Main Area and Open Discussion > General Software Discussion

Question about setting up a Tor router

<< < (2/3) > >>

Renegade:
This is such a fun topic that I must grab myself another vodka before starting in on it...

Back! :)

Yes, it's possible, but why would you want to?-Renegade (April 13, 2011, 12:28 AM)
--- End quote ---

Primarily curiosity.

It will slow down your transfers a lot.-Renegade (April 13, 2011, 12:28 AM)
--- End quote ---

Anytime encryption is involved, I assume performance will be sacrificed (that's just the nature of making any given workload bigger than it was to start with). Out side of that, is there and additional performance hit?
-Stoic Joker (April 13, 2011, 06:51 AM)
--- End quote ---


Yes. The way the network works is to route traffic through many clients. This slows down traffic much more than a normal connection.


If you could get the TOR client to act as a proxy server, then route everything through that, tada!-Renegade (April 13, 2011, 12:28 AM)
--- End quote ---

 think I'm missing the distinction. A proxy is/would be at the network edge anyhow ... So why not just make it the router and then let the servers (only) bypass the Onion part?-Stoic Joker (April 13, 2011, 06:51 AM)
--- End quote ---


However you work it out, your LAN connects to the WAN. TOR acts to route traffic through its network on the WAN. So no matter what, if you're using it as a proxy from inside the LAN or setting it up as a kind of router, the effect is the same.


If you're looking for anonymity, try www.iPredator.se. It's a VPN with no client records kept. They don't keep payment info, and they don't keep logs. It also slows down though. But it's easy.-Renegade (April 13, 2011, 12:28 AM)
--- End quote ---

I don't really have anything specific to hide ... I'm just curious about the technology ... And was thinking of doing some "Live Fire" testing with it.-Stoic Joker (April 13, 2011, 06:51 AM)
--- End quote ---


It's been a while, but I think you can do what you're looking to, but again, if I remember properly, you'll need some C++. The source is available.

Check out the bottom of the download page:

http://www.torproject.org/download/download.html.en

They have a lot of information there that can provide hints on how it works and insight into what you're looking to do.


I've also been seriously thinking of switching ISPs (to a fiber connection) and a Linux box flavored router solution might be fun when I do it.
-Stoic Joker (April 13, 2011, 06:51 AM)
--- End quote ---


I also weep... with jealousy... I used to live in Gangnam Gu in Seoul, with the fastest residential connections on the planet... and I miss them terribly... :( ;-(


Anyways, I hope that helps point in the right direction somewhat.

Renegade:
ACK~!

In all my excitement and vodka, I forgot to mention a critical fact...

TOR is not encryption. It is anonymous. You need to provide your own encryption over the network. This is really important and a common point of confusion with TOR.

f0dder:
Hm, isn't there any encryption going on between the TOR nodes? Thought there was. Nevertheless, you do need SSL/whatever, otherwise some nodes inbetween could be sniffing traffic. Also, google around a bit, there's various attacks against TOR - it's not 100% security.

TL;DR: if you're doing anything risky (whistleblowing, hacking, or just about anything in China) you'll need to combine TOR with access from "somewhere not home" - preferably public or "borrowed" WiFi with a cloned MAC.

As for encryption overhead, it wouldn't be noticeable unless you had sick bandwidth - more than a saturated 100mbit link. And since TOR goes through a lot of little-guy home links, you'll be lucky to see 100kbyte/s.

Stoic Joker:
This is such a fun topic that I must grab myself another vodka before starting in on it...

Back! :) -Renegade (April 13, 2011, 08:52 AM)
--- End quote ---

Vodka! Uh oh...  :D


Yes, it's possible, but why would you want to?-Renegade (April 13, 2011, 12:28 AM)
--- End quote ---

Primarily curiosity.

It will slow down your transfers a lot.-Renegade (April 13, 2011, 12:28 AM)
--- End quote ---

Anytime encryption is involved, I assume performance will be sacrificed (that's just the nature of making any given workload bigger than it was to start with). Out side of that, is there and additional performance hit?
-Stoic Joker (April 13, 2011, 06:51 AM)
--- End quote ---


Yes. The way the network works is to route traffic through many clients. This slows down traffic much more than a normal connection.-Renegade (April 13, 2011, 08:52 AM)
--- End quote ---

So we get traffic shaping backwards, and all the messangers are on tricycles. Well that sucks.


If you could get the TOR client to act as a proxy server, then route everything through that, tada!-Renegade (April 13, 2011, 12:28 AM)
--- End quote ---

 think I'm missing the distinction. A proxy is/would be at the network edge anyhow ... So why not just make it the router and then let the servers (only) bypass the Onion part?-Stoic Joker (April 13, 2011, 06:51 AM)
--- End quote ---


However you work it out, your LAN connects to the WAN. TOR acts to route traffic through its network on the WAN. So no matter what, if you're using it as a proxy from inside the LAN or setting it up as a kind of router, the effect is the same. -Renegade (April 13, 2011, 08:52 AM)
--- End quote ---

So... Either way it still sucks the same - Which is where I was at before. You threw me with the Tada ... But I'm guessing that's a because you can shut it off Tada...Yes?


I also weep... with jealousy... I used to live in Gangnam Gu in Seoul, with the fastest residential connections on the planet... and I miss them terribly... :( ;-( -Renegade (April 13, 2011, 08:52 AM)
--- End quote ---

I set up a client's network on it, selected a workstation at random, ran a speed test, got 35Mbps, aaannd almost shit myself.

Anyways, I hope that helps point in the right direction somewhat. -Renegade (April 13, 2011, 08:52 AM)
--- End quote ---

Yes, you talked me out of it. Thank you.

Stoic Joker:
Hm, isn't there any encryption going on between the TOR nodes? Thought there was. Nevertheless, you do need SSL/whatever, otherwise some nodes inbetween could be sniffing traffic. -f0dder (April 13, 2011, 01:16 PM)
--- End quote ---

That's the impression I had also. The SSL/VPN is/was only for the last mile when traffic hits the Tor exit point.

Also, google around a bit, there's various attacks against TOR - it's not 100% security.-f0dder (April 13, 2011, 01:16 PM)
--- End quote ---

hehe What is these days...  :D

TL;DR: if you're doing anything risky (whistleblowing, hacking, or just about anything in China) you'll need to combine TOR with access from "somewhere not home" - preferably public or "borrowed" WiFi with a cloned MAC.-f0dder (April 13, 2011, 01:16 PM)
--- End quote ---

I keep my hacking activities restricted to networks I've been authorized to penetrate. ;)

As for encryption overhead, it wouldn't be noticeable unless you had sick bandwidth - more than a saturated 100mbit link. And since TOR goes through a lot of little-guy home links, you'll be lucky to see 100kbyte/s.-f0dder (April 13, 2011, 01:16 PM)
--- End quote ---

To be fair I am reflexively a bit harsh regarding encryption. But it just irks me when it keeps being pitched as a security magic bullet. Seen too many $3,000+ C2G VPN setups that took the (4 digit) street address (or worse) as a pass key.

Navigation

[0] Message Index

[#] Next page

[*] Previous page