On Fri, 28 Sep 2007 15:02:53 -0700, [EMAIL PROTECTED] said: > > On Thu, 27 Sep 2007 21:20:42 -0500 (CDT), "Scott Bennett" > <[EMAIL PROTECTED]> said: > > On Thu, 27 Sep 2007 19:05:27 -0700 [EMAIL PROTECTED] wrote: > > > > >On Thu, 27 Sep 2007 19:52:30 -0500 (CDT), "Scott Bennett" > > ><[EMAIL PROTECTED]> said: > > >> On Thu, 27 Sep 2007 20:35:58 -0400 Watson Ladd > > >> <[EMAIL PROTECTED]> > > >> wrote: > > >> >[EMAIL PROTECTED] wrote: > > >> >> Then after agreeing to the TOS, you are able to connect to tor > > >> >> servers,= > > >> > > > >> >> but all dns requests go through a library computer IP, such that they > > >> >> can see and record where you are going. I am not sure if they can see > > >> >> the TCP content, but the UDP (which I assume is the dns lookups are > > >> >> all= > > >> > > > >> >> being monitored and probably logged by the library server through > > >> >> which= > > >> > > > >> >> you are connected. Firewall logs clearly show the outgoing and > > >> >> incoming= > > >> > > > >> >> DNS packets to the library IP. Rest of connections to Tor servers in > > >> >> th= > > >> >e > > >> >> firewall log appear normal. > > >> >Make sure to run DNS queries over tor if anonymity is important. > > >> > > >> Absolutely. Check your privoxy configuration file to make sure its > > >> first line is > > >> > > >> forward-socks4a / localhost:9050 . > > > > > >already is > > > > > Okay. Good. > > >> > > >> If you're using some other port than 9050, change that accordingly. > > >> Other > > >> programs, e.g. PuTTY, will need to be configured, too, if you use them. > > >> In the case of PuTTY, each remote login site that you configure to be > > >> proxied through tor will need to be set to use socks5 and to do DNS name > > >> lookups at the proxy end (see "Proxy" under "Connection"). > > >> > > >> >>=20 > > >> >> I have not run a sniffer yet on this, because my laptop is old and it > > >> >> might not be able to handle it. But tor anonymity is obviously shot > > >> >> whe= > > >> >n > > >> >> connecting to their wifi nodes. I believe I tried to block the DNS > > >> >> lookups to the Library IP with privoxy generic block rules and then I\ > > >> >Using socks-4a should fix this. > > > > > >already set to sock 4a > > > > > >> > > >> Right. Or socks5, though privoxy doesn't yet appear to support > > >> that. > > > > > >did you just start using tor? > > > > > About 2.5 years so far. > > >> > > >> >> could not load any web pages, indicating again that the dns requests > > >> >> ar= > > >> >e > > >> >> first being routed to the library machine, where they are, of course, > > >> >> logged (and maybe sent off to the FBI, if your reading muslim > > >> >> materials= > > >> >, > > >> >> haha). > > >> >Now are these DNS requests for sites you are browsing? It sounds like > > > > I think the question posed here may reveal the answer. > > Already answered that I think, the dns requests APPEAR to be made each > time a new url is looked up and not in looking up tor servers, but I > will only know for certain when I run the sniffer, if that is possible > on my laptop. > > > > > > >> >that is the case, but I just want to make sure. > > >> > > >> Most public wireless locations use no encryption at all. In these > > >> situations, things like tor and SSH are about the only significant > > >> privacy > > >> protection most users have. > > > > > >no problem with tor and other wifi connections, dns goes to tor, hence > > >my OP title LIBRARY DEFEATS TOR > > >Tentative Conclusion: Tor cannot be used with any confidence on > > >publically maintained machines, but there is no reference to this on the > > >tor website; nor any real illumination from this group, so far. I > > >suppose now someone is going to tell me to disable javascript and > > >cookies, ;-) The encryption is SUPPOSED to occur at the client before it > > >even gets to any outside server, but obviously this is not happening as > > >the dns requests are being subverted. Perhaps the traffic is being > > >shuttled from the kernel OS to a library server. IOW tor should provide > > >the encryption necessary and no wifi encryption should be needed. I will > > >see if I can run a sniffer to find out exactly what's happening. > > > > > Yes, and I think that may be why Watson asked the question I noted > > above. Tor does its own name server queries for two purposes: 1) to > > provide exit service when running in server mode, 2) to look up addresses > > of other tor servers, regardless of mode. These are normal operations > > and reveal only those activities. When you are using it in a public > > location, I assume that it is running only as a client. So that returns > > us to the question of exactly what kinds of addresses is tor looking up? > > the laptop appears to be getting web site dns translations from a > library node rather than from tor, which allows tracking and profiling. > each time a new url is introduced I get a firewall dns request in the > log. > > > Are they only the addresses of other tor servers? Or do they also > > include the addresses of the web sites you're trying to reach? > > Would you also please double check your browser configuration to > > make sure it is forwarding everything through privoxy? If you're using > > a firefox plug-in module like Torbutton, switchproxy, or foxyproxy, have > > you accidentally disabled the proxy? > > nope, don't use those, the browser is always set to go through privoxy. > will do some further testing and try to report back, but suprised not > more answers to this post. certainly others should have experienced this > problem. > > > > > > > Scott Bennett, Comm. ASMELG, CFIAG > > ********************************************************************** > > * Internet: bennett at cs.niu.edu * > > *--------------------------------------------------------------------* > > * "A well regulated and disciplined militia, is at all times a good * > > * objection to the introduction of that bane of all free governments * > > * -- a standing army." * > > * -- Gov. John Hancock, New York Journal, 28 January 1790 * > > ********************************************************************** > -- > > [EMAIL PROTECTED] > > -- > http://www.fastmail.fm - A no graphics, no pop-ups email service > -- [EMAIL PROTECTED]
-- http://www.fastmail.fm - mmm... Fastmail...