On Fri, Jul 15, 2011 at 05:37:53PM -0700, David Barrett wrote: > So I'm using Tor for the first time in a project, but I'm finding I > don't really understand it and can't find the right sort of > documentation online. Can anybody help me understand: > > 1) How does Tor locate proxies? Is there some central database of Tor > proxies that they register with on startup, and query at runtime?
Yes: https://gitweb.torproject.org/torspec.git/blob/HEAD:/dir-spec.txt But see also https://www.torproject.org/docs/bridges > 2) How do you force it to switch IPs at runtime? I've tried sending > "signal NEWNYM" and that seems to return OK, but only rarely does it > actually change the IP. The only semi-reliable method I've found is to > restart the tor process. It depends what you're actually trying to do. If you're talking about web browsing, your problem is likely because you're using polipo. The NEWNYM signal tells Tor to use a new circuit for new stream requests. But since polipo does aggressive keepalive, Tor never sees a new stream request -- polipo just quietly reuses the same stream it had from last time. Firefox by itself also tends to do some sort of pipelining or keepalive. You could switch to privoxy as your http proxy. It tends to stick to http/1.0, which I guess is what you want here. The better answer is to integrate NEWNYM support with Torbutton so it can instruct Firefox on what to do, and get polipo out of the picture entirely. We're getting there. > 3) Are there solid Tor alternatives, especially any that incorporate NAT > tunneling, or that provide a more programmatic interface (rather than a > SOCKS/HTTP proxy)? For an interface for controlling Tor, you might like https://gitweb.torproject.org/torspec.git/blob/HEAD:/control-spec.txt along with things like https://gitweb.torproject.org/pytorctl.git/tree So far we've resisted making Tor into a library, since there's quite a bit of overhead in maintaining network state and circuits -- and some of that overhead is borne by the network. I wouldn't want each user to have twenty little mini Tor clients that didn't know about each other. As for "solid Tor alternatives", it depends what you want. Are you just looking for something to implement an overlay network? Or do you actually want good and well-understood anonymity properties? --Roger _______________________________________________ p2p-hackers mailing list p2p-hackers@lists.zooko.com http://lists.zooko.com/mailman/listinfo/p2p-hackers
