Hello,
In an internal network, they monitor web browsing through firewalls (Fortinet and FortiGate). I have two questions:
1- If I use VPN or Tor, can they still see my browsing?
2- Can they capture usernames and passwords for email and other websites?
Thank you.
These answers are from the standpoint of someone monitoring traffic on your end.
VPN: They can see that you are using VPN. They can’t see what you are doing with the VPN. Tor: They can see that you are browsing with Tor. They can’t see the end services that you are talking to. In both cases, they can see when you start/stop using VPN/Tor.
If you are using a typical email service, the traffic is already encrypted and they can’t see username/password/email regardless if you are using VPN/Tor or not. For other websites, use HTTPS, then the traffic is encrypted and they can’t see the username/password/texts/web pages. Because most websites are encrypted nowadays, generally, unless you want to hide the websites/services that you are using, then VPN/Tor isn’t required.
They can’t see your browsing activity but they can tell that you are connected to either Tor or VPN. The best option would be an obscurified VPN with Tor on top.
No because all passing traffic up and down will be encrypted.
No, when one protocol’s packets or frames get encapsulated within another protocol there is an overall increase in the frame size. Payload becomes smaller and protocol overhead increases.
Best option is Tor with PT like e.g. to use obfs4 proxy.
What type of affect would that have? I always use VPN + Tor with no issues
Am I correct in thinking obfs4 only hides Tor use up until the transport IP gets publicly indexed as belonging to Tor?
more fragmented or slower != issues
Just test both options. Load packages of different sizes over both and measure the speed.
If a wireguard VPN was better than obfs4, then the Tor Dev’s would have integrated it.
@hack3rcon doesn’t want or need to hide Tor traffic. We are talking about a company network that uses a SOC-as-a-Service firewall not about a surveillance state. He wants to connect 100 or more PCs via a company Tor proxy with the Tor network. The whole company knows that Tor is running on the network. I would recommend setting up a vanilla bridge or a guard in a data center and connecting to it.
I’m personally willing to accept the slowness since Tor is inherently slow by nature anyway. I could be on 1GBPS fiber optic and still get only 2MBPS through Tor Network.
Which might have been a good idea or future idea since IPs can just appear to be WireGuard VPN connections rather than an obfs4 which will have lesser likelihood of retrospective identification even if that isn’t the users main intent.
I can stack WireGuard VPN too so my ISP sees one IP and the entry node sees another meaning chances of correlating anything is much lesser.
The fact WireGuard is a registered trademark also probably has influence over whether Tor would include it. Linux kernel has Incorporated WireGuard since 5.6 with backports too so it can’t be that bad.
Also
For answers to commonly asked questions like yours, I recommend checking out the Tor User Support documentation. It’s a great resource and might have the information you’re looking for.
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.