Security Setup

Discussion in 'privacy technology' started by axemmiw905, Mar 27, 2012.

Thread Status:
Not open for further replies.
  1. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    MLPPP Acanac 24 MB Internet Line Quadruple Redundancy->OpenSSH Tunnel->Tor Router-->(WIRELESS)->OpenBSD Firewall->OpenBSD Gateway->FreeBSD VBULLETIN SERVER(OS Encryption Truecrypt)->Server2(OS Encryption Truecrypt)->Server3(OS Encryption Truecrypt)

    What do you think of this setup?
     
    Last edited: Mar 27, 2012
  2. moontan

    moontan Registered Member

    Joined:
    Sep 11, 2010
    Posts:
    3,931
    Location:
    Québec
    errr, any questions or points you are trying to make? o_O
     
  3. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    was obviously asking for reviews and comments.
     
    Last edited: Mar 27, 2012
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,727
    Location:
    Texas
    In that case, I would preface the post with a question.
     
  5. x942

    x942 Guest

    You can't use TrueCrypt OS Encryption on anything but windows...
     
  6. syncmaster913n

    syncmaster913n Registered Member

    Joined:
    Mar 24, 2012
    Posts:
    153
    Can I ask what is this setup for? I'm not sure I understand exactly all of the components.

    When you say "server 1", "server 2" etc. do you mean a dedicated server / virtual private server?
     
  7. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    The OP wants to set up a TOR Hidden Server for an anonymous message board for illegal "gray" activities. His security set up is to thwart U.S law enforcement.

    Think that brings most people up to speed on the purpose of all these threads.
     
  8. Dark Shadow

    Dark Shadow Registered Member

    Joined:
    Oct 11, 2007
    Posts:
    4,553
    Location:
    USA
    Well then,We dont participate in illegal activitys or advise.:thumbd:
     
  9. Serapis

    Serapis Registered Member

    Joined:
    Nov 15, 2009
    Posts:
    241
    @ axemmiw905

    When you say OpenBSD firewall, do you mean a firewall distro that's based on the OS or do you mean that the OS' pf filter is what you're relying on?

    Also what operating systems will you use on servers 2 and 3? Also what is the point of the OpenSSH tunnel if you're already using Tor, doesn't it already encrypt everything by deafult with regards to the onionland access?
     
  10. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    there's no such thing as a firewall distro of openbsd

    also im not in the us so that doesn't even make sense, in reference to two posts above
     
  11. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,028
    @axemmiw905

    I don't know where you live, or what you're planning, or where it's legal or illegal. Just about everything is illegal somewhere, right? But please think this through. If you slip up, and especially if you attract serious attention, attackers may find your servers. For example, resourceful attackers might create traffic signatures, and then search for those signatures, walking down the ISP hierarchy to you. If they walk in when your servers are up, you are hosed. Even if you manage to shut down in time, you may be coerced into making a deal.

    Use dedicated hosted servers that you rent and access anonymously. Even if you can't afford secure hardware, use Linux with encrypted LVM and a Mandos server.
     
  12. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    i already talked about this, the servers will not be at my house
     
  13. x942

    x942 Guest

    If the servers aren't at your house... Than how will you:

    1) Know if the police/attacker breaks in when the servers are running and dumps the data to an external HDD or dumps the Keys from RAM?

    2) How will you be able to shut if down in time so #1 can't happen?

    3) How do you think this will help? I mean if you aren't paying for a VPS, I assume it's on property you or someone you know owns, which mean it can be traced back to you. Your name on the property and ISP would have that too.

    Remember there are attacks against TOR Hidden Servers and TOR it's self. It is not 100% anonymous; only pseudo-anonymous. The only true way to remain anonymous would be to also use a Spoofed MAC address on a random Public AP and then hide behind TOR. But for your purposes that would be impractical. (not to mention if the owner of said AP caught on and knew what he/she was doing they could Triangulate you using something like a WiSpy).

    With law enforcement remember in alot of countries they CAN get a no-knock warrant for these matters. I know for sure they can in the US, Canada, and I believe parts of Europe. If it's in a remote location you would caught completely off guard.
     
  14. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    it'll be at a friend's house halfway across the world, nope can't be traced back to me, and if the friend doesn't know what happens in that server then it's safe
     
  15. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    So the "friend" gets it when time is up (see post 7). Not nice
     
  16. x942

    x942 Guest

    So your friend is caught by an attacker/police and is given the ultimatum to reveal you or prison/torture. Well pretty sure he will turn on you. Personally I'd rather have the server where I could have physical access to it.
     
  17. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    Why would he get time? And how? Don't you understand how encryption works?
     
  18. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    We do, however your past insults at other members when they try to correct you lead me to believe you do not. If your server is running 24/7 it is running in a mounted unencrypted state. Any information on the server the time of a raid can be imaged and captured just as if the device was never encrypted to begin with. Not even an “encryption bit over 9000” will stop that. I feel sorry for your "friend" if you are going to be performing questionable activities through their AP.
     
  19. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    As EB says... if the server is on, the encryption doesn't matter. If you don't have access to the server you can't tell when it's been compromised and you can't shut it down.

    Anyone who finds that server will be able to get into it.
     
  20. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    Some people deserved to be burned.

    Anyways who the **** gives a **** whether they take an image of the contents of the drive, they won't be able to connect the hardware with the information thus leading to nobody being incriminated.
     
  21. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    I doubt it.
     
  22. EncryptedBytes

    EncryptedBytes Registered Member

    Joined:
    Feb 20, 2011
    Posts:
    449
    Location:
    N/A
    Can't tell if just an elaborate internet troll or you are completely serious :blink:
     
  23. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I don't see what there is to doubt. They have full access to the computer once it's booted up, which it will be.

    Of course they would have to find it. I don't see how they could do that given the setup you have.

    But it's going to be slow as hell. Nearly unusably (if not entirely.) I would not be surprised if your connections time out before you ever get responses.
     
  24. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    Okay I don't understand you, what the **** do you keep worrying about? Do you like the idea of my well being or something? Are you trying to be my gay lover? what?

    All I care about is making money and staying out of prison.
     
  25. axemmiw905

    axemmiw905 Registered Member

    Joined:
    Feb 8, 2012
    Posts:
    35
    Yes thank you for the serious response. They would first have to find it, then hack through the whole setup.
     
Loading...
Thread Status:
Not open for further replies.