IPB

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Block all traffic except TOR traffic - Making sure nothing is sent insecurely
MikeMM
post 28.01.2009 16:38
Post #1


Member
**

Group: Members
Posts: 21
Joined: 20.12.2008




Hey there

I am looking to achieve a secure encrypted computer so that when I connect through open wireless hotspots everything is encrypted and traffic is allowed only through TOR. Basically all that I am looking to achieve is that only TOR will be able to access the outside world. I would like to guarantee that on the Firewall level which is more secure than other techniques.

What I went about doing is
Going to Network packages and add 2 rules:
First : Block Any Network Activity
Second: Allow any Network activity from 127.0.0.1

Basically I thought that would be enough to achieve what I am looking for. Unfortuantely, I see TOR is unable to access the internet and build a secure channe. So I went further and created 3 rules which are application based:
Privoxy.exe - Allow any network activity
Tor.exe - Allow any network activity
Vidalia.exe - Allow any network activity

So it goes like in this order:

BLOCK Any Network Activity (This makes sure beyond doubt everything is first blocked)
ALLOW Any Network Activity from 127.0.0.1
ALLOW Any Network Activity from application Privoxy.exe
ALLOW Any Network Activity from application Tor.exe
ALLOW Any Network Activity from application Vidalia.exe

I thought that should do the trick but it doesn't! It should be very simple but I cannot browse the internet cause TOR simply cannot build the nodes.

Any help is appreciated.
Go to the top of the page
 
+Quote Post
Lucian Bara
post 28.01.2009 16:46
Post #2


Are You Kidding?
*****************

Group: Gold beta testers
Posts: 56947
Joined: 28.01.2006
From: Timisoara, Romania




hello
BLOCK Any Network Activity
this has to be placed below the allow rules. rules are processed from up to down, so the first rules blocks any network activity, and it's done, the next rules aren't even accessed, connections match the first rule so they are handled according to it.

This post has been edited by Lucian Bara: 28.01.2009 16:47
Go to the top of the page
 
+Quote Post
MikeMM
post 29.01.2009 16:59
Post #3


Member
**

Group: Members
Posts: 21
Joined: 20.12.2008




Hello Lucian.

I don't understand what you mean. How can I move application rules to be before Packet Rules??

I attached a snapshot of my rules, can you please tell me what shall I do ?

Thank you very much

Attached File(s)
Attached File  Rules.gif ( 42,65K ) Number of downloads: 22
 
Go to the top of the page
 
+Quote Post
Lucian Bara
post 29.01.2009 17:02
Post #4


Are You Kidding?
*****************

Group: Gold beta testers
Posts: 56947
Joined: 28.01.2006
From: Timisoara, Romania




you messed up the rules, you are not allowing packet level outgoing tcp and udp streams (which means for every application), just incoming, you have to also allow outgoing packets/streams. create the two packet rules, allowing outgoing traffic, set them to "According to application rules", go to the programs tab, right click the network access column for each group and set it to deny. afterwards look for tor and the other applications you want to allow and set it to allow.

This post has been edited by Lucian Bara: 29.01.2009 17:03
Go to the top of the page
 
+Quote Post
MikeMM
post 31.01.2009 03:36
Post #5


Member
**

Group: Members
Posts: 21
Joined: 20.12.2008




QUOTE(Lucian Bara @ 29.01.2009 17:02) *
you messed up the rules, you are not allowing packet level outgoing tcp and udp streams (which means for every application), just incoming, you have to also allow outgoing packets/streams. create the two packet rules, allowing outgoing traffic, set them to "According to application rules", go to the programs tab, right click the network access column for each group and set it to deny. afterwards look for tor and the other applications you want to allow and set it to allow.


Hi Lucian,

When you said I messed up the rules. Do you mean (SEE 1ST ATTACHED IMAGE) these two lines should be omitted? That is very strange for me, since I didn't put these 2 rules in there myself. They were just there, never touched them. And they have been there for months and absolutely no problem at all with any program or any internet connection. So how come the system worked fine ? I puzzled.

So you mean I have to delete these two lines (Which were there by default) and put the 2 rules for the outgoing traffic? So it would look like the second picture I attached (SEE 2ND ATTACHED IMAGE)

I appreciate your look into it.


Attached File(s)
Attached File  Rules.gif ( 6,17K ) Number of downloads: 8
Attached File  Rules2.gif ( 5,17K ) Number of downloads: 8
 
Go to the top of the page
 
+Quote Post
MikeMM
post 3.02.2009 16:25
Post #6


Member
**

Group: Members
Posts: 21
Joined: 20.12.2008




lucian can you please answer my last reply?
Go to the top of the page
 
+Quote Post
Lucian Bara
post 3.02.2009 16:47
Post #7


Are You Kidding?
*****************

Group: Gold beta testers
Posts: 56947
Joined: 28.01.2006
From: Timisoara, Romania




no, don't delete any more rules, add two any outgoing tcp and any outgoing udp rules, above the two any incoming udp/tcp rules. set tem to "according to application rules". Afterwards go to the program tab and do what i said in the other post
Go to the top of the page
 
+Quote Post
MikeMM
post 5.02.2009 16:44
Post #8


Member
**

Group: Members
Posts: 21
Joined: 20.12.2008




QUOTE(Lucian Bara @ 3.02.2009 16:47) *
no, don't delete any more rules, add two any outgoing tcp and any outgoing udp rules, above the two any incoming udp/tcp rules. set tem to "according to application rules". Afterwards go to the program tab and do what i said in the other post


Thanks a lot!
That seems to do the trick
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic

 



Lo-Fi Version Time is now: 23.10.2014 07:45