Silk Road forums

Discussion => Security => Topic started by: illuminat on April 21, 2013, 02:11 am

Title: Tor vpn question
Post by: illuminat on April 21, 2013, 02:11 am

I read somwhere I should use me+tor+vpn   not me+vpn+tor  is this correct, how do I do it?

also is it safe to use with mtgox

one more thing, anyone know how to get an invite from intersango.

Title: Re: Tor vpn question
Post by: astor on April 21, 2013, 03:07 am

Depends on what you want to accomplish. Tor over a VPN will hide your Tor use from a local observer like your ISP, since they will only see an encrypted connection to the VPN server. A VPN over Tor gives you an IP address that isn't a Tor exit node, so you *may* be able to access MtGox that way.

How you do it depends on the VPN protocol and software that you use. For OpenVPN, you would add these lines to the configuration:

socks-proxy 127.0.0.1 9150    # or 9050 for the Tor daemon
proto tcp                                  # because Tor doesn't carry UDP packets

Keep in mind that a VPN over Tor is useless unless you paid anonymously.

Title: Re: Tor vpn question
Post by: illuminat on April 21, 2013, 04:08 am

I paid with bitcoin.  I have mullvad vpn on tcp mode, tor is set to use 9050, what am I doing?

Title: Re: Tor vpn question
Post by: astor on April 21, 2013, 04:16 am

Hmmm yeah, won't connect for me either. Apparently it's more complicated than that, because OpenVPN changes the routing table, and thus the way Tor itself works. So the Tor instance should be on a different machine, like a gateway / anonymizing middle box.

I'll have to look into it.

Title: Re: Tor vpn question
Post by: illuminat on April 21, 2013, 04:50 am

I am using tor with mullvad vpn, is this safe?

Title: Re: Tor vpn question
Post by: astor on April 21, 2013, 05:02 am

That's fine.

I tried to follow these instructions to run a VM over Tor on the host OS:

http://www.howtoforge.com/how-to-set-up-a-tor-middlebox-routing-all-virtualbox-virtual-machine-traffic-over-the-tor-network

The idea is to setup the VPN in the VM. Unfortunately, I haven't gotten it to work, but you may have more luck.

Title: Re: Tor vpn question
Post by: BloodThinner on April 21, 2013, 06:09 am

How do you advertise SR in the streets when people think you fool of it.

Title: Re: Tor vpn question
Post by: Yoda on April 21, 2013, 12:23 pm

Quote from: BloodThinner on April 21, 2013, 06:09 am

How do you advertise SR in the streets when people think you fool of it.

Why would you want to advertise SR at all???


OP:
Some reading you may want to check out...
https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN

Quote

you -> Tor -> x

This is generally a really poor plan.

Some people do this to evade Tor bans in many places. (When Tor exit nodes are blacklisted by the remote server.)

(Read first for understanding: How often does Tor change its paths?.)

Normally Tor switches frequently its path through the network. When you choose a permanent destination X, you give away this advantage, which may have serious repercussions for your anonymity.

you -> Tor -> VPN/SSH

....in our experience, establishing VPN connections through Tor is chancy, and requires much tweaking.
.....the VPN/SSH can build a profile of everything you do, and over time that will probably be really dangerous. 

Title: Re: Tor vpn question
Post by: astor on April 21, 2013, 07:06 pm

So I tried it with Tor running on a separate machine and listening for Socks connections on its public IP.

I confirmed that the SocksPort was working by pointing my web browser and it and getting an exit node on the other end.

However, when I pointed OpenVPN at it, I got this error:

socks_handshake: server asked for username/login auth but we were not provided any credentials

It thinks that Tor is asking for a user/pass. Still investigating.