TOR and Explorer

A

adripillo

Hello, some of my friends are using Windows with TOR to enter on pages like YouTube, etc. I can see TOR in ports so my question is: can I do the same? Is it the same TOR as Windows uses or is this TOR is for another thing? If it is the same TOR, how to configure it? Thanks in advance.
 
cpm said:
Sure, take a look here.
Click to expand...

Ok, I am behind a Squid proxy so I have some questions: TOR needs to be configured? And here on Polipo:

Code: 
proxyAddress = "127.0.0.1" 
proxyPort = 8118
allowedClients = 127.0.0.1
allowedPorts = 1-65535
proxyName = "localhost"
cacheIsShared = false
socksParentProxy = "localhost:9050"
socksProxyType = socks4a
chunkHighMark = 819200
objectHighMark = 128
diskCacheRoot = ""
disableLocalInterface = true
disableConfiguration = true
localDocumentRoot = ""
dnsUseGethostbyname = yes
disableVia=falsecensoredHeaders = from, accept-language, x-pad, link
censorReferer = maybe
daemonise = true
logSyslog = true
maxConnectionAge = 5m
maxConnectionRequests = 120
serverMaxSlots = 8
serverSlots = 2
tunnelAllowedPorts = 1-65535

The first two lines are for the Squid IP and port?
 
adripillo said:
Hello, some of my friends are using Windows with TOR to enter on pages like YouTube, etc. I can see TOR in ports so my question is: can I do the same? Is it the same TOR as Windows uses or is this TOR is for another thing? If it is the same TOR, how to configure it? Thanks in advance.
Click to expand...

Wikileaks.
 
One thing that is usually overlooked wile using TOR, is something called DNS-leaks. This occurs when you have a browser with a TOR enable/disable button (for example foxyproxy in firefox). Such enable-by-click buttons change the proxy settings for the browser, thus piping the traffic either directly (no proxy), or through the defined proxy-chain that includes TOR.

The problem with such enable/disable schemes, is that depending on the situation, the DNS look-up traffic can be temporarily or for the entire session be passed as normal traffic and NOT through the TOR/socks layer. Such a situation renders TOR ineffective, because while the traffic is encrypted and hidden, the IP's of clients who have looked-up the IP for the "forbidden website" are now on record.

The solution is to NOT use such enable/disable buttons, plain and simple. In fact, the windows package now comes with its own browser with dedicated proxy settings. The thing to do (or my personal solution) on open source systems is to dedicate a separate browser with PERMANENT proxy settings for TOR/socks & www/privoxy (I prefer it to polipo), and to use that for anonymous browsing. Use other browsers for normal activities. So, for example, setup www/midori (now comes with script-blocker add-on) for TOR/socks and use your favorite browser for the other times.
 
Beeblebrox said:
One thing that is usually overlooked wile using TOR, is something called DNS-leaks. This occurs when you have a browser with a TOR enable/disable button (for example foxyproxy in firefox). Such enable-by-click buttons change the proxy settings for the browser, thus piping the traffic either directly (no proxy), or through the defined proxy-chain that includes TOR.

The problem with such enable/disable schemes, is that depending on the situation, the DNS look-up traffic can be temporarily or for the entire session be passed as normal traffic and NOT through the TOR/socks layer. Such a situation renders TOR ineffective, because while the traffic is encrypted and hidden, the IP's of clients who have looked-up the IP for the "forbidden website" are now on record.

The solution is to NOT use such enable/disable buttons, plain and simple. In fact, the windows package now comes with its own browser with dedicated proxy settings. The thing to do (or my personal solution) on open source systems is to dedicate a separate browser with PERMANENT proxy settings for TOR/socks & www/privoxy (I prefer it to polipo), and to use that for anonymous browsing. Use other browsers for normal activities. So, for example, setup www/midori (now comes with script-blocker add-on) for TOR/socks and use your favorite browser for the other times.
Click to expand...

Do you know or have some guide that shows me how to set up www/midori for TOR?
 
1) Install it: # make install -C /usr/ports/www/midori
2) Open Midori, preferences -> network -> proxy_server -> HTTP_proxy. Leave Port as 8080. OK
3) Configure your privoxy or polipo http proxy to listen on port 8080 (the default) and also to forward traffic to socks5 (or socks4*) proxy listening on 9050 it was I believe.
4) Start both proxies (privoxy+TOR or polipo+TOR), and test whether you are using the TOR onion.

The setup for Midori is easy. Seting up privoxy or polipo is much more complicated and will require for you to read through the documentation in some detail.
 
Beeblebrox said:
1) Install it: # make install -C /usr/ports/www/midori
2) Open Midori, preferences -> network -> proxy_server -> HTTP_proxy. Leave Port as 8080. OK
3) Configure your privoxy or polipo http proxy to listen on port 8080 (the default) and also to forward traffic to socks5 (or socks4*) proxy listening on 9050 it was I believe.
4) Start both proxies (privoxy+TOR or polipo+TOR), and test whether you are using the TOR onion.

The setup for Midori is easy. Seting up privoxy or polipo is much more complicated and will require for you to read through the documentation in some detail.
Click to expand...

You're right, that's the problem. I need to "tell" privoxy that I am using Internet under a Squid proxy. I wonder if this configuration could work for privoxy in /etc/privoxy/config:

Code: 
listen-address "SQUID IP":3128
forward-socks4a / 127.0.0.1:9050

NOTE: I do not have access to Squid, it is running on another computer, not mine.
 
You must log in or register to reply here.
Back
Top