[tor-talk] funnel many computers through one TBB?

Luther Blissett lblissett at paranoici.org
Mon Oct 14 19:32:01 UTC 2013 

On Fri, 2013-10-11 at 21:45 +0200, Moritz Bartl wrote:
> On 10/11/2013 08:32 PM, Rhona Mahony wrote:
> > Friend J doesn't want to install a Tor Browser Bundle on each of the 50
> > computers in his company.  Can he install one TBB on his router and
> > configure it so that it sends his employees' browser traffic through the
> > Tor network?  Is it advisable?  Where are instructions?  So sorry that I
> > couldn't find them.  Shall I persuade him instead to do the 50
> > installations of TBB?
> 
> The problem is that you really want everyone to be using the Tor
> Browser. While you can centralize Tor itself, there is currently no
> support for an "external Tor" in Tor Browser.
> 
> Also, an attacker in the internal network could see the traffic from
> your application(s) to Tor.
> 
> All in all, it is better to roll out TBB on all clients. With 50
> machines, the company should have a way to easily distribute the TBB
> archive plus a shortcut anyway. They should also think about an update
> strategy.
> 
> -- 
> Moritz Bartl
> https://www.torservers.net/

I do not think that 50 TBB would be better than the solution proposed by
Griffin! If all machines are accessing the internet though one gateway
or a couple of them, it makes more sense to have tor node running on
those gates and directing the internal machines traffic to tor socks
host/port.

Security of data transit on the inside should be deployed by means of
public/private key pair encryption between internal machines and
gateway.

-- 
Do not forget that we are cattle on an animal farm which is managed and
handled mostly by machines. Machines do what they are/were told to. What
lies in between stdin and stdout and is not shown in stderr?

GPG: 0x48BE63E6

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20131014/7897238d/attachment.sig>

More information about the tor-talk mailing list