Changes between Version 50 and Version 51 of doc/TorBOX/BareMetalHints


Ignore:
Timestamp:
Jun 21, 2012, 12:39:02 AM (7 years ago)
Author:
cypherpunks
Comment:

BOX rename

Legend:

Unmodified
Added
Removed
Modified
  • doc/TorBOX/BareMetalHints

    v50 v51  
    33[https://trac.torproject.org/projects/tor/wiki/doc/TorBOX  TorBOX Homepage]
    44
    5 '''WARNING''': This article currently lacks information about Tor-Gateway's and Tor-Workstation's MAC address. See also [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/SecurityAndHardening#TorBOXsProtocol-Leak-ProtectionandFingerprinting-Protection TorBOX's Protocol-Leak-Protection and Fingerprinting-Protection], [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev#MacaddressesonBareMetalSECURITY Mac addresses on Bare Metal] and [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev#MacaddressinpublicnetworksSECURITY Mac address in public networks].
     5'''WARNING''': This article currently lacks information about TorBOX-Gateway's and TorBOX-Workstation's MAC address. See also [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/SecurityAndHardening#TorBOXsProtocol-Leak-ProtectionandFingerprinting-Protection TorBOX's Protocol-Leak-Protection and Fingerprinting-Protection], [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev#MacaddressesonBareMetalSECURITY Mac addresses on Bare Metal] and [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev#MacaddressinpublicnetworksSECURITY Mac address in public networks].
    66
    7 NOTE: The terminology "Bare Metal TorBOX" is no longer accurate. We do not refer to running a software on bare metal vs on a hypervisor. What this set up is actually about is to install Tor-Gateway and Tor-Workstation on two physical systems vs on a single one. We could need a better name for that...
     7NOTE: The terminology "Bare Metal TorBOX" is no longer accurate. We do not refer to running a software on bare metal vs on a hypervisor. What this set up is actually about is to install TorBOX-Gateway and TorBOX-Workstation on two physical systems vs on a single one. We could need a better name for that...
    88 * TorBOXπ or TorBOX-Pi for "physical isolation" - too cheesy?
    99 * π = ?
     
    1414When setting up TorBOX in the form of two VMs running on the same host, exploits targeting the VM implementation or the host can still break out of the torified Client VM and expose the IP of a user. Malware running on the host has full control over all VMs. To prevent against such attacks we need a different approach: In this context we called it "bare metal" because the gateway system is installed on separate hardware ("metal"). This drastically reduces the [https://en.wikipedia.org/wiki/Trusted_computing_base TCB] by more than the half.
    1515
    16 In total we'll be installing and configuring two computers and set up an isolated point to point network between them (you could also set up a an ordinary, completely isolated, LAN behind the Tor-Gateway but read this [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/SecurityAndHardening#RecommendationtousemultipleTor-Workstations NOTE]). One computer acts as the client or "Tor-Workstation", the other as a proxy or "Tor-Gateway" which will transparently route all of the Tor-Workstation's traffic through Tor.
     16In total we'll be installing and configuring two computers and set up an isolated point to point network between them (you could also set up a an ordinary, completely isolated, LAN behind the TorBOX-Gateway but read this [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/SecurityAndHardening#RecommendationtousemultipleTorBOX-Workstations NOTE]). One computer acts as the client or "TorBOX-Workstation", the other as a proxy or "TorBOX-Gateway" which will transparently route all of the TorBOX-Workstation's traffic through Tor.
    1717
    18 The Tor-Gateway on its own physical device can be running either directly on "bare metal" or inside a virtual machine. Both options have advantages and disadvantages. We recommend to use no additional Virtual Machine for the Tor-Gateway.
     18The TorBOX-Gateway on its own physical device can be running either directly on "bare metal" or inside a virtual machine. Both options have advantages and disadvantages. We recommend to use no additional Virtual Machine for the TorBOX-Gateway.
    1919
    2020== Using spare hardware + Virtual Machine ==
     
    3434
    3535= Prerequisites =
    36  * Tor-Gateway: A device with at least two network adapters, at least one of them ethernet^1^, capable of running Linux. It will run Ubuntu Server.^2^
     36 * TorBOX-Gateway: A device with at least two network adapters, at least one of them ethernet^1^, capable of running Linux. It will run Ubuntu Server.^2^
    3737   
    3838 ,, ^1^ The other one may be either an [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/BareMetalHints#anonymous3Gmodem anonymous 3G modem]; [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/BareMetalHints#anonymouswifiadapter anonymous wifi adapter], another ethernet or wifi connected to your modem/router.,, [[BR]]
    3939 ,, ^2^ Theoretically you could use any OS that supports iptables or pf. If you don't want to use Ubuntu Oneiric you will have to edit the shell script. This will be easy for Debian derivatives but much more difficult for *BSD for example. In any case, the choice of OS shouldn't really matter because this system isn't used for anything but running Tor. A cheap plug computer, something like Raspberry Pi or the hardware used by Torouter would be sufficient.,,
    4040 
    41  * Tor-Workstation: A device connected via ethernet to the Tor-Gateway. It must only have this one NIC and no other network connectivity! Must be connected by wire.^3^ This will be the torified client system or Tor-Workstation. It must be capable of running Ubuntu Server.^4^ [[BR]]
     41 * TorBOX-Workstation: A device connected via ethernet to the TorBOX-Gateway. It must only have this one NIC and no other network connectivity! Must be connected by wire.^3^ This will be the torified client system or TorBOX-Workstation. It must be capable of running Ubuntu Server.^4^ [[BR]]
    4242   We recommend to use a VM^5^ as the client, the same^6^ [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev/BuildDocumentation#CreateTor-Workstation.ova VM build]^7^ as the non-bare metal TorBOX uses.
    4343
    44  ,, ^3^ If you don't connect by wire, you significantly weaken isolation and security. One the Tor-Workstation were infected, it could jump onto another network and start leaking.,, [[BR]]
     44 ,, ^3^ If you don't connect by wire, you significantly weaken isolation and security. One the TorBOX-Workstation were infected, it could jump onto another network and start leaking.,, [[BR]]
    4545 ,, ^4^ Any OS can be used. But this is not recommended! If you do anyway, read warning, especially for Windows: [https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxyLeaks Transparent Proxy Leaks].,, [[BR]]
    4646 ,, ^5^ A VM hides hardware serial numbers. See also [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/SecurityAndHardening#RecommendationtousemultipleVMSnapshots Recommendation to use multiple VM Snapshots].,, [[BR]]
     
    4949
    5050= Time syncing =
    51 Please read and apply [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Readme#NetworkTimeSyncing "Network Time Syncing"] on both computers. This is a required step on the client computer because ntp doesn't work at all behind tor (it uses UDP) and if it did, it couldn't be trusted! It's also removed on both Tor-Workstation and Tor-Gateway by the the shell scripts.
     51Please read and apply [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Readme#NetworkTimeSyncing "Network Time Syncing"] on both computers. This is a required step on the client computer because ntp doesn't work at all behind tor (it uses UDP) and if it did, it couldn't be trusted! It's also removed on both TorBOX-Workstation and TorBOX-Gateway by the the shell scripts.
    5252
    53 = Install Tor-Gateway =
    54 ''' If the physical network (between tor-gateway and a router) uses 192.168.0.* you need to review and edit all shell scripts you are going to use and switch the internal network to something else!
     53= Install TorBOX-Gateway =
     54''' If the physical network (between TorBOX-Gateway and a router) uses 192.168.0.* you need to review and edit all shell scripts you are going to use and switch the internal network to something else!
    5555
    56 On the Client computer configure host and tor-workstation as detailed [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev/BuildDocumentation here] but:
     56On the Client computer configure host and TorBOX-Workstation as detailed [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev/BuildDocumentation here] but:
    5757
    5858 * Instead of setting Adapter 1 (eth0) to internal, you'll need to use bridged networking!
     
    6363    * now I see, we are talking about the t-w here, it's set to internal. Internal obviously doesn't work in BM. whether we use NAT or Bridged is still open to discussion (the edit has been reverted)
    6464
    65 == How To Install Tor-Gateway on bare metal [RECOMMENDED] ==
    66 For the Tor-Gateway follow these [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev/BuildDocumentation#CreateTor-Gateway.ova instructions] (ignoring VirtualBox sepecific steps) but:
    67  * Run tor-gateway.sh without the "-vm" option, this option is only suited for VMs!
     65== How To Install TorBOX-Gateway on bare metal [RECOMMENDED] ==
     66For the TorBOX-Gateway follow these [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/Dev/BuildDocumentation#CreateTor-Gateway.ova instructions] (ignoring VirtualBox sepecific steps) but:
     67 * Run TorBOX-gateway.sh without the "-vm" option, this option is only suited for VMs!
    6868 * If you want to use ssh from another computer you obviously can't use the provided commands (ssh on 127.0.0.1)
    6969 * eth0 needs to be configured according to the requirements of your local network, e.g. static or left as dhcp if the gateway is connected to a dhcp capable router.
    70  * Before running the Tor-Gateway script make sure eth1 and eth0 refer to the correct interfaces. Otherwise you have to change the variables in the script ('dmesg | grep eth' may be helpful).
     70 * Before running the TorBOX-Gateway script make sure eth1 and eth0 refer to the correct interfaces. Otherwise you have to change the variables in the script ('dmesg | grep eth' may be helpful).
    7171 * It's a good idea to set up FDE during installation
    72  * You need to configure the network settings for you external Interface. This should "just work" if you use Tor-Gateway behind an wired router that uses DHCP. For wlan follow the upstream documentations: [http://wiki.debian.org/WiFi debian wiki], [https://help.ubuntu.com/community/WifiDocs/WiFiHowTo Ubuntu help]
     72 * You need to configure the network settings for you external Interface. This should "just work" if you use TorBOX-Gateway behind an wired router that uses DHCP. For wlan follow the upstream documentations: [http://wiki.debian.org/WiFi debian wiki], [https://help.ubuntu.com/community/WifiDocs/WiFiHowTo Ubuntu help]
    7373
    74 == How To Install Tor-Gateway in a VM [UNTESTED / NOT RECOMMEND] ==
     74== How To Install TorBOX-Gateway in a VM [UNTESTED / NOT RECOMMEND] ==
    7575Generally follow the instructions above.
    7676
     
    8080
    8181= Further hints and recommendations =
    82 We recommend that you use two dedicated computers for TorBOX that are never used for activities that could lead back to your identity. Alternatively you can use an already existing and otherwise used computer for the tor-gateway. To offer some isolation you should disconnect all internal and external drives and boot from a eSATA, USB or another internal drive into a clean environment.
     82We recommend that you use two dedicated computers for TorBOX that are never used for activities that could lead back to your identity. Alternatively you can use an already existing and otherwise used computer for the TorBOX-Gateway. To offer some isolation you should disconnect all internal and external drives and boot from a eSATA, USB or another internal drive into a clean environment.
    8383
    8484=== non-anonymous use ===
     
    8787
    8888=== anonymous use ===
    89  * Tor-Gateway
     89 * TorBOX-Gateway
    9090   * This really does not have to be a big desktop computer or ordinary server. There are alternatives.
    9191   * smartphone ^1^, [https://en.wikipedia.org/wiki/Ultra-mobile_PC UMPC], pad, tablet, notebook, netbook, [https://en.wikipedia.org/wiki/Raspberry_Pi Raspberry Pi], router ^2^, set top box, etc.
    9292   * how to utilize such a device as a linux server is beyond the scope of this guide, there are already better resources
    9393 * anonymous 3G modem (see below) or anonymous wifi adapter (see below)
    94  * Tor-Workstation
     94 * TorBOX-Workstation
    9595   * You get the idea. Use a device which suits you.^1^
    9696
     
    100100=== anonymous 3G modem ===
    101101Normally your dial up or broadband provider knows your name, postal address and non-anonymous payment method. This is bad. Suppose Tor or TorBOX are compromised. An adversary just has to pressure your provider and can very easily find our your identity. This is not the case here.
    102  * plugged or integrated into Tor-Gateway
     102 * plugged or integrated into TorBOX-Gateway
    103103 * Buy the 3G modem anonymously [in a store, second hand, on street, no personal data].
    104104   * Be sure to have never used it for non-anonymous use before.
     
    115115=== anonymous wifi adapter ===
    116116Normally your dial up or broadband provider knows your name, postal address and non-anonymous payment method. This is bad. Suppose Tor or TorBOX are compromised. An adversary just has to pressure your provider and can very easily find our your identity. This is not the case here.
    117  * Plugged or integrated into Tor-Gateway.
     117 * Plugged or integrated into TorBOX-Gateway.
    118118 * Buy the wifi adapter anonymously [in a store, second hand, on street, no personal data].
    119119   * Be sure to have never used it for non-anonymous use before.