-1

The question is strictly from an attacker's perspective. Imagine I am an attacker running KALI Linux on a VM / live disk. I know that VPN and TOR are probable ways of hiding my identity from my victims.

Here are my list of concerns.

  • I am a cheap attacker with no money to spend on true privacy VPNs. What would I opt in that case? Would I stick with TOR or are there any other better alternatives?
  • What are the identity leak risks associated with TOR?
  • How can I configure the KALI machine in such a way that the entire traffic from my machine is routed via TOR alone?
  • How do I make sure that no TCP, UDP or ICMP packet leaves my machine to anywhere else other than through the TOR tunnel?
  • Is there a comprehensive guide for setting up TOR securely on KALI?
  • Are there any anonymity+offensive security linux distros available?
hax
  • 3,851
  • 1
  • 16
  • 34
  • 1
    Start the Tor service and set the network proxy on 127.0.0.1:9050 – O'Niel Oct 28 '16 at 19:22
  • @O'Niel How about ICMP packets in that case? – hax Oct 28 '16 at 19:27
  • Using Tor as a proxy is a bad idea if total anonymity is your endgame. Firefox can be configured not to, but Chrome will leak DNS requests for example. Not all services will obey proxy settings either and you'll likely have divulged information of some sort before you discover this. In general rather than trying to shove all traffic through Tor it's much safer to hijack someone else's assets and perform your attack from there. – Ivan Oct 28 '16 at 19:41
  • @Johnny That's the answer I was looking for. That definitely is a point of leak. What configuration in the OS level can proxy all the requests irrespective of protocol. – hax Oct 28 '16 at 19:57
  • Spend money on privacy vpn, Is that a anecdote for shooting yourself in the leg? – Dog eat cat world Oct 28 '16 at 21:19
  • 1
    That's too many questions in one. Please ask one question at a time. Furthermore some of these are off-topic — this site is about security, not about how to install software your system. – Gilles 'SO- stop being evil' Oct 28 '16 at 21:28
  • @Giles I know what this site is about. I don't need anyone to tell me how to install TOR on my machine either. What I am seeking for is the privacy leak risks associated with TOR's or VPN's and the probable ways by which an attacker might compromise his/her identity. From that context, all the questions are in fact relevant and related. – hax Oct 29 '16 at 01:43
  • http://superuser.com/questions/539203/how-can-i-make-tor-route-all-my-traffic – Arjun sharma Oct 29 '16 at 03:49
  • duplicate question – Arjun sharma Oct 29 '16 at 03:49
  • Please don't mark this a duplicate for the sake of doing it. The question you marked doesn't even share half the concerns which I asked here. Nor is it from an offensive security+ identity leak perspective. – hax Oct 29 '16 at 04:08
  • hax - you have earned enough rep here to understand the basic site requirements. As Gilles said - please ask one question at a time, and restrict your questions to security ones as per our site scope. – Rory Alsop Oct 29 '16 at 08:30

1 Answers1

4

Whonix is a distribution which only routes it's network connections through TOR. Check it out.

Anders
  • 64,406
  • 24
  • 178
  • 215
alucard
  • 39
  • 1