Changes between Version 12 and Version 13 of doc/TorPlusVPN


Ignore:
Timestamp:
Apr 11, 2012, 7:21:29 PM (8 years ago)
Author:
proper
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • doc/TorPlusVPN

    v12 v13  
    3434Some people under some circumstances (country, provider) are forced to use a VPN or a proxy to connect to the internet. Other people want to do that for other reasons, which we will also discuss.
    3535
    36 == you -> VPN -> Tor ==
    37 You can route Tor through VPN services. That prevents your ISP etc from seeing that you're using Tor. Generally, VPNs are more popular than Tor, so you won't stand out as much. Once the VPN client has connected, the VPN tunnel will be the machine's default Internet connection, and the Tor Browser Bundle will route through it.
     36== you -> VPN/SSH -> Tor ==
     37You can route Tor through VPN/SSH services. That prevents your ISP etc from seeing that you're using Tor. Generally, VPNs are more popular than Tor, so you won't stand out as much. SSH tunnels are not so popular.
    3838
    39 This can be a fine idea, assuming your VPN provider's network is in fact sufficiently safer than your own network.
     39Once the VPN client has connected, the VPN tunnel will be the machine's default Internet connection, and the Tor Browser Bundle will route through it.
    4040
    41 Another advantage here is that it prevents Tor from seeing who you are behind the VPN. So if somebody does manage to break Tor and learn the IP address your traffic is coming from, but your VPN was actually following through on their promises (they won't watch, they won't remember, and they will somehow magically make it so nobody else is watching either), then you'll be better off.
     41This can be a fine idea, assuming your VPN/SSH provider's network is in fact sufficiently safer than your own network.
     42
     43Another advantage here is that it prevents Tor from seeing who you are behind the VPN/SSH. So if somebody does manage to break Tor and learn the IP address your traffic is coming from, but your VPN/SSH was actually following through on their promises (they won't watch, they won't remember, and they will somehow magically make it so nobody else is watching either), then you'll be better off.
    4244
    4345== you -> proxy -> Tor ==
     
    5557Normally Tor switches frequently its path through the network. When you choose a permanent destination X, you give away this advantage, which may have serious repercussions for your anonymity.
    5658
    57 == you -> Tor -> VPN ==
    58 You can also route VPN services through Tor. That hides and secures your Internet activity from Tor exit nodes. Although you are exposed to VPN exit nodes, you at least get to choose them. If you're using VPNs in this way, you'll want to pay for them anonymously (cash in the mail [beware of your fingerprint and printer fingerprint], Liberty Reserve, well-laundered Bitcoin, etc).
     59== you -> Tor -> VPN/SSH ==
     60You can also route VPN/SSH services through Tor. That hides and secures your Internet activity from Tor exit nodes. Although you are exposed to VPN/SSH exit nodes, you at least get to choose them. If you're using VPN/SSHs in this way, you'll want to pay for them anonymously (cash in the mail [beware of your fingerprint and printer fingerprint], Liberty Reserve, well-laundered Bitcoin, etc).
    5961
    6062However, you can't readily do this without using virtual machines. And you'll need to use TCP mode for the VPNs (to route through Tor). In our experience, establishing VPN connections through Tor is chancy, and requires much tweaking.
    6163
    62 Even if you pay for them anonymously, you're making a bottleneck where all your traffic goes -- the VPN can build a profile of everything you do, and over time that will probably be really dangerous.
     64Even if you pay for them anonymously, you're making a bottleneck where all your traffic goes -- the VPN/SSH can build a profile of everything you do, and over time that will probably be really dangerous.
    6365
    6466== you -> Tor -> proxy ==
     
    7375
    7476= you -> your own (local) VPN server -> Tor =
    75 This is different from above. You do not have to pay a VPN provider here as you host your own VPN server. This won't protect you from your ISP of seeing you connect to Tor and this also won't protect you from spying Tor exit servers. This is done to enforce that all your traffic goes through Tor. Further read: https://trac.torproject.org/projects/tor/wiki/doc/TorVPN If you want this, it may unnecessary to use VPN, a simple Tor-Gateway may be easier https://trac.torproject.org/projects/tor/wiki/doc/TorBOX.
     77This is different from above. You do not have to pay a VPN provider here as you host your own local VPN server. This won't protect you from your ISP of seeing you connect to Tor and this also won't protect you from spying Tor exit servers.
     78
     79This is done to enforce, that all your traffic routes through Tor without any leaks. Further read: [https://trac.torproject.org/projects/tor/wiki/doc/TorVPN TorVPN]. If you want this, it may unnecessary to use VPN, a simple Tor-Gateway may be easier, for example [https://trac.torproject.org/projects/tor/wiki/doc/TorBOX TorBOX].
    7680
    7781= sources =