Block dangerous LAN traffic
It’s still not clear exactly what we want to do with LAN traffic in general (XXX: this should really have a ticket), but on the short run, at least a minimal blacklist of known-bad traffic should be blocked:
- It was reported that NAT-PMP can be used to discover the LAN’s external IP-address on the Internet.
Team: DrWhax, ? (team mate)
#4 Updated by Dr_Whax 2014-07-10 15:48:40
Perhaps we want to have an option in the tails-greeter to boot Tails with it being disabled and a way to temporarily enable it for 5 minutes to print a document. This means that a program would have to be created for this.
However, it’s hard to say in what kind of RFC1918 range you will be on for the local network. E.g, how can you know in advance whether its a 192.168 or 10.10 range? On the mailing list it’s mentioned to parse the DHCP lease to only allow traffic to the local /24 (or more, depending on the lease?).
#5 Updated by intrigeri 2014-07-21 16:21:41
> Perhaps we want to have an option in the tails-greeter to boot Tails with it being disabled and a way to temporarily enable it for 5 minutes to print a document. This means that a program would have to be created for this.
To be honest, I’m not too eager to discuss solutions before we’ve finished identifying the exact problems we’re affected by (Feature #5340):
- within our threat model;
- that actually would be solved if we blocked LAN traffic.
#6 Updated by intrigeri 2015-01-10 09:20:29
As a first baby step, we could block all LAN traffic except:
- downloading from / uploading to a FTP server
- printing a document on a network printer
- going through whatever steps a captive portal asks me to; this generally involves DNS and HTTP, and potentially random ports => should be open only for the browser that’s allowed to talk to the Lan
- web browsing (using something else than the Tor Browser: