about Tor in Linux
I want do some programming with Tor, I've heared that Tor is developed on Linux platform, so I want to switch my OS to Linux. But since Linux has so many variations, I don't know which one should I install for programming Tor?
Re: About WLAN and monitoring..
On Thu, 31 Jan 2008 17:45:59 -0800 "F. Fox" <[EMAIL PROTECTED]> wrote: >Michael Holstein wrote: >(snip) >| So could your web-based email if you've EVER used it from an >| identifiable location. >(snip) > >I think he's looking at an observer from the local network as a threat >model. If so, such an adversary wouldn't have the benefit of knowing >what accounts are being accessed via the Web, if they go over Tor (only >an agent of the company who runs the mail service, or law enforcement >would have that benefit). > >Of course, this opens up a whole new can of worms; AFAIK, Gmail is the >only major Webmail provider that can be used via SSL on the Web >interface (by starting the session with an HTTPS URL, i.e., >https://mail.google.com ; if you don't, it'll switch to SSL only for the >~ login, but actually transmit the subsequent pages [and the email they >contain] in cleartext). > >(If you've used the account outside of Tor before, Gmail would - of >course - know your identity; however, an observer on the local WLAN >would not. > >Also, since actions over the lifetime of a circuit [~10min] can be >potentially linked [from what I've read], you'd want to get a new nym >after you're done with Gmail. On *nix, this can be done with a SIGHUP; >on Windows, one way is to stop and start Tor via Vidalia.) Stopping and restarting tor works, but it's severe overkill if you're running vidalia. Just click on "New Identity" instead. It's much faster, too. > >So unless you're using that one - or using something else to protect >your content - my hypothesis in the first paragraph is not a good one to >use in practice. Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * *-- Gov. John Hancock, New York Journal, 28 January 1790 * **
Re: Tor slow no matter what I do.
Thus spake [EMAIL PROTECTED] ([EMAIL PROTECTED]): > On Wed, Jan 30, 2008 at 05:36:19AM -1100, [EMAIL PROTECTED] wrote 1.1K bytes > in 42 lines about: > : > http://www.blackhatworld.com/blackhat-seo/black-hat-tools/3349-speeding-up-tor.html > : I just did as it says here.. Only basic tests, but wow! TOR is usable so > : far.. > > I don't see how that helps much. Circuit setup generally isn't the > cause of slowdowns. Normally, going through a server with 25KB/s is the > slowest point in the 3-point chain. Actually, it /is/ likely that one setting here is actually doing something.. "CircuitBuildTimeout 5" may have a survival of the fittest style effect. If you tweak the circuit setup down to only 5 seconds, only those servers who have ~1 second latency or less are going to be able be members of your circuit, so you effectively will be weeding out slow and congested nodes from your paths. Of course, there are anonymity implications here.. You are ultimately reducing the set of routers you are using, but on the other hand, you are automatically avoiding overloaded nodes, which technically is good for load balancing.. I'd be interested to hear Roger, Nick and Paul weigh in on this idea. Are there good reasons to keep circuits alive that have nodes in them so overloaded that it can take them up to a minute to build a circuit? -- Mike Perry Mad Computer Scientist fscked.org evil labs pgpaiGYoaHlxA.pgp Description: PGP signature
Re: One hop proxy [Re: Can nickname be duplicate?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jackie wrote: (snip) | My opinion is that to let people use | their Tor more freely, for example, they can free to choose number of | hops (snip) This has been brought up before, and AFAIK, it's a closed subject - the circuit length is hard-coded at 3 hops. End of story. - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHoqQVbgkxCAzYBCMRCPy6AKCRTgca80MnjomRJz1Fjm0YUcGVBgCfRJfm yZO8U/sXZJY0PzcvpBy8lws= =Yt38 -END PGP SIGNATURE-
Re: One hop proxy [Re: Can nickname be duplicate?]
There will be a lot of problems with one-hop circuit. For example, if "bad" people know that there are one-hop circuits in the Tor network, they will be more interested in attacking Tor, setting up more malicious nodes, etc., the consequence is a mess. I do not mean to reduce tor to one-hop proxy. There is trade-off between speed and anonymous-preserving. For different user groups have different requirement of safety and anonymous, even one user's needs vary from different conditions he counters, sometimes he prefers speed and sometimes he needs more safety. My opinion is that to let people use their Tor more freely, for example, they can free to choose number of hops, they can choose a fixed exit node if they trust it, or they can let their Tor to choose path ramdomly or they specify a path they consider as reliable.
Re: 答复: Hypothetical: Totalitarian reg imes & virtual servers abroad?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jackie wrote: | First. It is completely impossible for Chinese government to setup | censorship system out of its territory, especially in a democratic country. But they could set up some rogue exit nodes, hoping to do traitor tracing on misconfigured clients. Just because someone *should* have a secure setup, doesn't mean they do. I'm sure many attackers would use this to their advantage. | If they were to do this, it would not only be against the law of country in | which their censor system located, but also seriously destroy their | reputation. (snip) 1.) Why would they care if it broke another country's laws? It's near impossible to enforce laws across sovereign borders, when it comes down to it. 2.) Their reputation has already been destroyed in democratic nations. =;o) - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHopIIbgkxCAzYBCMRCAkAAJoDsrfE1IvnjPis8eoydy3AVLutfgCfUyXo klSbIMasPVadwrQfEwJPGQY= =r0d5 -END PGP SIGNATURE-
答复: Hypothetical: Totalitarian regimes & virtual servers abroad?
First. It is completely impossible for Chinese government to setup censorship system out of its territory, especially in a democratic country. If they were to do this, it would not only be against the law of country in which their censor system located, but also seriously destroy their reputation. Second. Even if such nodes exist, only they act as exit node can the censor system works. Even in this situation, they still cannot trace back the original user who breaks the censor rule since tor has so many relays. -邮件原件- 发件人: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 代 表 F. Fox 发送时间: 2008年1月31日 5:52 收件人: or-talk@freehaven.net 主题: Hypothetical: Totalitarian regimes & virtual servers abroad? -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I've been thinking about the recent threads involving our recent contributor from China, and the idea of excluding nodes by country - in this case, excluding Chinese nodes, for the purposes of circumventing the Great Firewall. However, such an approach relies on the ability to tie an IP address to geography. This led me to something that while simple, could break this entire approach: What if the Chinese government were to open virtual server accounts in other countries? Assuming they had massive connectivity (which some locations do - there's such a place near me, which hosts among other things, Google), malicious Tor nodes could be run on them. Since excluding by geography would be useless, they'd only need to sit back and wait. Any thoughts? - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIVAwUBR6DxcOj8TXmm2ggwAQi/QxAAuUhgsUcV44HyhpRNfJF1kbM6iFVPHmmd FtWYqnPCDoc7qMnA/BFXYxjDply1WbWIanVoMDY8Cg7pw5F7prktGq8H4aYeHxc7 meoNEef35PP6qzLpe59uv25C6b6I4S8V1BBRVlZsVbElMGUMRClFbWndWNjStLue TnwSZq2sVu0wB6iVtB4UhTkqvAFAcXSwYxP1+kKHCd/PLE3Hpwi5jEFmtw+2H+Vf 19HmUvbNqKnuBHHeX178EBqW78+bVst1phm4lI745YViWTb7I/4DgTS0+WqAo0x/ e1g9vsHJQoTiEWg/+8sprBtLhIR2HE+PobTce+3nEvjb7SfdBUVwspG1hemqDDpE NLNWAsAzMFYnAdmEMfEEHCVf7BoFXVqkqs5KMKxsWE0X4+6QbXLxR+PS9b4Ev/1Q PsE8HVO43jxS0/alMGUFWqwTdbFn/qNqK1GKGMEYecFukZSNwViFeA5ufkSPdVHS N/EK0ILedcA8XYRRBttJRlPzYGSI0EuD3XBuc4sK0QtzB/IYCh71RyJn1KDdk8Um HUkw0aLS5+b/Ok9ULxWsWQpjsjRdeWp2ZPsym/5UQcWSoE+rqEDQE4OKaSeDVFbx fWLYZ4OQUwDX/OI0pSsEW2dVDc3Zr51vF3VapC+GuM/IID2WOEwbB9nzcVIlcGIg 2FXBdN/b9H0= =Y74V -END PGP SIGNATURE-
Speeding up Tor [sorry for the new thread]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 [Sorry for opening a new thread; I deleted the message this would have been a reply to, before I really read things through.] Someone earlier posted a link to a page with some torrc options, meant to speed up Tor: http://www.blackhatworld.com/blackhat-seo/black-hat-tools/3349-speeding-up-tor.html I just wanted to say, that I've used a similar set of options for quite some time. It's nothing new; in fact, it's listed in the Tor wiki. I personally believe that they do help to speed up browsing through Tor; however, this is purely subjective. I've done no benchmarking. Tor itself seems to have sped up for browsing quite a bit, in my experience, over the past year or so on its own; I suspect this has to do with more relays coming online. =:oD - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHontCbgkxCAzYBCMRCAe/AKCG5YDeaT3cTxpfh6X+SoGNvpAR9QCcCRwz m64hC6bF+CIHx+HXPWi63U0= =vZVz -END PGP SIGNATURE-
Re: About WLAN and monitoring..
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Michael Holstein wrote: (snip) | So could your web-based email if you've EVER used it from an | identifiable location. (snip) I think he's looking at an observer from the local network as a threat model. If so, such an adversary wouldn't have the benefit of knowing what accounts are being accessed via the Web, if they go over Tor (only an agent of the company who runs the mail service, or law enforcement would have that benefit). Of course, this opens up a whole new can of worms; AFAIK, Gmail is the only major Webmail provider that can be used via SSL on the Web interface (by starting the session with an HTTPS URL, i.e., https://mail.google.com ; if you don't, it'll switch to SSL only for the ~ login, but actually transmit the subsequent pages [and the email they contain] in cleartext). (If you've used the account outside of Tor before, Gmail would - of course - know your identity; however, an observer on the local WLAN would not. Also, since actions over the lifetime of a circuit [~10min] can be potentially linked [from what I've read], you'd want to get a new nym after you're done with Gmail. On *nix, this can be done with a SIGHUP; on Windows, one way is to stop and start Tor via Vidalia.) So unless you're using that one - or using something else to protect your content - my hypothesis in the first paragraph is not a good one to use in practice. - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHonnWbgkxCAzYBCMRCNOuAKCEZ6+x1axYmgjoojuU6TnxpmbxdwCdFqnc DBHLYxGG6sCHmnUbieI0OL4= =klPc -END PGP SIGNATURE-
Re: One hop proxy [Re: Can nickname be duplicate?]
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Pei Hanru wrote: (snip) |> Of course what I have said above does not necessarily fit every |> country. In |> my country, as long as you do not spread out those banned information, |> the |> police would not bother you just for the reason that you browse them |> personally. | | I'm also from China, haven't investigated such "browsing unsuitable | material but not spreading" issue you described. How do you draw the | above conclusion? Is it written somewhere? (snip) If true, it would seem that they're more interested in preventing news from the inside from getting out, than information from the outside getting in. I would think either one would be a "threat," from a totalitarian's POV. - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHoncgbgkxCAzYBCMRCNg1AJ994LYektTAxi7TqCYC8F4V8xm7IQCeOXug kFyJ0ULjWzUROXDe/C5q5iw= =rKrD -END PGP SIGNATURE-
Re: ŽðžŽ: Can nickname be duplicate?
On 2008/2/1, <[EMAIL PROTECTED]> wrote: > > By the way: Is there an easy way to replace DynDNS/DNS2go/etc. by a TOR > server lookup? > I see that that i can find my TOR server in several lists, so it should be > possible to > replace DynDNS/DNS2go but i found no easier solution than copy and paste. > Is there no easier way? Try using the development version of Tor (0.2.0.18-alpha currently) and setting the "DNSPort" option in torrc (usually, "DNSPort 53"). Then change your DNS settings to use localhost (instead of DynDNS/DNS2go/your ISP's server). Cheers, John
Re: About WLAN and monitoring..
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 algenon flower wrote: | I run a Tor client on a laptop at easy to access pub wifi access points. | What I need to know is, assuming I have disallowed file sharing, ect | what info could a wifi host be able to access on my computer? I have | heard they could only log my MAC address, the unique code identifying my | wifi card. Is more available to an attacker? (snip) I've also used Tor for this purpose, as long as I'm not doing personal stuff (or only encrypted personal stuff) through it (otherwise, there's the risk of exit eavesdropping problems). AFAIK, the only other piece of info that'd be available, is they could determine that you're using Tor. Tor should obscure everything else. =:o) - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHonDbbgkxCAzYBCMRCM78AJwOZ1IBKUTVzt+85uaoqMb3ZE3DAQCeIaL4 +eTGUNbuP1E+oJ3axSVHOhY= =E1fe -END PGP SIGNATURE-
Re: How does tor identify router nodes?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jackie wrote: (snip) | If | I add "ExcludeNodes unnamed" to my torrc, which node on earth would be | excluded ??? My guess is that all the nodes named "unnamed" would be excluded. IMO, it's just plain lazy for them to have set it up like that; but nicknames are not unique. As another person said earlier, only the cryptographic fingerprint of a node is. - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHom+7bgkxCAzYBCMRCN8oAJ47lLkrWljNUldnbQOFUs2BFSfgUwCeNWtk A+nqapUIXBk7ifrJ55PZXRo= =/uxg -END PGP SIGNATURE-
Re: 答复: Can nickname be duplicate?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Jackie wrote: (snip) | The solution is a proxy without fixed IP and can also encrypt data, Tor is a | good tool! But we just need such a proxy, thus so many relays is not needed, | and such relays will slow down the speed of communication. | | So, my idea is to find a way to get rid of relays, what I need is just exit | nodes abroad my country and other totalitarian governed regions, I've found | that generally one circuit contains three nodes when tor is used to browse | website, that is to say my data is encrypted for three times. In fact, to | me, one exit node with a high bandwidth abroad is enough. (snip) It sounds like what you're looking for, is an encrypted proxy - a simple, one-hop proxy that you can browse through using HTTPS, but where it comes out the "far end" unencrypted. I know such proxies exist; however, I know very little else. Maybe someone else here can help? - -- F. Fox: A+, Network+, Security+ Owner of Tor node "kitsune" http://fenrisfox.livejournal.com -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFHom86bgkxCAzYBCMRCNudAJ0bEYFcOH66eJeMzWl6fOcwJ5TnhQCeODJY FQ5TCvw+143RGG+QCRrSzi8= =uKYE -END PGP SIGNATURE-
Re: About WLAN and monitoring..
I run a Tor client on a laptop at easy to access pub wifi access points. What I need to know is, assuming I have disallowed file sharing, ect what info could a wifi host be able to access on my computer? I have heard they could only log my MAC address, the unique code identifying my wifi card. Is more available to an attacker? The MAC of the wireless card (which can be changed .. from the advanced properties tab in Windows, or 'ifconfig hw ether' in *nix). The hostname sent to the DHCP server (also modifiable) Just turning off file sharing does not disable all the exposed ports .. run "netstat -an |findstr LISTEN" to see what's open (replace 'findstr' with 'grep' for *nix). Also : consider things like Windows Update, Weatherbug, Webshots, AntiVirus progs, etc. All of those apps send a unique ID to the remote side, and could be used to associate the "non-TOR-you" with the "TOR-you". So could your web-based email if you've EVER used it from an identifiable location. Cheers, Michael Holstein CISSP GCIA Cleveland State University
Re: ŽðžŽ: Can nickname be duplicate?
Hi, you forgot the censorship simply by DNS: I tested in several companies like Siemens and countries like Qatar with URLs like sex.com and found that censorship is done only by DNS server censorship. With an online nslookup or not censored DNS server you can avoid it. By the way: Is there an easy way to replace DynDNS/DNS2go/etc. by a TOR server lookup? I see that that i can find my TOR server in several lists, so it should be possible to replace DynDNS/DNS2go but i found no easier solution than copy and paste. Is there no easier way? Greets > If just for visiting those banned website by local ISP, not too strong > anonymous preserving is required. > Censor systems is not very high-tech, it adopt mainly two method: first, > domain (or IP address) deny, that is to cut off the connection when your > HTTP require bound to those banned websites' IP which is listed in ISP's > server; second: "key-words" filter, ISPs keep a set of "key-words" mainly > refer to pornographic, political related subject; when any data stream that > contains these key-words pass through ISP, it will be cut off. Seriously, it > will reveal your IP to the ISP. > > Before tor is available, people often used proxy located abroad their own > country to visit banned sites, but this was a unstable way, such proxy > server was hard to find, once one of these proxy become well-known, it would > soon be listed on the banned IP list of censor system. Furthermore, it > cannot avoid "key-words" filter if data streamed from client to proxy (or > vice-versa) is not encrypted. > > The solution is a proxy without fixed IP and can also encrypt data, Tor is a > good tool! But we just need such a proxy, thus so many relays is not needed, > and such relays will slow down the speed of communication. > > So, my idea is to find a way to get rid of relays, what I need is just exit > nodes abroad my country and other totalitarian governed regions, I've found > that generally one circuit contains three nodes when tor is used to browse > website, that is to say my data is encrypted for three times. In fact, to > me, one exit node with a high bandwidth abroad is enough. > > Of course what I have said above does not necessarily fit every country. In > my country, as long as you do not spread out those banned information, the > police would not bother you just for the reason that you browse them > personally. To secure your safety, you must be familiar with the law in your > country and adopt according safety secure strategy. > > If anyone knows how to do, please help me. Thanks! > > Sincerely yours friends > > > -ÓÊŒþÔŒþ- > ·¢ŒþÈË: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Žú > ±í F. Fox > ·¢ËÍʱŒä: 2008Äê1ÔÂ31ÈÕ 3:30 > ÊÕŒþÈË: or-talk@freehaven.net > Ö÷Ìâ: Re: Can nickname be duplicate? > > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Florian Reitmeir wrote: > (snip) > > FAQ: > > https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ > > "4.10. Can I control what nodes I use for entry/exit?" > > ... We don't actually recommend you use these for normal use -- you get > the > > best security that Tor can provide when you leave the route selection to > > Tor ... > (snip) > > I seriously question this - at least in the context of evading > totalitarian censorship technology. > > I think in such a situation, one would want to exclude nodes from their > own country; at the very least, they'd want to exclude such exit nodes. > > - -- > F. Fox: A+, Network+, Security+ > Owner of Tor node "kitsune" > http://fenrisfox.livejournal.com > -BEGIN PGP SIGNATURE- > Version: GnuPG v1.4.6 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org > > iQIVAwUBR6DQI+j8TXmm2ggwAQhgMQ//RMXRtbdXQ4Ekh6XdojQtnKQfUVuW+mwD > IjPJAlGG53e+PrIa3RWChQ2GXWWnQMJHhyaSypTdNSwjAwEpSvo3ABsvsQWLpWoN > gqrYklkjgc4d5D5o/z35EOIhrwBIoOi7Niq8oSUOylviYRwD6kKXDlFxOmPKiY5F > M6+BSNFRoRlaYS8JulcHJ26x7RgCkbOJllNKB6Zk3Kun024/hoS/k1J9t5T/rqVx > B4nN1ZGthHXBJMryQImSlMMUgdYo9yirnZUbIWWjcgqpuRtk6NIWwJQf4X1X6fqg > hXoVd6iEG/+dzkO4pKawnc00wc+dUVlTO9UijAHWars7NRiGch9ZG+409Yr/Yf3q > T/U/aqUE2L6lnTK8JeiZ8i9xdN/g5GluGRlxKPCBQ4YcZU+i5fYP9D8T7gx/ZAEo > 3zr264IzOoGnMPPLrgSlSJiR7cX6MpLkylTWqlezkqxZgc2UlblD6Yh0LdFDYx0w > EjKCrArhsYM4Zr9Gl98wCUiE1nD/V4Js/0pM3ZoBq4U15eJfp+tRRRXEVi3yS1TR > arZLu+Hc9+JS7YQzN2W1N82nUc/oOdp70Z5ntFcxQX4Gy6bZuI77ZE7sMF7AlTiw > 6Ua5q6Pmo/6EmM5ObMKVOoN/zBtgNG8JfwFwFRerkneog5b3n3JAdMzp7Bqjr+Tx > V6xSEm5O7Hk= > =FVfB > -END PGP SIGNATURE- > > >
Re: About WLAN and monitoring..
Hi, Florian Reitmeir wrote: On Wed, 30 Jan 2008, algenon flower wrote: I run a Tor client on a laptop at easy to access pub wifi access points. What I need to know is, assuming I have disallowed file sharing, ect what info could a wifi host be able to access on my computer? I have heard they could only log my MAC address, the unique code identifying my wifi card. Is more available to an attacker? [snip] "the internet" begins at layer 3. Tor provides services for layer 3 and above. So yes, a WIFI provider might be able to identify your laptop with to MAC address of the wifi or build in ethernet card. (Layer 2) But if Tor is used correctly he is not able to "see" what services "of the internet" you are using. There's also the possibility (at leat for some versions of linux and newer Windows versions, not sure about other OSs) to spoof (change/hide) your MAC address. Be advised that such applications might be illegal in some countries. One very powerful linux distro allowing for this is BackTrack2, available via h**p://www.remote-exploit.org/backtrack.html - Note that this distro comes with some advanced security scanners etc., which might be illegal to use in some countries (and should only be used on *your own* network in any case)! Also note that BackTrack was not built to be secure itself (though I don't know of any vulnerabilities); it might actually be less secure than common distributions. An alternative for Windows (2k and up) are SMAC and similar. Regards Andrew
Re: ExcludeNodes torrc option doesn't work for me
On Jan 31, 2008 8:40 AM, Thomas Barvo <[EMAIL PROTECTED]> wrote: > I have tried the exclude nodes option in torrc but this does not work > ... try: ExcludeNodes="$7BADED078161CDFF513" using the $,$,... notation.
help
help
ExcludeNodes torrc option doesn't work for me
I have tried the exclude nodes option in torrc but this does not work for me. I monitor my IP address when I use tor in real time and the exit nodes always change to the one(s) excluded in my torrc file at some point. Is the RendExcludeNodes option also ignored? I have tried removing contents of my ~/.tor directory and restarting tor, this attempt fails too, exit nodes I blocked in torrc by nickname or fingerprint are still used. What am I doing wrong or how do I fix this? My torrc file is located at /usr/local/etc/tor/torrc, should I cp it to ~/.tor ? Placement should not matter as other options are respected, but not ExcludeNodes!
Re: Tor slow no matter what I do.
On Wed, Jan 30, 2008 at 05:36:19AM -1100, [EMAIL PROTECTED] wrote 1.1K bytes in 42 lines about: : http://www.blackhatworld.com/blackhat-seo/black-hat-tools/3349-speeding-up-tor.html : I just did as it says here.. Only basic tests, but wow! TOR is usable so : far.. I don't see how that helps much. Circuit setup generally isn't the cause of slowdowns. Normally, going through a server with 25KB/s is the slowest point in the 3-point chain. A better set of reasoning and suggestions can be found at: https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#WhySlow Point 4 links to a few pages where users have found more success than makng Tor change circuits frequently. -- Andrew
Re: Tor-Ramdisk
Hi Algenon, I'm sorry, that was the wrong site! (For internal college use only). Try ftp://cheshire.dyc.edu/pub/tor-uclibc-ramdisk of if ftp is a problem http://cheshire.dyc.edu/pub/tor-uclibc-ramdisk/ Thanks for alerting me! At 3.8 MB for the image, imagine every cell phone in the future being a tor server. --Tony algenon flower wrote: > Hello Dante > Are you Mideval Italian?? (No, Just kidding :), However, no kidding > about your efforts to build a RAM only distro that can run as a Tor server. I > just tried to access your ftp, but failed. Will try again, it sounds like > something I am very interested in. > > Algenon > > > > dante <[EMAIL PROTECTED]> wrote: > Hi everyone, > > A month ago I developed a small, ramdisk only (ie diskless), linux > system whose only purpose was to run a tor server. The aim of the > project was to meet the following goals: > > 1) small footprint - i686 (single or SMP) with 256MB+ RAM > 2) to run only in ram so nothing survives a reboot > 3) to do no logging whatsoever at any level > 4) to be secure - GRSEC hardened kernel > 5) to run a tor server, allowing for any configuration, > middle/exit/directory, etc > > I suspect such a project might be of interest to other Tor operators. > > > I ran a middle-man node for about 20 days with success > (node-name=RamOnly), but because I compiled statically against GLIBC, I > broke DNS resolution, and so it would not work as an exit node. I've > rebuild the image from scratch compiling against UCLIBC and I'm now in > the testing phase again. I'm running another middle-man/directory > server (node-name=RamOnlyUCLIBC). Here's the url for the howto and the > image: > > ftp://ddl.dyc.edu/pub/tor-uclibc-ramdisk > > The kernel is compiled with support for most 100MB and 1GB NIC cards. > Any comments or testers would be much appreciated. > > More details: > > busybox-1.8.2 - minimally configured, compiled with UCLIBC > linux-2.6.23.12 patched with Gentoo's hardening patches (GRSEC) > tor-1.2.19 > > --- > > Anthony G. Basile, Ph.D. > Director of Information Technology, > D'Youville College, > 320 Porter Ave. > Buffalo NY, 14201 > > > > > > > > > > > > > - > Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it > now. >
One hop proxy [Re: Can nickname be duplicate?]
Before tor is available, people often used proxy located abroad their own country to visit banned sites, but this was a unstable way, such proxy server was hard to find, once one of these proxy become well-known, it would soon be listed on the banned IP list of censor system. Furthermore, it cannot avoid "key-words" filter if data streamed from client to proxy (or vice-versa) is not encrypted. The solution is a proxy without fixed IP and can also encrypt data, Tor is a good tool! But we just need such a proxy, thus so many relays is not needed, and such relays will slow down the speed of communication. There're already some one-hop-proxy tools for this specific purpose (I'm not going to mention them publicly and assuming you're familiar with them, if not, please drop me a private mail), and generally they're faster than Tor. So, my idea is to find a way to get rid of relays, what I need is just exit nodes abroad my country and other totalitarian governed regions, I've found that generally one circuit contains three nodes when tor is used to browse website, that is to say my data is encrypted for three times. In fact, to me, one exit node with a high bandwidth abroad is enough. There will be a lot of problems with one-hop circuit. For example, if "bad" people know that there are one-hop circuits in the Tor network, they will be more interested in attacking Tor, setting up more malicious nodes, etc., the consequence is a mess. I agree with you that Tor is slow, especially in China, we need to improve this, but alas, it is easier said than done. Of course what I have said above does not necessarily fit every country. In my country, as long as you do not spread out those banned information, the police would not bother you just for the reason that you browse them personally. I'm also from China, haven't investigated such "browsing unsuitable material but not spreading" issue you described. How do you draw the above conclusion? Is it written somewhere? Hanru
