How do I ensure that my real ip never leaks out of Tor Browser Bundle/ Tor?

Discussion in 'privacy general' started by DesuMaiden, Jan 8, 2014.

Thread Status:
Not open for further replies.
  1. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    I'd assume that I must disable all forms of scripting on TBB with NoScript. And that means ALL FORMS of scripting. Any form of scripting that hasn't been deactivated by NoScript can potentially expose my real ip address.

    And I want to make sure my real ip address is not leaked out when I'm using Tor. Anyone got any idea on how I can make sure my real ip NEVER leaks out of Tor?

    How do I configure and set-up a Virtual Machine (VM) and Tor in such a way that my real ip address is impossible to leak out? I heard the only way of making Tor fail-safe (aka impossible for your real ip address to leak out) is by using Whonix. And I need your help in setting up Whonix properly. That way it is impossible for even malware and scripts to leak out my real ip whilst using Tor.

    I look forward to your help.
     
  2. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,030
    Your safest bet is using Whonix, because the gateway VM has been configured by people who understand Tor. There's also the fact that there are other people who understand Tor, who wouldn't hesitate to point out defects in the Whonix gateway setup ;)

    Using Whonix is easy. Install VirtualBox. Download and import the two Whonix VMs. Start the two Whonix VMs, and work in the workstation VM. That's it :)

    Using TBB, you're IP is safe unless you try adding third-party plug-ins and other apps.

    Natively, Tor handles only TCP. It doesn't handle UDP, and that includes DNS lookups. Properly set up, Tor pushes the DNS lookup to the exit node, and keeps track of the resolved IP address that it gets in reply. However, it's easy to leak UDP and DNS requests for apps that aren't configured properly for Tor, especially those (including some BitTorrent clients) that go out of their way to bypass firewalls and other connection limitations.

    Using standalone Tor is very risky, unless you understand Tor very well.
     
  3. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    Thanks for the tips. I already have Whonix on my computer, but I'm experiencing difficulties installing Whonix. I'm going to upload some screenshots of my computer screen to show you the problems I'm experiencing with Whonix.

    Hopefully, someone on this wonderful forum is able to resolve these problems for me.
     
  4. Palancar

    Palancar Registered Member

    Joined:
    Oct 26, 2011
    Posts:
    1,594
    I know from various posts that Mirimir and I use combinations of VPN and VM/TOR. If you have access to a VPN, I would suggest that you consider using TOR over your VPN. You won't even know you are on a VPN speed wise, and should an accidental mistake happen ONLY your VPN IP will get out and not your actual IP. Another thing not being featured in this thread is that you are now going to use a VM (OS based TOR or Whonix). The use of a VM will alone strengthen your system. For security please consider a linux VM if you decide to build a machine and use TBB without Whonix. Current linux is plug and play and adding TOR is so easy. As mentioned in a post above, Whonix is not perfect and there are two sides to its supporters/detractors.
     
  5. DesuMaiden

    DesuMaiden Registered Member

    Joined:
    Jan 25, 2013
    Posts:
    534
    Thanks for the advice. I greatly appreciate it. I will ask more questions, as more questions arise.
     
Loading...
Thread Status:
Not open for further replies.