[tor-talk] torjail - run programs in tor network namespace
bicno at autistici.org
Mon Jul 23 07:51:53 UTC 2018
I want to share a project made in _to hacklab.
We would like to have some feedback about the project, particularly if you
find some way to deanonimize a program running in torjail, please, submit
We've tried to deanonimize a program executed in torsocks environment and
that was not so difficult as torsocks use LD_PRELOAD, so you only need to
statically compile your stuff. As whonix is sometimes too much, the idea is
to experiment with linux namespaces and learn by doing something useful
(at least for us).
# How it works
It creates a separated network namespace (using ip netns) with its own
network interface and a link to the host interface with some iptables rules
(on host) that force traffic generated from inside torjail to only exit via
tor (including dns).
Inside torjail you'll be in another pid namespace (this way you cannot
switch namespace), and another mount namespace (we use this to show a
# Firejail support
We support a nice `-f` flag for uso firejail in pair wit torjail as
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: not available
More information about the tor-talk