[tor-talk] torjail - run programs in tor network namespace
Mirimir
mirimir at riseup.net
Wed Jul 25 08:14:12 UTC 2018
On 07/24/2018 07:58 AM, lesion wrote:
<SNIP>
> the whole point of torjail is to force all traffic via a virtual network
> interface that's routed into tor's sock5 (tor is started by torjail
> itself).
>
> an use case could be an hidden service:
> let's say you're running a website as an hidden service and your website got
> hacked. without torjail an attacker could found the real ip of your
> website easily.
True. But I'd rather use the Whonix approach. It's doable using two VPS.
That is, if the provider will cooperate. One VPS runs the web server,
and it has no Internet connectivity or public IP, just a private IP on a
local network. The other VPS runs the Tor client, and it has two
interfaces. One with Internet connectivity and a public IP. And the
other on the same local network as the server VPS. There's no routing on
the local network, just HiddenServicePort forwarding.
> thunderbird is another use case: if you got hacked, it's easier to
> deanonimize you without torjail.
I'd rather just use Whonix. But this is for sure a lot lighter.
> I hope this clarifies.
>
> https://torjail.github.io/
>
> ps.
> if you think the project's name is a real issue, suggestions are welcome :)
As others suggest, maybe OrJail, as with OrBot. I gather that TorBirdy
is OK, because it's a Tor Project app.
More information about the tor-talk
mailing list