public
/
torvm
Suivre 1
Ajouter aux favoris 0
Bifurcation 0
Code Tickets 0 Demandes d'ajout 0 Versions 0 Wiki Activité
How to make the perfect TOR VM in VirtualBox
Vous ne pouvez pas sélectionner plus de 25 sujets Les noms de sujets doivent commencer par une lettre ou un nombre, peuvent contenir des tirets ('-') et peuvent comporter jusqu'à 35 caractères.
24 Révisions
1 Branche
Aborescence: 949736d98b
Branches Tags
${ item.name }
Créer la branche ${ searchTerm }
de '949736d98b'
${ noResults }
torvm/README.md

README.md 2.8KB
Brut Annotations Historique

TORVM - a perfectly automated TOR VM

About

TORMV is an installation script to setup a pretty secure Linux VM (debian) for “super anonymous” browsing (might need to rework that description, but you get it).

Installation

  • install VirtualBox for your OS
  • create a new VM and make sure you have
    • enabled 3D acceleration
    • enabled NAT networking
  • download debian https://cdimage.debian.org/cdimage/buster_di_alpha5/amd64/iso-cd/debian-buster-DI-alpha5-amd64-netinst.iso (Buster is needed as it has an up-to-date enlightenment release)
  • install debian and make sure you do the following during installation:
    • select “Expert install” (under “Advanced options”) in grub
    • do not enable NTP, it will not work. Make sure your host has an accurate time, the guest will use it.
    • partition disk with LVM and crypto (use a long password, possibly a sentence)
    • don’t allow root login, create an anonymous user account (for example “user”)
    • unselect everything at tasksel (Desktop installation, print server,…)
  • finish install and reboot
  • after reboot, login and sudo su to become root
  • install git client apt-get install git
  • download installation setup git clone https://git.home.spale.com/home/torvm.git
  • in the VirtualBox VM “Devices” menu, select “Install Guest Additions CD Image…” (needed by the next step)
  • cd torvm and run ./install.sh (still as root)
  • reboot
  • gdm should start after boot and you can then login and follow the setup wizard of enlightenment

What’s in the installer script ?

  • Install various packages including but not limited to, enlighenment window manager, gdm login, Xorg, redsocks, tor, iptables-persistent, firefox-esr, transmission, unbound, …
  • Remove nano, because <full stop>
  • mount and compile VirtualBox drivers
  • copy configured configuration files for unbound, redsocks and iptables
  • disable IPv6 via /etc/sysctl.conf
  • install a preconfigured firefox profile for all existing users (except root)
  • delete all .bash_history files and replace them by symblink to /dev/null
  • clean apt cache
  • stop syslog (temporarly) and delete all files in /var/log

What’s in this firefox profile ?

  • security settings
  • default search engine set to duckduckgo
  • disabled saving passwords, history, …
  • preconfigured socks proxy (it’s still faster than doing REDIRECT in iptables, going over redsocks to finally land in the tor socks5 server)
  • preinstalled add-ons:
    • NoScript (default configuration)
    • uBlock Origin (default configuration)

Should I trust you?

  • You can check the install.sh yourself or even do all the steps manually, there’s really no magic here…
  • You can simply delete the “user/.mozilla” folder before running installation and it will not install the preconfigured firefox profile