> > The goal is to create a bulletproof environment where nothing can leak > > thought configuration mistakes, dns, java, flash, plugins and even side > > channel attacks, local infections, trojans... > > Additionally it's also nice to know that all applications can be torified > > even if they do not support proxy settings > > > Initial step is to learn how to setup a VPN server and how to connect to a > > VPN server and to use it's internet connection. After that's done this > > internet connection needs to be torified. > > You can't trust any machine to honor it's VPN, proxy, torify, > or any other settings when under attack. Most certainly not > a Windows box running all that stuff. The only way to do it > is to let the box of wayward software run free and insert > a packet filter on it's physical wire. Then smile while you run > whatever you want. If you put the box of junk in a VM and trust the > parent OS to corral the VM's net (which is reasonable), that's > fine too. But I wouldn't ever try to point some standalone box's > stack (under VM or not) to a VPN terminator like this. That's asking > for trouble.
I agree. If I understand everything correctly your advice has been incorporated into the TorVPN server guide. By the way the guide is done, now needs feedback and testing. https://trac.torproject.org/projects/tor/wiki/doc/TorVPN _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk