What additional functionality does this provide over just using Tor's built in transparent proxy functionality, which you can use by just turning on the DNSPort and TransPort options in Tor and redirecting traffic using iptables, skipping any need for socks.
darknet.py provides ease of use and security that in some cases is not easy to recreate by simply using torrc.
Features:
- Compatible with any SystemD based Linux
- Makes TOR work with SELinux on RHEL distro
- Secures Linux Kernel preventing IPv4 Forwarding, etc...
- Makes DNS leaks almost impossible
- Redirects all traffic thought TOR
- Works Out of the Box
- MAC Address Spoofing
This software was created to have a Transparent Proxy based on TOR as an alternative to VPN and easy to use in any Linux distribution mainly, especially those based on RHEL or with SELINUX.
Another reason for its creation is that it can be easily combined with i2p increasing the anonymity of the latter network.
As for the article, I know it, in fact, I relied on it for the creation of darknet.py, and the text clearly states that it is not a discouraged only method but rather a method to be reproduced only if you have knowledge and ability to limit the Packet Forwarding of the Linux Kernel, Dropping packages that could create a leaky situation and other practices that could compromise anonymity.
Currently, there are few cases where it is possible to have a DNSLeak with darknet.py and obliviously, it's up to the end user to take the right precautions for their need for anonymity.
darknet.py is an experimental yet stable software that will surely be subject to improvements over time, one on all the different rules of IPTables that are currently good but not excellent.
22/02/2020 Update:
- I have fixed some typos.
- I have fixed some compatibility issues in RHEL distributions using SELinux.
- Improved the exclusion of addresses that should not be routed via TOR.
- DNS port 53 to 5353
- Started a parallel project to support other Unix like distributions like BSD.
mike-cardwell|6 years ago
Also, the Tor project highly discourages this kind of use of its network as per the disclaimer at the top of https://trac.torproject.org/projects/tor/wiki/doc/Transparen... - Is it worth adding a similar disclaimer to this project?
multiversecoder|6 years ago
Features:
- Compatible with any SystemD based Linux
- Makes TOR work with SELinux on RHEL distro
- Secures Linux Kernel preventing IPv4 Forwarding, etc...
- Makes DNS leaks almost impossible
- Redirects all traffic thought TOR
- Works Out of the Box
- MAC Address Spoofing
This software was created to have a Transparent Proxy based on TOR as an alternative to VPN and easy to use in any Linux distribution mainly, especially those based on RHEL or with SELINUX.
Another reason for its creation is that it can be easily combined with i2p increasing the anonymity of the latter network.
As for the article, I know it, in fact, I relied on it for the creation of darknet.py, and the text clearly states that it is not a discouraged only method but rather a method to be reproduced only if you have knowledge and ability to limit the Packet Forwarding of the Linux Kernel, Dropping packages that could create a leaky situation and other practices that could compromise anonymity.
Currently, there are few cases where it is possible to have a DNSLeak with darknet.py and obliviously, it's up to the end user to take the right precautions for their need for anonymity.
darknet.py is an experimental yet stable software that will surely be subject to improvements over time, one on all the different rules of IPTables that are currently good but not excellent.
For any improvement I am at your disposal.
multiversecoder|6 years ago