Tor Ramdisk Image
dante
dante at virtualblueness.net
Wed Jan 9 14:11:50 UTC 2008
Hi everyone,
I've constructed a micro linux system which lives on a small bootable ISO
image (about 4 MB) and which provides a secure environment purely in RAM to
host a TOR server. Privacy and anonymity is kept to a maximum by
turning off
logging at all levels, and since everything runs in ephemeral memory, no
information survives a reboot. To further ensure that nothing is leaked
during run-time, a hardened system is employed based on a monolithically
compiled GRSEC/PAX patched kernel with a hardened toolchain.
I figure this is useful for those who
1) want to run tor servers on old boxes
2) are concerned about security since tor servers are targeted
3) are worried about having their hard drives examined
The project is in beta right now and I am testing a middle man tor
router named 'RamOnly'.
I have yet to test an exit node. Everything appears to be working
fine. There are
only two disadvantages to this approache that I see right now:
1) router keys are lost upon reboot
2) a monolithically compiled kernel means that it is hardware specific
and so the user will have to rebuild their own ISO image.
I'm not sure of the best way to address 1 right now (keep the keys on a
usb drive? download
them from some url?). Issue 2 I will address by writing automated build
scripts once I
am happy with the approach. In the mean time, a howto can be found at
the following urls:
http://www.virtualblueness.net/~blueness/tor-ramdisk (slow)
ftp://cheshire.dyc.edu/pub/tor-ramdisk (faster)
ftp://ddl.dyc.edu/pub/tor-ramdisk (fastest)
I also provide some scripts to make life easier and two pre-built images
(i686 and amd64) that run in
vmware.
Yet to do:
1) Test an exit node, make sure proper DNS is working
2) Reduce the toolchain further to minimize attack vectors
3) Add RSBAC rules for increased security
4) Check/tighten PAX flags on executables for increased security
I invite comments/criticism.
More information about the tor-dev
mailing list