• XSS.stack #1 – первый литературный журнал от юзеров форума

TOR: the good honeypot

Отслеживать
Tor is great! Of course I dont use directly however, i only use it indirectly to connect to my infrastructure and use residential proxies to login to Cloud services when i need. Rest of the time i proxy through my VPS with port forwards and it's fine. Tor isnt bad once you know how to use it, if it was a honeypot we'd all be in jail :D
 
OP has failed to convince me about the supposedly faulty nature of TOR. The security implications of using the TOR network to access clearnet services are not the same of using the TOR network to communicate with hidden services. Therefore, a proper OPSEC requires you to understand the inner workings of it. Don't use TOR as a clearnet anonymizer.

Assuming you're using TOR only to communicate with hidden services, exit nodes are not involved. Your traffic goes through 6 nodes, and the only sides which can see the message is you and the destination hidden service. Hidden services are hardened to impersonation attacks by design, so you don't need to worry about MITM.

There is no point for unreasonable panic. "TorMoil" vulnerability was stupid and easy to avoid, you only had to not click on file:// links and disable redirections. Most de-anonymization attacks occurs on tor -> clearnet paths, de-anonymization on tor -> tor traffic is extremely difficult. No proof of reliable de-anonymization of tor traffic has been presented in this thread.

Relax, you're most likely safe, just take the precautions and sleep well.
 
I read the book Tracers in the dark, Global hunt of the crypto lords to see how all of these 4 individuals, including Dread Pirates of SilkRoad and the original owner of Alphabay, made as a mistake to learn a bit and all of them was rookie, stupid mistake.

1. Used his own email address for new account on his market
2. Showed and bragged off too much (cause someone to rat him, and he also put the same email of the shop on clearnet forum about coding)
3. Blockchain transactions

And in both of these dark web market, someone ratted on them. Dread Pirates was using simple Opsec, laptop with home or coffee shop wifi and TOR on the Host but everything was done on TOR so even when they were following him and they knew it was him, they couldn’t prove it and they catch him at the library on his laptop with the admin panel open. Same goes for Alphaby, they knew it was him but couldn’t prove because of TOR so they faked an accident outside of his house and he let his guard down and went to see and they arrested him with his laptop open on admin panel also..
 
man514lo сказал(а):
I read the book Tracers in the dark, Global hunt of the crypto lords to see how all of these 4 individuals, including Dread Pirates of SilkRoad and the original owner of Alphabay, made as a mistake to learn a bit and all of them was rookie, stupid mistake...
You will enjoy this talk
 
churk сказал(а):
Only custom cascading of diffefent hopes of Vpns, Tors, and such things is relatively a solution.

Like runing one Vpn on OpenWrt router, another Vpn on Linux Host Os, whonix gateway for Vm, connect maybe to some rdp, on rdp also another vpn. All from different providers and different sources.


And source of connection, ISP, is it on your name connection, is it from mobile device, from 4G router, is it hacked wifi... Plays much bigger role then people like to admit.

Who big of redfag is for ISP when they see big % of all packages on users connection going through Tor. Or if you just use single hop of one Vpn, they directly see at which IP you connect and can compare timestamps of that IP and your connection logs


i agree with this. just like tor. it is all based on how many layers of defense the user has. it also boils down to how high you are on the proverbial 'fruit tree' and how much resources/time an adversary is willing to use on you. using resources at hand like how you say openvpn router and using different type of vpns/vpses and utilizing rdps and reverse proxies to further mask the origin.

i think big thing is remaining mobile to. 4g usb dongle with mobile connection not tied to personal name into vpn router will allow to move around area ( especially in big metro area ) and work from anywhere not tied to personal name or identity. if worst came to light they get rough geographical area of yourself but again if in big metro area then it will be hard ( not impossible ) to trace you down.
 
man514lo сказал(а):
If you have more like this send to PM or any documents to read please, i been working on my ops lately and it’s rather confusing with everyone saying different or contradictory things ..
I dont have any secret resource at all, this forum is full of discussions and resources about opsec and security, you need to evaluate the things and make your choices based in the information you got. be careful with conspiracies.
 
Prokhorenco сказал(а):
Tor is great! Of course I dont use directly however, i only use it indirectly to connect to my infrastructure and use residential proxies to login to Cloud services when i need. Rest of the time i proxy through my VPS with port forwards and it's fine. Tor isnt bad once you know how to use it, if it was a honeypot we'd all be in jail :D
How do you configure proxies from vps for all traffic?

I do similar to access my vps but I am not positive all traffic is through proxy when it leaves. That is what I would like.
 
michael_ сказал(а):
How do you configure proxies from vps for all traffic?

I do similar to access my vps but I am not positive all traffic is through proxy when it leaves. That is what I would like.
Dynamic port fwd with SSH is all like
Код: 
ssh -T -N -D -p 22 127.0.0.1:18712 admin@1.3.3.7
 
admin


Напишите ответ...
  • Вставить:
Прикрепить файлы
Верх