On 1/11/16, Oskar Wendel wrote:
> ...
> I have one more question. What are the drawbacks of not preserving Tor
> state directory between reboots? ...
> One drawback that I see is that after every reboot, a new entry guard will
> be selected and it can make correlation attacks easier.
this becomes
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Aeris :
>> I don't want to
>> give out a correlation between time of starting the client and time of my
>> Tor activities.
>
> Event with always connected client, you can be correlated :
> online : more Tor traffic (consensus + circuit + d
> I used a different approach - I used Socks5Proxy option
Yep, another solution
> I don't want to
> give out a correlation between time of starting the client and time of my
> Tor activities.
Event with always connected client, you can be correlated :
online : more Tor traffic (consen
Aeris :
> Let your network gateway (or each PC) forward all outgoing traffic (or only
> traffic to Tor node, with iptables + ipset) through your VPN.
I used a different approach - I used Socks5Proxy option in tor and set up
a small socks proxy on a server that listens on the VPN end (using ssh
> So you recommend manually specifying an entry guard, instead of letting
> Tor choose? Why?
Not at all.
Let your network gateway (or each PC) forward all outgoing traffic (or only
traffic to Tor node, with iptables + ipset) through your VPN. And use the
normal way a normal Tor client per PC, co
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
s7r :
> Periodic consensus downloads, as well as keeping always some fresh
> circuits on the list in order to attach streams to when requested via
> the SocksPort. In other words, not much traffic but not 0 traffic as well.
And what about a client th
Why do you absolutely want to route all your traffic through your VPN ?
You want to hide to your ISP the fact you use Tor ?
From my point of view, « secure » (no security possible without clean
specification of your threat model) network will be gateway of your network
with strong firewall allow
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hello,
Periodic consensus downloads, as well as keeping always some fresh
circuits on the list in order to attach streams to when requested via
the SocksPort. In other words, not much traffic but not 0 traffic as well.
Related to your other questio
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Oskar Wendel :
> 1. Maybe I should run a private (unpublished) bridge on the server and a
> tor client on my tor PC, that would be able to connect only to the bridge
> (through a VPN)? This way, all unencrypted traffic would never exit a tor
> PC.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
My current setup is fairly simple. Let me introduce some consistent naming
first.
- - server - my server (VPS) in the datacentre
- - router - a router in my home, it has a private VPN connection to the
server
- - tor PC - a PC on which I browse tor
10 matches
Mail list logo
