[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tor-talk] Tor -> VPN Clarification



VPN + Tor may also be useful if you're on a connection where you definitely don't want your local ISP (or perhaps someone else on/with access to the same network) to see that you're using Tor.

In this case, the ISP may not be a BT or a Verizon, but a hotel wireless provider, employer, starbucks etc.

In that instance, the local ISP might also object to a VPN, of course, but generally speaking a VPN (or an SSH tunnel) is generally seen as 'OK'.

What you're doing there, though, is shifting the trust you'd normally have for your/an ISP to the VPN provider which may or may not prove wise in the long run.

On Fri, Jan 30, 2015 at 10:30 AM, Bill Berry <bill@techwang.com> wrote:
This image explains VPN + tor quite well;

https://vigilantcanuck.files.wordpress.com/2015/01/vpn-tor.png

IMO this setup is a pretty sensible idea given the recent de-anonymisation attacks (e.g. CMU). If your Tor connection gets comprimised, all the Feds have (hopefully) is your VPN IP.

The best way to set this up is VPN at a router level (e.g. http://wiki.hidemyass.com/OpenWRT_OpenVPN_Setup), then run Tails or Tor browser on your laptop.


On 30/01/15 10:15, Cyrus wrote:
Squeak:
Hello,

Relative newbie here, and I was wondering if someone could help me with
something please. I keep seeing people describing connections to the Tor
and is VPN connections in the following two ways:

Tor -> VPN
VPN -> Tor

So if I fire up Tunnelblick, connect to my VPN provider and then open
TBB which of the above does this describe?  And also, is there a
recommended way of connecting these two technologies?
You connect to Tor through the VPN in this case.

PC <=> Internet <=> VPN server <=> Internet <=> Tor Network <=> Internet

Another thing I've noticed is in the Tunnelblick client that there is an
option to connect to a Socks5 proxy, this suggests to me that I can send
the VPN connection through the Tor network.  But I am confused as to why
one would want to do this, and what the benefits/disadvantages might be?
If you don't want a log of your actual IP, doing this would be a
benefit. Though if they already have logged where you are once as a
customer, the point of this is moot. If you had a different account, you
could then use the VPN anonymously.
Really appreciate any help you guys could give me!

Squeak




--
--
High quality Shiba Inu at the right price! Quality dogs for over 15 years!


--
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk



--
Ben Tasker
https://www.bentasker.co.uk