Sunday, October 28, 2018

Tor (torrc stealth) for NAT Punching/Remote Management

Hey, guys. New member here!

I am college student studying Computer Networking will be tasked with a network design/sysadmin project and have a question about a possible solution I am considering. Please note, I don't expect anyone here to do my work for me haha, I am just looking for some help to see if my idea is even feasible.

I expect to be given the specific details of the requirements in the next few months but I am anticipating certain expectations and trying to research early in advance. That said, given that my Server Administration class is focused on Windows Server 2012, I am sure I will be expected to use that for my DHCP/DNS requirements, and all the Active Directory/Group Policy fun (urgh) that goes with setting up User accounts etc.

Essentially I was wondering if for the network component it would be possible or even desirable to configure a specific server for remote management via Tor in stealth mode. That is, from within the network the ordinary servers could be managed as normal - but have a specific server dedicated with a Tor client, that is essentially replicated and updated by the main servers. That way, I can just firewall all inbound traffic, yet still allow remote access for a remote adminstrator(s) who can have specific access via unique cookie?

As I understand it, configuring a Tor Onion service in stealth mode makes the server undiscoverable to anyone without the specific cookie. As such the server can't be pinged/DDOS'd, etc. Since the server will hold an outbound connection to its Introduction Point, and subsequent Rendezvous point, I can just firewall all inbound traffic completely, whilst having remote access, authentication (as the url is a hash of the public key), plus end to end encryption.

Server anonymity is not really a priority, it's purely for the security purposed. If this is possible to configure like Facebooks onion service (ie 1 node in, as opposed to 3) than would be ideal, due to reduced latency.

My research seems to bring up lots of info with Tor stealth mode using Nginx, or Home Assistant for IOT. But I am having trouble finding results on utilising it with just a basic Windows Server 2012.

Been a long time lurker and understand the members of this board are far more knowledgeable than I, I would just like a bit of direction if my idea is worth attempting, or is this a dead end?

I quickly thrown together a generic packet tracer topology to better illustrate what I mean:

https://imgur.com/a/aIeILMh

Any help would be greatly appreciated.



No comments:

Post a Comment