Re: [tor-talk] question about socks 4, 5
On 9/24/2011 4:16 AM, Fabian Keil wrote: Joe Btfsplk wrote: was playing w/ latest TBB& seeing how other apps (like email - Tbird, or other apps) behaved, just to experiment. 1) Question about changes in proxy settings of late(er) TBB (Aurora - FF 6) use. Notice that ONLY things filled in on network> settings page is: - Manual Proxy Config is checked, - under SOCKS host, 127.0.0.1 is used, and PORT 9050 used. - SOCKS 5 is checked. Obviously, changes from past Tor. I saw msgs in TBB / Vidalia log (which unfortunately, I didn't figure out how to save - it's gone once I never used TBB, but the "Vidalia log" in vanilla Vidalia is basically a Tor log, so if you configure Tor to additionally log to a file, the log messages should survive the Vidalia shutdown. TBB shuts down), to effect of (pardon my poor memory): "An (or some) applic. is trying to do on SOCKS 5... which ~ may compromise anonymity... "Consider using SOCKS 4 instead, ... or use Polipo (Privoxy?)" You are probably referring to: Sep 21 22:43:31.377 [warn] {APP} Your application (using socks5 to port 80) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS. The important part is "giving Tor only an IP address", you can get the same message for SOCKS4. The URL should probably be fixed, but I'm not sure if the original content still exists somewhere. Question isn't about ONE app, but in general. If trying to torrify other apps, how do you know (now) WHICH settings to use in connection settings for that app(s)? HTTP, SSL, SOCKS 4 / 5? Or some combo of one or more of these settings & which Proxy or Port for each? Simplifying things a bit, SOCKS 4 and 5 both have two "flavours", one where the client itself resolves the addresses (potentially "leaking" DNS requests) and one where it doesn't have to (but still could). Tor users usually want to use the ones where the client doesn't have to resolve addresses and naturally they want to use clients that don't resolve anything anyway. In case of SOCKS4 that flavour is called SOCKS4A, in case of SOCKS5 it's often called "SOCKS5 with hostnames", but many applications only support one SOCKS5 flavour and you may have to check the documentation to figure out which one it is. For example Privoxy only supports the "SOCKS5 with hostnames" flavour but simply refers to it as SOCKS5 in the configuration files. The documentation should make it clear, though: http://www.privoxy.org/user-manual/config.html#SOCKS The same is true for Polipo: http://www.pps.jussieu.fr/~jch/software/polipo/polipo.html#SOCKS-parent-proxies curl supports both, and the switches are --socks5 and --socks5-hostname, so in this case most Tor users would want the latter. If an application has properly working SOCKS support there usually isn't any need to additionally configure a HTTP proxy unless the proxy itself does something you consider useful. If a client supports both SOCKS4A and "SOCK5 with hostnames" it's usually preferable to use the latter as it supports more detailed error codes. It's up to the client to do something useful with them, though. By that, mean by CURRENT ways that Tor / TBB work, not outdated help / FAQ articles (sorry). Some help files& articles are out of date& no longer apply for some settings. Could be wrong, but don't think instructions on https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail have changed in * long * time. There seems to be some history available: https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail?action=history Have to say, Tbird instructions on above link could be a * LOT * clearer. I'm a technical person (not a coder)& have a hard time following it all. Definitely not written for avg users: I agree. It's also not clear if they are sufficient. It's my impression that they may not cover everything, but as I don't use Thunderbird I could be wrong. Thanks for detailed reply. It answered some questions, but I think for most users (perhaps technical, but not *extremely* advanced), it raises just as many more. I'm glad I don't live in Pakistan. 1) Most apps I've looked at w/ ability to select connection mode don't specify SOCKS 4 / 4a, or 5 / "5 w/ hostnames." MAYBE info could be found from developer or forums. Like you said, "For example Privoxy only supports the "SOCKS5 with hostnames" flavour but simply refers to it as SOCKS5" Even Tbird 6 doesn't specify anything except simply SOCKS 4 / 5. 2) If using Tor / Vidalia / Polipo bundle, & it's enabled, AND applications are config'd to use the port that Polipo uses, aren't the applications using the correct SOCKS type & port #, to prevent DNS leaks, or do many apps just ignore the Polipo settings? I suppose ? if apps don't support SOCKS 4a / 5 w/ hostnames, the
Re: [tor-talk] question about socks 4, 5
Joe Btfsplk wrote: > was playing w/ latest TBB & seeing how other apps (like email - Tbird, > or other apps) behaved, just to experiment. > > 1) Question about changes in proxy settings of late(er) TBB (Aurora - FF > 6) use. Notice that ONLY things filled in on network > settings page is: > - Manual Proxy Config is checked, > > - under SOCKS host, 127.0.0.1 is used, and PORT 9050 used. > - SOCKS 5 is checked. > > Obviously, changes from past Tor. I saw msgs in TBB / Vidalia log > (which unfortunately, I didn't figure out how to save - it's gone once I never used TBB, but the "Vidalia log" in vanilla Vidalia is basically a Tor log, so if you configure Tor to additionally log to a file, the log messages should survive the Vidalia shutdown. > TBB shuts down), to effect of (pardon my poor memory): "An (or some) > applic. is trying to do on SOCKS 5... which ~ may compromise > anonymity... "Consider using SOCKS 4 instead, ... or use Polipo > (Privoxy?)" You are probably referring to: Sep 21 22:43:31.377 [warn] {APP} Your application (using socks5 to port 80) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via privoxy or socat) instead. For more information, please see https://wiki.torproject.org/TheOnionRouter/TorFAQ#SOCKSAndDNS. The important part is "giving Tor only an IP address", you can get the same message for SOCKS4. The URL should probably be fixed, but I'm not sure if the original content still exists somewhere. > Question isn't about ONE app, but in general. If trying to torrify > other apps, how do you know (now) WHICH settings to use in connection > settings for that app(s)? > HTTP, SSL, SOCKS 4 / 5? Or some combo of one or more of these settings > & which Proxy or Port for each? Simplifying things a bit, SOCKS 4 and 5 both have two "flavours", one where the client itself resolves the addresses (potentially "leaking" DNS requests) and one where it doesn't have to (but still could). Tor users usually want to use the ones where the client doesn't have to resolve addresses and naturally they want to use clients that don't resolve anything anyway. In case of SOCKS4 that flavour is called SOCKS4A, in case of SOCKS5 it's often called "SOCKS5 with hostnames", but many applications only support one SOCKS5 flavour and you may have to check the documentation to figure out which one it is. For example Privoxy only supports the "SOCKS5 with hostnames" flavour but simply refers to it as SOCKS5 in the configuration files. The documentation should make it clear, though: http://www.privoxy.org/user-manual/config.html#SOCKS The same is true for Polipo: http://www.pps.jussieu.fr/~jch/software/polipo/polipo.html#SOCKS-parent-proxies curl supports both, and the switches are --socks5 and --socks5-hostname, so in this case most Tor users would want the latter. If an application has properly working SOCKS support there usually isn't any need to additionally configure a HTTP proxy unless the proxy itself does something you consider useful. If a client supports both SOCKS4A and "SOCK5 with hostnames" it's usually preferable to use the latter as it supports more detailed error codes. It's up to the client to do something useful with them, though. > By that, mean by CURRENT ways that Tor / TBB work, not outdated help / > FAQ articles (sorry). Some help files & articles are out of date & no > longer apply for some settings. > Could be wrong, but don't think instructions on > https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail > have changed in * long * time. There seems to be some history available: https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail?action=history > Have to say, Tbird instructions on above link could be a * LOT * > clearer. I'm a technical person (not a coder) & have a hard time > following it all. Definitely not written for avg users: I agree. It's also not clear if they are sufficient. It's my impression that they may not cover everything, but as I don't use Thunderbird I could be wrong. Fabian signature.asc Description: PGP signature ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Re: [tor-talk] question about socks 4, 5
Really surprised haven't gotten replies on the SOCKS 4 / 5 & torrifying other apps questions. I thought there'd be lots of comments on something (probably) widely used. On 9/21/2011 3:31 PM, Joe Btfsplk wrote: was playing w/ latest TBB & seeing how other apps (like email - Tbird, or other apps) behaved, just to experiment. 1) Question about changes in proxy settings of late(er) TBB (Aurora - FF 6) use. Notice that ONLY things filled in on network > settings page is: - Manual Proxy Config is checked, - under SOCKS host, 127.0.0.1 is used, and PORT 9050 used. - SOCKS 5 is checked. Obviously, changes from past Tor. I saw msgs in TBB / Vidalia log (which unfortunately, I didn't figure out how to save - it's gone once TBB shuts down), to effect of (pardon my poor memory): "An (or some) applic. is trying to do on SOCKS 5... which ~ may compromise anonymity... "Consider using SOCKS 4 instead, ... or use Polipo (Privoxy?)" Question isn't about ONE app, but in general. If trying to torrify other apps, how do you know (now) WHICH settings to use in connection settings for that app(s)? HTTP, SSL, SOCKS 4 / 5? Or some combo of one or more of these settings & which Proxy or Port for each? By that, mean by CURRENT ways that Tor / TBB work, not outdated help / FAQ articles (sorry). Some help files & articles are out of date & no longer apply for some settings. Could be wrong, but don't think instructions on https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail have changed in * long * time. Have to say, Tbird instructions on above link could be a * LOT * clearer. I'm a technical person (not a coder) & have a hard time following it all. Definitely not written for avg users: Mozilla Thunderbird Thunderbird has native SOCKS5... 3proxy as a POP3 proxy First, you need to configure and start 3proxy as a pop3 proxy with redirection to tor. Create a configuration file (plain text) like this: # put 3proxy in background mode. For Windows replace with "service" daemon... I'm sorry, but don't really follow all the article & don't know when it was updated - no date!!! Haven't gotten around to trying to install both latest TBB AND Tor bundle or run * at same time, * on diff ports - but need to. Life doesn't stop because TBB is open. There could be times when I'd really like to run other apps thru Tor WHILE running TBB. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
[tor-talk] question about socks 4, 5
was playing w/ latest TBB & seeing how other apps (like email - Tbird, or other apps) behaved, just to experiment. 1) Question about changes in proxy settings of late(er) TBB (Aurora - FF 6) use. Notice that ONLY things filled in on network > settings page is: - Manual Proxy Config is checked, - under SOCKS host, 127.0.0.1 is used, and PORT 9050 used. - SOCKS 5 is checked. Obviously, changes from past Tor. I saw msgs in TBB / Vidalia log (which unfortunately, I didn't figure out how to save - it's gone once TBB shuts down), to effect of (pardon my poor memory): "An (or some) applic. is trying to do on SOCKS 5... which ~ may compromise anonymity... "Consider using SOCKS 4 instead, ... or use Polipo (Privoxy?)" Question isn't about ONE app, but in general. If trying to torrify other apps, how do you know (now) WHICH settings to use in connection settings for that app(s)? HTTP, SSL, SOCKS 4 / 5? Or some combo of one or more of these settings & which Proxy or Port for each? By that, mean by CURRENT ways that Tor / TBB work, not outdated help / FAQ articles (sorry). Some help files & articles are out of date & no longer apply for some settings. Could be wrong, but don't think instructions on https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/EMail have changed in * long * time. Have to say, Tbird instructions on above link could be a * LOT * clearer. I'm a technical person (not a coder) & have a hard time following it all. Definitely not written for avg users: Mozilla Thunderbird Thunderbird has native SOCKS5... 3proxy as a POP3 proxy First, you need to configure and start 3proxy as a pop3 proxy with redirection to tor. Create a configuration file (plain text) like this: # put 3proxy in background mode. For Windows replace with "service" daemon... I'm sorry, but don't really follow all the article & don't know when it was updated - no date!!! Haven't gotten around to trying to install both latest TBB AND Tor bundle or run * at same time, * on diff ports - but need to. Life doesn't stop because TBB is open. There could be times when I'd really like to run other apps thru Tor WHILE running TBB. Thanks. ___ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk