Ulissux – Tor

Tor (acronym for The Onion Router, The onion router) is a system created to protect the communications of the US Navy. It is a tool to increase the security and protection of people and companies on the Internet. Today there is a form of network surveillance and control that threatens privacy, confidentiality of communications, accessibility to services, business relationships, confidentiality and state security.

Tor protects against traffic analysis by transmitting information through a network of servers (onion routers) managed by volunteers, allowing anonymous traffic and the creation of hidden anonymous services. Communications are low latency making it suitable for web browsing, mail, messaging, SSH, IRC and more, it supports TCP protocol only.

Tor is the ally of those who want to communicate, get informed and collaborate without being discovered. Used for sensitive research such as diseases, sexual orientation, addictions, psychological problems and support, sexual abuse etc.

Ulissux was designed and built to work / live in symbiosis with the Tor system, in fact all the traffic generated by the computer is routed through this system. Ulissux supports IPv4 and IPv6 protocol and implements stream isolation so preconfigured applications use a dedicated SocksPort, with destination and port isolation, increasing the difficulty of traffic correlation.

Ulissux is equipped with a transparent proxy which has the purpose of intercepting and anonymizing the traffic that for one reason or another may not cross Tor directly. Transparent torification may not completely anonymize. Here, too, customer and recipient address isolation, protocol isolation and port isolation have been added.

Ulissux excludes by default the 5 eyes (AU – CA – GB – NZ – US) as output nodes, it is also possible to exclude 9 or 14 eyes according to preferences / needs. These nodes are excluded at the exit, because the traffic that crosses the last node of the onion routers is transmitted in clear and unencrypted, since these countries are now known for controlling the network, it may be useful to exclude them. If the exit node falls within the “X eyes” but is required to access the service, this node will be used. Furthermore, the nodes that fall under the “X eyes” will be used as entry and central nodes. Totally excluded nodes are those whose country cannot be identified.

Ulissux – DNS

The DNS (Domain Name System) is the system that deals with “translating” domain names into IP addresses and vice versa. Many users use DNS provided by their ISP. Tor does not support UDP protocol, it carries the hostname to the exit node, which resolves it on behalf of the source.
Ulissux is equipped with an internal DNS resolver, configured as a daemon for the cache of the DNS requests of the single computer. To prevent applications from performing their own DNS resolution without using the internal DNS resolver, all requests are sent to the internal DNS before trying to resolve them via external DNS. DNSSEC validation can be performed on DNS responses from upstream name servers, providing security against spoofing and cache poisoning.

Ulissux has configured the dhcp client not to manage DNS, in this way the dhcp client will give precedence to the localhost address over the addresses contained in the DNS configuration file. The connection manager is also configured not to manage DNS. These measures allow the internal DNS resolver to listen only to requests from the local computer and to use TorDNS as the sole provider of DNS responses.

Ulissux – MAC Address

The MAC Address (Media Access Control) or MAC address, is a 48-bit code (6 bytes) uniquely assigned by the manufacturer to each ethernet or wireless network card produced. Uniquely identifies the device’s network card. It represents the “identity card” of the presence in a network.

The MAC address is unique and permanent, unlike IP addresses which (not always) change with each connection. This feature allows those who want to control you to keep track of the actions carried out on the network.

Ulissux, without user intervention, automatically randomizes the MAC address at each system startup or at each restart of the network connection manager. The MAC address is changed at the software level and affects both cable (ethernet) and wireless connections (wifi).