)
Received: from list by plane.gmane.org with local (Exim 4.69)
 (envelope-from <gno-or-talk-2@m.gmane.org>) id 1aIIzP-0003TV-Ns
 for tor-talk@lists.torproject.org; Sun, 10 Jan 2016 17:37:11 +0100
Received: from politkovskaja.torservers.net ([77.247.181.165])
 by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
 id 1AlnuQ-0007hv-00
 for <tor-talk@lists.torproject.org>; Sun, 10 Jan 2016 17:37:11 +0100
Received: from o.wendel by politkovskaja.torservers.net with local (Gmexim 0.1
 (Debian)) id 1AlnuQ-0007hv-00
 for <tor-talk@lists.torproject.org>; Sun, 10 Jan 2016 17:37:11 +0100
X-Injected-Via-Gmane: http://gmane.org/
To: tor-talk@lists.torproject.org
From: Oskar Wendel <o.wendel@wp.pl>
Date: Sun, 10 Jan 2016 16:37:02 +0000 (UTC)
Lines: 72
Message-ID: <n6u1bd$lk2$1@ger.gmane.org>
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: politkovskaja.torservers.net
Subject: [tor-talk] Help me secure my setup
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

My current setup is fairly simple. Let me introduce some consistent naming 
first.

- - server - my server (VPS) in the datacentre
- - router - a router in my home, it has a private VPN connection to the 
server
- - tor PC - a PC on which I browse tor

Currently tor client is running on the server and tor PC accesses its 
socks port through the VPN. All other Internet access from the tor PC 
is blocked on the router, so no leaks are possible. Tor PC has only 
one, internal IP.

Advantage is that in case of a raid, it would be done in the datacentre 
before raiding my home.

Major drawback is that it is possible for the attacker to hack into the 
server (or just seize it invisibly, as it's only virtual) and sniff on the 
localhost between the VPN end and socks port.

I've been recently thinking of different approaches.

1. Maybe I should run a private (unpublished) bridge on the server and a 
tor client on my tor PC, that would be able to connect only to the bridge 
(through a VPN)? This way, all unencrypted traffic would never exit a tor 
PC. This PC is secured enough to assume it's secure from being hacked 
into. It's also encrypted and never left unattended.

Additional question: if a tor client connects through a bridge, does it 
need to access other servers (like directory authorities) directly, or 
it would work if I give it access only to the bridge?

I'm a little scared of bridges, as they don't use guards (yet?) and they 
are less popular than traditional relays, so bugs in them are more likely 
to exist.

2. Maybe I should run a tor client on a separate machine in my home, 
between my tor PC and the router, and route all traffic from it through 
the VPN, so it would look like it originates from the server? This way 
all unencrypted traffic will still be inside my home and I would avoid 
using bridges.

3. Maybe I should modify point 1, but publish the bridge address? I'm 
tight on my bandwidth and I don't want to run a relay, but maybe this way, 
as the outgoing traffic originating from me will blend with outgoing 
traffic originating from other using my bridge, it would be more plausible 
to deny my activities if someone launches a correlation attack? They would 
have to correlate traffic entering and leaving my bridge with traffic on 
the exit node (or rendezvouz point, or any node in the path from an exit 
service to it), while in case of a client (or a private bridge), it would 
be sufficient to correlate the traffic on a guard (for client) or a middle 
node (for bridge) with the traffic on an exit node...

I'm much more concerned with anonymity accessing hidden services than with 
anonymity accessing clearnet services through exists, by the way.

- -- 
Oskar Wendel, o.wendel@wp.pl.REMOVE.THIS
Pubkey at https://pgp.mit.edu/pks/lookup?search=0x6690CC52318DB84C
-----BEGIN PGP SIGNATURE-----

iQEcBAEBAgAGBQJWkoicAAoJEGaQzFIxjbhMkO8H/i8EQjQmvFyILCzvXc725NTV
HGE6pSFEsZ5Fmk00nL6eaqxjc4DUqsjfpmno/Ad19aU+MA/85JRfp47Um/OkaDIM
vwi2JAfcG2QF9NJvZkwQxWHUHbsUXdyBNmd1h29bLGjXGETHFTmaVnCXuYAu8Stm
0jSHTG/Xf1vpRPlt+SRkP2MM/eqxVw+JGfZpfkFUuKjHif/Dye0JXJVkvs1MQvvw
5V6KqhplEo19caSHyhwXxS6DnumIQzNHNgMOMs75PbApSUADPczR6DIeWBiQL4fj
GgeTbnof/PK0Mx12o5/e3/zM7++pHdzIAPenDmrGOX1bftgWLnpvjFglE2Zikcg=
=LDvG
-----END PGP SIGNATURE-----

-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

