This tutorial will show you how to reroute all traffic for a virtual machine through the Tor network to ensure anonymity. It assumes a standalone machine with a Linux OS, and VirtualBox installed. In this case, we'll be using Ubuntu on the host machine.
Thanks to
- http://www.tolaris.com/2009/03/05/using-host-networking-and-nat-with-virtualbox/
- https://trac.torproject.org/projects/tor/wiki/doc/TransparentProxy
- http://www.rootdamnit.eu/2011/12/10/virtualbox-tor-backtrack-aka-how-to-become-almost-invisible/
All commands on the host machine should be run as root (sudo or su.
Step 1 - Add A Bridge Interface For Your Virtual Machine (VM) On The Host Machine (HM)
# apt-get install bridge-utils
Add the following to /etc/network/interfaces:# VirtualBox NAT bridgeStart the bridge interface:
auto vnet0
iface vnet0 inet static
address 172.16.0.1
netmask 255.255.255.0
bridge_ports none
bridge_maxwait 0
bridge_fd 1
up iptables -t nat -I POSTROUTING -s 172.16.0.0/24 -j MASQUERADE
down iptables -t nat -D POSTROUTING -s 172.16.0.0/24 -j MASQUERADE
# ifup vnet0
Step 2 - Setup DHCP And DNS For Clients
# apt-get install dnsmasq
Edit /etc/dnsmasq.conf to include:interface=vnet0Start the daemon:
dhcp-range=172.16.0.2,172.16.0.254,1h
# /etc/init.d/dnsmasq restart
Step 3 - Install And Set Up TOR
Install TOR - INSTUCTIONSEdit /etc/tor/torrc and add:
VirtualAddrNetwork 10.192.0.0/10Restart TOR:
AutomapHostsOnResolve 1
TransPort 9040
TransListenAddress 172.16.0.1
DNSPort 53
DNSListenAddress 172.16.0.1
#/etc/init.d/tor restart
Create and edit middlebox.sh on the HM:#!/bin/shand run it:
# destinations you don't want routed through Tor
NON_TOR="192.168.1.0/24"
# Tor's TransPort
TRANS_PORT="9040"
# your internal interface
INT_IF="vnet0"
iptables -F
iptables -t nat -F
for NET in $NON_TOR; do
iptables -t nat -A PREROUTING -i $INT_IF -d $NET -j RETURN
done
iptables -t nat -A PREROUTING -i $INT_IF -p udp --dport 53 -j REDIRECT --to-ports 53
iptables -t nat -A PREROUTING -i $INT_IF -p tcp --syn -j REDIRECT --to-ports $TRANS_PORT
#./middlebox.sh
Step 4 - Set Up The Virtual Machine On The HM
Open VirtualBox, start the machine. Go to Devices > Network Adapter. Disable all network adapters except Adapter 1.Set the following options:
Attached to: Bridged Adapter
Name: vnet0
Click OK.
Finally make sure your virtual machine gets its IP address via DHCP, and refresh the DHCP client/reboot the VM. It should have an IP in the range 172.16.0.n, name resolver 172.16.0.1 and gateway 172.16.0.1.
 
No comments:
Post a Comment