Maybe somebody already had a look on this problem? I´d like to know where and how to put in wich packetlogger to get as close as possible to the border of encryption at my user computer side of Tor, to watch exactly what´s going in and out (not only what´s visible in the browser).
My firewall packetlogger only takes the already encrypted stuff that looks like random garbage, thus it are a little to late to see the actual content of it. In my theory, the possibility may be that if someone running running an exit node (or even a middle or entry node?) and tamper with it, this may be an firewall free entry into the user computer to hack it or do what ever whitout be stopped by the user´s firewall. What is your opinion about this? -- http://www.fastmail.fm - IMAP accessible web-mail