Running a virtual machine (VM) that can only connect through Tor

  • Running normal applications has the problem that any remote code execution vulnerability in the application totally compromises the user. This isn't just a theoretical attack, a vulnerability in Firefox was used to compromise visitors of hidden services hosted by Freedom Hosting in August 2013.

    One obvious way to contain this is sand-boxing the application in a virtual machine. Nothing inside the virtual machine, not even the OS should be able to bypass Tor. This obviously implies running Tor outside the virtual machine so this limitation cannot be bypassed by malicious software running inside the virtual machine.

    This seems like a natural and secure way to run Tor, so I was surprised to not find any standard bundle (some virtual machine software configured to use Tor together with a specialized Linux or BSD distribution, like Tails) that works this way.

    Is there an easy way to configure a virtual machine that can only communicate with the outside through Tor?

    If you're going to sandbox your Tor install, sandbox _everything_ including Tor itself. If you don't want Tor on the same machine as the other software, run a second virtual machine with Tor on it. The networking side of this is a bit off topic and depends heavily on the virtualization software you're using and what sort of network you're virtualizing. If you want help with that anyways, more info would be good.

    The Whonix setup does this, and the Whonix wiki also contains a wealth of security-related information. It has clearly been well thought out, with careful attention to practically every possible detail.

    I'm not *that* worried about security holes in the Tor client, since my normal working behaviour is far riskier. IMO the biggest advantage of the Whonix approach is that the tight integration of Tor with then outer VM reduces the risk of configuration mistakes.

  • Panrubius

    Panrubius Correct answer

    9 years ago

    Have you considered using Whonix? It comprises two virtual machines, one of which is a gateway and the other a workstation. You work as normal on the workstation, with every network request being funnelled through the gateway and hence through Tor.

License under CC-BY-SA with attribution


Content dated before 7/24/2021 11:53 AM