Sign in to follow this  
Followers 0
MondayMorning

Block all traffic except TOR traffic - Making sure nothing is sent insecurely

8 posts in this topic

Hey there

 

I am looking to achieve a secure encrypted computer so that when I connect through open wireless hotspots everything is encrypted and traffic is allowed only through TOR. Basically all that I am looking to achieve is that only TOR will be able to access the outside world. I would like to guarantee that on the Firewall level which is more secure than other techniques.

 

What I went about doing is

Going to Network packages and add 2 rules:

First : Block Any Network Activity

Second: Allow any Network activity from 127.0.0.1

 

Basically I thought that would be enough to achieve what I am looking for. Unfortuantely, I see TOR is unable to access the internet and build a secure channe. So I went further and created 3 rules which are application based:

Privoxy.exe - Allow any network activity

Tor.exe - Allow any network activity

Vidalia.exe - Allow any network activity

 

So it goes like in this order:

 

BLOCK Any Network Activity (This makes sure beyond doubt everything is first blocked)

ALLOW Any Network Activity from 127.0.0.1

ALLOW Any Network Activity from application Privoxy.exe

ALLOW Any Network Activity from application Tor.exe

ALLOW Any Network Activity from application Vidalia.exe

 

I thought that should do the trick but it doesn't! It should be very simple but I cannot browse the internet cause TOR simply cannot build the nodes.

 

Any help is appreciated.

Share this post


Link to post
Share on other sites

hello

BLOCK Any Network Activity

this has to be placed below the allow rules. rules are processed from up to down, so the first rules blocks any network activity, and it's done, the next rules aren't even accessed, connections match the first rule so they are handled according to it.

Edited by Lucian Bara

Share this post


Link to post
Share on other sites

Hello Lucian.

 

I don't understand what you mean. How can I move application rules to be before Packet Rules??

 

I attached a snapshot of my rules, can you please tell me what shall I do ?

 

Thank you very much

post-149569-1233233921_thumb.jpg

Share this post


Link to post
Share on other sites

you messed up the rules, you are not allowing packet level outgoing tcp and udp streams (which means for every application), just incoming, you have to also allow outgoing packets/streams. create the two packet rules, allowing outgoing traffic, set them to "According to application rules", go to the programs tab, right click the network access column for each group and set it to deny. afterwards look for tor and the other applications you want to allow and set it to allow.

Edited by Lucian Bara

Share this post


Link to post
Share on other sites
you messed up the rules, you are not allowing packet level outgoing tcp and udp streams (which means for every application), just incoming, you have to also allow outgoing packets/streams. create the two packet rules, allowing outgoing traffic, set them to "According to application rules", go to the programs tab, right click the network access column for each group and set it to deny. afterwards look for tor and the other applications you want to allow and set it to allow.

 

Hi Lucian,

 

When you said I messed up the rules. Do you mean (SEE 1ST ATTACHED IMAGE) these two lines should be omitted? That is very strange for me, since I didn't put these 2 rules in there myself. They were just there, never touched them. And they have been there for months and absolutely no problem at all with any program or any internet connection. So how come the system worked fine ? I puzzled.

 

So you mean I have to delete these two lines (Which were there by default) and put the 2 rules for the outgoing traffic? So it would look like the second picture I attached (SEE 2ND ATTACHED IMAGE)

 

I appreciate your look into it.

 

post-149569-1233358499_thumb.jpg

post-149569-1233358541_thumb.jpg

Share this post


Link to post
Share on other sites

no, don't delete any more rules, add two any outgoing tcp and any outgoing udp rules, above the two any incoming udp/tcp rules. set tem to "according to application rules". Afterwards go to the program tab and do what i said in the other post

Share this post


Link to post
Share on other sites
no, don't delete any more rules, add two any outgoing tcp and any outgoing udp rules, above the two any incoming udp/tcp rules. set tem to "according to application rules". Afterwards go to the program tab and do what i said in the other post

 

Thanks a lot!

That seems to do the trick

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0