Re: Is JanusVM open source?
Answers inline. On Fri, Jun 18, 2010 at 7:16 PM, judaiko judaiko wrote: > In Vidalia there is a GUI known as "View the Network"; In that you can see > all the nodes you are connected to i.e. Entry Node, Middle Node, and Exit > Node. > > There is no such option in JanusVM. > You can also see all the connections passing through the Tor like > www.google.com:443 (under the nodes that the current connections are > passing through). > > Is there a way to see this information in JanusVM? > > In a shell, run: netstat -tu I want to run some Socks program like FreeCap or something after the > TOR...but I want to make sure the Socks connections are going through TOR > and not directly from my IP. > > Point your program to the IP address of the VM using port 9050 for SOCKS, or for HTTP(S). Use a web browser with FreeCap, which is set to use Tor on the IP address of JanusVM. > Therefore if the Socks is logging the IP address (honey pot socks etc.) > that it serves, it will only see Tor exit nodes, not my IP. > > I'm not sure I understand you correctly. If your program goes through Tor, then the destination host will only see the IP of the exit node. > Is this possible? To use a VPN and then on top of the VPN use a Socks > layer? > > The VPN connection between your PC and JanusVM makes all the traffic pass through Tor. If you connect the VPN to JanusVM, then used FreeCap, all the SOCKS traffic from FreeCap would pass through Tor. I installed JanusVPN using the Run.bat command that is provided inside > VMware. > > Good. Now when you connect the VPN to JanusVM, all your apps (FreeCap, Firefox, Chrome, etc..) will pass traffic over Tor. Feel free to e-mail me directly if you have any more trouble with it. - Kyle
Re: Is JanusVM open source?
In Vidalia there is a GUI known as "View the Network"; In that you can see all the nodes you are connected to i.e. Entry Node, Middle Node, and Exit Node. You can also see all the connections passing through the Tor like www.google.com:443 (under the nodes that the current connections are passing through). Is there a way to see this information in JanusVM? I want to run some Socks program like FreeCap or something after the TOR...but I want to make sure the Socks connections are going through TOR and not directly from my IP. Therefore if the Socks is logging the IP address (honey pot socks etc.) that it serves, it will only see Tor exit nodes, not my IP. Is this possible? To use a VPN and then on top of the VPN use a Socks layer? I installed JanusVPN using the Run.bat command that is provided inside VMware. On Thu, Jun 17, 2010 at 12:47 PM, Kyle Williams wrote: > JanusVM uses open source software, but we didn't release the source because > it was built with mostly .dpkg's. > You have root by default on the console (inside the VM) if you want to look > into it or modify it to your needs. Option 7 in the menu will drop you to a > shell. > > The alternative would be Tor VM, which is open source. Project page can be > found @ http://www.torproject.org/torvm/ > Build instructions and sources can be found @ > http://www.janusvm.com/tor_vm/ > > Also, their will be an update in the up coming weeks for both JanusVM and > Tor VM. Martin and I have both been busy with our day jobs and haven't had > much time to keep these projects maintained. > > Thank you, > > Kyle > > > On Thu, Jun 17, 2010 at 12:33 PM, judaiko judaiko wrote: > >> Is JanusVM open source? >> >> Does JanusVM make you an exit node without your permission? >> > >
Re: SSL only firefox add-on?
On Jun 18, 2010, at 9:28 AM, judaiko judaiko wrote: > I want the HTTP URLs to be blocked entirely, so that it is not passed on to > Tor. This can be done with foxyproxy and rule based proxy settings > But I still want the HTTP URL to be in the Firefox URL bar, so I can try if > https works (by adding the "s"). > > If it doesn't then I can disable it on that URL. > > However if I redirect it to a page on my local host, won't it come like this > in the Firefox URL bar C:\block.html ? > > Basically I guess I am looking for something that the corporate firewall > did...I think it did that because all the company resources to do work was on > https website, and there was no need to surf the interwebs...and in those > days there was no https Google > > > On Fri, Jun 18, 2010 at 12:44 AM, Seth David Schoen wrote: > judaiko judaiko writes: > > > Let me say this first: > > > > One company had a firewall that blocked all non SSL traffic. > > > > So if you go https://mail.google.com and you sign in, it will stop you > > at one URL which was not https. > > > > I am not sure if Gmail still does this i.e. redirect you to non https > > (http) url after login, and then again go into https mode when you > > enter gmail. > > > > So this firewall used to give error saying not allowed, but when you > > changed it to https, the previous Gmail redirect url worked, and I > > could login to Gmail. > > > > Now is there an add-on that does this in Firefox? > > > > Block ALL http traffic by default? > > EFF has been working on one called HTTPS Everywhere: > > https://www.eff.org/https-everywhere/ > > There are some subtle issues around situations where a site > supports HTTPS for some resources but not others. For example, > you can currently use > > https://www.google.com/ > > for encrypted web search, but only the unencrypted form > > http://www.google.com/language_tools?hl=en > > for translation services. As a result, HTTPS Everywhere has a > database of rules with exceptions, so that a rule can apply to > only a portion of a site. > > This may not do exactly what you want because you might prefer > to block HTTP URLs entirely, rather than allowing them only if > no HTTPS equivalent exists. You could probably achieve this in > HTTPS Everywhere by adding a local wildcard rule that matches > every HTTP site and redirects it to an intentionally broken > page, such as a URL within your local host. The means of setting > up your own local rewrite rules are described at > > https://www.eff.org/https-everywhere/rulesets > > -- > Seth Schoen > Senior Staff Technologist sch...@eff.org > Electronic Frontier Foundationhttp://www.eff.org/ > 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ >
Re: SSL only firefox add-on?
I want the HTTP URLs to be blocked entirely, so that it is not passed on to Tor. But I still want the HTTP URL to be in the Firefox URL bar, so I can try if https works (by adding the "s"). If it doesn't then I can disable it on that URL. However if I redirect it to a page on my local host, won't it come like this in the Firefox URL bar C:\block.html ? Basically I guess I am looking for something that the corporate firewall did...I think it did that because all the company resources to do work was on https website, and there was no need to surf the interwebs...and in those days there was no https Google On Fri, Jun 18, 2010 at 12:44 AM, Seth David Schoen wrote: > judaiko judaiko writes: > > > Let me say this first: > > > > One company had a firewall that blocked all non SSL traffic. > > > > So if you go https://mail.google.com and you sign in, it will stop you > > at one URL which was not https. > > > > I am not sure if Gmail still does this i.e. redirect you to non https > > (http) url after login, and then again go into https mode when you > > enter gmail. > > > > So this firewall used to give error saying not allowed, but when you > > changed it to https, the previous Gmail redirect url worked, and I > > could login to Gmail. > > > > Now is there an add-on that does this in Firefox? > > > > Block ALL http traffic by default? > > EFF has been working on one called HTTPS Everywhere: > > https://www.eff.org/https-everywhere/ > > There are some subtle issues around situations where a site > supports HTTPS for some resources but not others. For example, > you can currently use > > https://www.google.com/ > > for encrypted web search, but only the unencrypted form > > http://www.google.com/language_tools?hl=en > > for translation services. As a result, HTTPS Everywhere has a > database of rules with exceptions, so that a rule can apply to > only a portion of a site. > > This may not do exactly what you want because you might prefer > to block HTTP URLs entirely, rather than allowing them only if > no HTTPS equivalent exists. You could probably achieve this in > HTTPS Everywhere by adding a local wildcard rule that matches > every HTTP site and redirects it to an intentionally broken > page, such as a URL within your local host. The means of setting > up your own local rewrite rules are described at > > https://www.eff.org/https-everywhere/rulesets > > -- > Seth Schoen > Senior Staff Technologist sch...@eff.org > Electronic Frontier Foundationhttp://www.eff.org/ > 454 Shotwell Street, San Francisco, CA 94110 +1 415 436 9333 x107 > *** > To unsubscribe, send an e-mail to majord...@torproject.org with > unsubscribe or-talkin the body. http://archives.seul.org/or/talk/ >
Re: Tor Exit Node hosting: torservers.net
Hi! On Fri, Jun 18, 2010 at 4:43 PM, Moritz Bartl wrote: > Do you mind adding it to > https://wiki.torproject.org/noreply/TheOnionRouter/GoodBadISPs (or is it > actually already listed?) I have added it there some time ago. The one under Slovenia. Mitar *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Exit Node hosting: torservers.net
Hi Mitar, >> For the original discussion ("Tor Exit Node Sponsorship, looking for >> partners") see http://archives.seul.org/or/talk/May-2010/msg00058.html > I came up with same idea some time ago: > http://archives.seul.org/or/talk/Feb-2009/msg00018.html I saw your post back then and of course I want to invite you to join our efforts. We have the first server running and currently trying to tweak it to 39MB/s throughput (see stats at http://us1.torservers.net/). We hope that we can find enough constant donators to keep this going. A second node has been donated by http://networkpresence.com.au/ in Australia and I will set that one up soon. (Thanks!) Of course, it's always better to diversify, but when you look at bandwidth prices, it makes sense to unite at least some effort into one larger project. I can only encourage you to follow your idea of another larger node, and to speak to people about it! > And > have thought of trying to rise money by other means (like personal > approach in my country, where I would distribute leaflets and similar, > to get also non-technical people to understand and support it, because > currently I think we have mostly technical/networking people > understand the issue (because they understand how Internet works) or > those people who are in censorship regimes). Exactly. I think there is a larger group "outside our world" who, once educated, would be willing to spend some money on it. > As I wrote in my previous e-mail I have a Tor friendly ISP in > Slovenia, which costs 110 EUR per month for 100 Mbit/s no other limits > node, where I get 5 IPs initially but can also get more. Do you mind adding it to https://wiki.torproject.org/noreply/TheOnionRouter/GoodBadISPs (or is it actually already listed?) -- Moritz Bartl http://www.torservers.net/ *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Tor Exit Node hosting: torservers.net
Hi! On Tue, May 25, 2010 at 11:24 AM, Moritz Bartl wrote: > For the original discussion ("Tor Exit Node Sponsorship, looking for > partners") see http://archives.seul.org/or/talk/May-2010/msg00058.html I came up with same idea some time ago: http://archives.seul.org/or/talk/Feb-2009/msg00018.html There was not much encourage to it but I have also not put up site and other tools to gather people. But I am still slowly working on it. And have thought of trying to rise money by other means (like personal approach in my country, where I would distribute leaflets and similar, to get also non-technical people to understand and support it, because currently I think we have mostly technical/networking people understand the issue (because they understand how Internet works) or those people who are in censorship regimes). So idea is to get a server which would be only fast CPU, some RAM and no hard drive, only CD or something too boot the system up. So it would be dedicated to being a relay and if somebody confiscate it, there would really be no logs there. As I wrote in my previous e-mail I have a Tor friendly ISP in Slovenia, which costs 110 EUR per month for 100 Mbit/s no other limits node, where I get 5 IPs initially but can also get more. Mitar *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Re: Downloading attachments with Tor - is this secure?
On 6/18/2010 3:06 AM, Matthew wrote: Apologies in advance for the basic-ness of this question. I cannot find the answer with Google or in the Tor documentation. I believe the answer you're looking for is #4 here: https://www.torproject.org/download.html.en#Warning In these cases, how is the file downloaded? Does the download happen through HTTP/S? If I am using Polipo and Tor then I assume the file is downloaded as HTTP/S and goes through the Tor nodes like any "normal" HTTP/S traffic. This depends on where you're downloading from. Tor encrypts everything between you, the clients in your circuit, and the exit node. However, when traffic enters or leaves the exit node, it is *exactly* as if the exit node were visiting that website for itself. So, if you are downloading over standard HTTP, *nothing between the website and the exit node will be encrypted*. This usually isn't a terrible problem with downloads that don't contain any personal information that leads back to you, as it would be extremely difficult to follow the encrypted data over several hops through the network. *However*, as the documentation says repeatedly, use HTTPS wherever possible, *especially* when communicating sensitive information that could lead back to you. This way, the traffic between the exit node and website is encrypted, and doubly so between you and the exit node. Much less will be gained by examining the traffic coming to/from the exit. Hope that answers your questions. (Side Note: the above does not pertain to .onion websites or other hidden services, which are contained completely within the network.) ~Justin Aplin *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/
Downloading attachments with Tor - is this secure?
Hello, Apologies in advance for the basic-ness of this question. I cannot find the answer with Google or in the Tor documentation. When you connect to a website using HTTP or HTTP/S and you want to download a file (like a .doc or .exe) then Firefox asks you where on the hard drive the file should be saved, you decide the location, and the file downloads. In these cases, how is the file downloaded? Does the download happen through HTTP/S? If I am using Polipo and Tor then I assume the file is downloaded as HTTP/S and goes through the Tor nodes like any "normal" HTTP/S traffic. In other words, can someone confirm that each attachment is not downloaded in a way that is "outside" the Tor nodes? Thanks! *** To unsubscribe, send an e-mail to majord...@torproject.org with unsubscribe or-talkin the body. http://archives.seul.org/or/talk/