Results 1 to 3 of 3

Thread: Encrypt All Traffic Leaving Network?

  1. #1
    Just burned his ISO
    Join Date
    Dec 2009

    Default Encrypt All Traffic Leaving Network?

    Is there a way to anonymize and/or encrypt all of my internet traffic? I am really only concerned about it being so out to at least my cable modem, preferably through it.

    I live in an apartment with several people and we all use one cable internet connection through one wireless router (using WPA2) to access the internet. They all depend on me to keep it running. We were having some connectivity/bandwidth issues, and in the process of tracking down the problem I realized that I could use available tools to capture all of their wireless traffic, and in the worst case, I could tap the line from the router to the cable modem to capture all traffic. If I can do it, then that means someone else could, and with the right equipment someone could even tap the cable box outside and grab all my traffic.

    I don't mean to be paranoid, but how can I avoid this? I know Tor does this for some applications, but only ones that can be set up to use a proxy, not for all traffic. I had the idea to set up a box between all of my computers and our router, and somehow configure it to redirect all of my traffic through tor, but I do know if this is possible or what tools I need to set up the forwarding. How can I set this up, or what other suggestions/solutions does anyone have?

  2. #2
    Super Moderator lupin's Avatar
    Join Date
    Jan 2010


    You won't be able to avoid this.

    There are ways you can setup encrypted tunnels over the Internet, but both endpoint systems (or gateways between those systems) must support the encryption used. The catch is that the end hosts eventually need to see the clear text data, so whatever gets encrypted must get decrypted by the time it gets to the other end.

    If you have two different nodes connected via the Internet, you can encrypt traffic between them using something like IPSec or SSL, because you can control what runs on these systems and how they communicate. If you are talking to somebody else's systems over the Internet however, you can only communicate using encryption if the system you are talking to supports that type of encryption.

    Common examples of encryption being supported on Internet systems usually involve SSL, e.g. "secure" https websites, "secure" SSL protected POP3 and SMTP, etc.

    Any tor traffic that gets encrypted will get decrypted when it leaves the tor exit node, at which point that exit node can sniff all of your traffic in clear text. I wouldn't send anything confidential over tor for this reason, because anyone can run a tor exit node. Your traffic being grabbed via a malicious tor exit node is actually far more likely than someone tapping your line, because tapping your line requires physical access that line and the reward probably won't justify the effort for many attackers unless you have really interesting traffic.
    Capitalisation is important. It's the difference between "Helping your brother Jack off a horse" and "Helping your brother jack off a horse".

    The Forum Rules, Forum FAQ and the BackTrack Wiki... learn them, love them, live them.

  3. #3
    Very good friend of the forum Virchanza's Avatar
    Join Date
    Jan 2010


    Ever heard of a program called OpenVPN?

    You need to have a computer on the internet that will act as the OpenVPN server, and then you use your own computer as the OpenVPN client.

    Instead of sending stuff straight to the internet, you send it to the OpenVPN server, and the OpenVPN server sends it to the Internet for you. All traffic between you and the OpenVPN server is encrypted.

    I used OpenVPN when I was in college to get around the firewall to look at whatever websites I wanted.
    Ask questions on the open forums, that way everybody benefits from the solution, and everybody can be corrected when they make mistakes. Don't send me private messages asking questions that should be asked on the open forums, I won't respond. I decline all "Friend Requests".

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts