About running Tor on a private network
Hello All I am trying to deploy Tor on a private network. What is it that I need to do / know. I suppose there should be a way to create a directory service of some form which can be looked up during circuit creation and which may be populated with the router information of the relays that I deploy on the private network . Thanks Sambuddho -- অঙ্গ বঙ ছং হিং টিং ছাট
Re: TLS Man-In-The-Middle Vulnerability
On Wed, Nov 11, 2009 at 12:59:21PM -0500, Andrew S. Lists wrote: > On 11/05/09 15:52, Nick Mathewson wrote: > > On Thu, Nov 05, 2009 at 02:10:00PM -0500, Marcus Griep wrote: > >> Don't know if any one else has seen or taken a look at this. I don't know > >> if > >> this affects Tor, though I believe that we do use certificate renegotiation > >> in the protocol, and that is the entry vector for this particular > >> vulnerability: > > > > FWIW, this doesn't affect Tor. The problem here is not renegotiation > > per se; the problem is doing renegotiation, then acting as though data > > sent _before_ the renegotiation were authenticated with the > > rengotiated credentials. > > > > The Tor protocol isn't vulnerable here because 1) it doesn't allow data > > to be sent before the renegotiation step, and 2) it doesn't treat a > > renegotiation as authenticating previously exchanged data (because > > there isn't any). > > The vulnerability itself might not effect Tor, but the OpenSSL > workaround for this vulnerability of disabling renegotiation by default > in 0.9.8l [1] might not play nice with a Tor implementation. Indeed it will not. We have a fix in svn to make the 0.2.1.x and 0.2.2.x-alpha series both work correctly with OpenSSL 0.9.8l. With any luck, we should get releases out before too long. yrs, -- Nick *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: TLS Man-In-The-Middle Vulnerability
On 11/05/09 15:52, Nick Mathewson wrote: > On Thu, Nov 05, 2009 at 02:10:00PM -0500, Marcus Griep wrote: >> Don't know if any one else has seen or taken a look at this. I don't know if >> this affects Tor, though I believe that we do use certificate renegotiation >> in the protocol, and that is the entry vector for this particular >> vulnerability: > > FWIW, this doesn't affect Tor. The problem here is not renegotiation > per se; the problem is doing renegotiation, then acting as though data > sent _before_ the renegotiation were authenticated with the > rengotiated credentials. > > The Tor protocol isn't vulnerable here because 1) it doesn't allow data > to be sent before the renegotiation step, and 2) it doesn't treat a > renegotiation as authenticating previously exchanged data (because > there isn't any). The vulnerability itself might not effect Tor, but the OpenSSL workaround for this vulnerability of disabling renegotiation by default in 0.9.8l [1] might not play nice with a Tor implementation. -Andrew [1] http://www.openssl.org/news/secadv_2009.txt *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
directory server tor.dizum.com
hi list,
since a couple of days my tor node logs a problem with tor.dizum.com:
Nov 11 13:30:42.034 [warn] http status 404 ("Not Found") reason
unexpected while uploading descriptor to server '194.109.206.212:80').
Is the directory server tor.dizum.com being down?
Olaf
***
To unsubscribe, send an e-mail to majord...@torproject.org with
unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Kaspersky wants to make Tor illegal and supports a globalized policed internet.
On Wed, Nov 11, 2009 at 08:41:28AM -0500, Flamsmark wrote: > > I want very much for it to be real. > > Looks like a bunch of gibberish to me; and not very good gibberish at that. It might well that it is gibberish, but the concept itself is sound. You can route simply (using only local knowledge) in dense node assemblies (both 2d and 3d) where link density decays with distance, especially if link latency is a good measure of distance, which is especially true for very large networks and/or for line of sight and/or relativistic cut-through. With DTN this can be used for mobile nodes, whether on foot, car, balloon, plane or birds in LEO. -- Eugen* Leitl http://leitl.org";>leitl http://leitl.org __ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Kaspersky wants to make Tor illegal and supports a globalized policed internet.
> > hIf The Internet >>> is restricted in such ridiculous ways as Kaspersky suggests, then >>> other internets will just spring up to replace it. >>> >> >> For those who don't know, such a project already exists, run by >> Freaknet: http://en.wikipedia.org/wiki/Netsukuku >> > > > Netsukuku is very interesting. > > It's also very difficult to tell whether it is gibberish or not: > > http://www.kuro5hin.org/story/2005/10/6/101832/209 > > I want very much for it to be real. Looks like a bunch of gibberish to me; and not very good gibberish at that.
RE: Tor WIN in germany :)
No problem, let me know if I missed anything in the meaning... and feel free to repost it. Congrats to you too! > -Original Message- > From: owner-or-t...@freehaven.net [mailto:owner-or-t...@freehaven.net] > On Behalf Of morphium > Sent: Wednesday, November 11, 2009 3:55 AM > To: or-talk@freehaven.net > Subject: Re: Tor WIN in germany :) > > Thank you for translating! > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor WIN in germany :)
Thank you for translating! *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Kaspersky wants to make Tor illegal and supports a globalized policed internet.
On Wed, 11 Nov 2009 04:35:59 + (UTC) John Case wrote: >On Wed, 11 Nov 2009, Sharif Olorin wrote: > >> Bids like Kaspersky's are exceptionally unlikely to be successful. The >> people who keep the Internet running are, for the most part, the >> people who are most opposed to this kind of control. >> >>> If The Internet >>> is restricted in such ridiculous ways as Kaspersky suggests, then >>> other internets will just spring up to replace it. >> >> For those who don't know, such a project already exists, run by >> Freaknet: http://en.wikipedia.org/wiki/Netsukuku > > >Netsukuku is very interesting. > >It's also very difficult to tell whether it is gibberish or not: > >http://www.kuro5hin.org/story/2005/10/6/101832/209 > >I want very much for it to be real. This may be slightly off topic, but there is some software around that might be considered prerequisite components for networking schemes like Netsukuku. 802.11s is in various stages of implementation already. http://en.wikipedia.org/wiki/IEEE_802.11s http://kernelnewbies.org/Linux_2_6_26#head-26b4a3f6eb606c21056e4f906a4dae88077346f5 http://wiki.freebsd.org/WifiMesh http://www.ietf.org/rfc/rfc3561.txt Scott Bennett, Comm. ASMELG, CFIAG ** * Internet: bennett at cs.niu.edu * ** * "A well regulated and disciplined militia, is at all times a good * * objection to the introduction of that bane of all free governments * * -- a standing army." * *-- Gov. John Hancock, New York Journal, 28 January 1790 * ** *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
