Post Reply 
"PROXO-TOR NETWORK"
Jan. 01, 2005, 01:00 AM
Post: #31
 
Also, the filter named "Remove: Junk from Titles, Snip Excess {3.d}" conflicts with my "Display IP Address in Title Bar" filter.

This filter is found in JD5000's config pack
Visit this user's website
Add Thank You Quote this message in a reply
Jan. 01, 2005, 01:56 AM
Post: #32
 
Ok, . .Got the filter, got the script, know what to do with the filter, but not to sure what to do with script! LOL, , ,Sad

"Kye-u" You'll have to point Me in the right direction with this one. Smile!
Best Wishes,
"JaK" [smoke]
Add Thank You Quote this message in a reply
Jan. 01, 2005, 02:52 AM
Post: #33
 
..::Jak::..

The script is if you ever happen to get a webhost that allows ASP, you will be able to upload a file called info.asp with that script in it and use that link instead of the ASP Host link.

�{=(~�::[Shea]::��~)=}�
How 'bout you sideburns, you want some of this milk?
This fading text is pretty cool, eh? I bet you wish you had some.
Add Thank You Quote this message in a reply
Jan. 01, 2005, 03:14 AM
Post: #34
 
Smile! Thankx "Shea", . . I just wasn't sure, , , Here is what I've gotten so far with the "stripped down" config file for PRixvoxy
Code:
{ \
-add-header \
-block \
-crunch-outgoing-cookies \
-crunch-incoming-cookies \
-deanimate-gifs{last} \
-downgrade-http-version \
-fast-redirects \
-filter{js-annoyances} \
-filter{js-events} \
-filter{html-annoyances} \
-filter{content-cookies} \
-filter{refresh-tags} \
-filter{unsolicited-popups} \
-filter{all-popups} \
-filter{img-reorder} \
-filter{banners-by-size} \
-filter{banners-by-link} \
-filter{webbugs} \
-filter{tiny-textforms} \
-filter{jumping-windows} \
-filter{frameset-borders} \
-filter{demoronizer} \
-filter{shockwave-flash} \
-filter{quicktime-kioskmode} \
-filter{fun} \
-filter{crude-parental} \
-filter{ie-exploits} \
-filter{site-specifics} \
-handle-as-image \
+hide-forwarded-for-headers \
-hide-from-header{block} \
-hide-referrer{forge} \
-hide-user-agent \
-kill-popups \
-limit-connect \
-prevent-compression \
-send-vanilla-wafer \
-send-wafer \
-session-cookies-only \
-set-image-blocker{pattern} \
}
/
{ -crunch-outgoing-cookies \
  -crunch-incoming-cookies \
  -session-cookies-only \
}
/

Just copy and open up the Default Action File and paste it in there. This is the only thing that You need in the Default.Action file. There's still some other tweaks that I'm going to be doing. but as of right now, , ,My TOR'ed pages are loading almost as fast as My Non-filtered ones. I'm using FoxFire browser right now. However, I am on dial-up so I wouldn't know how broad-band would behave.
Best Wishes,
"JAK" [smoke]

PS: came back and edited File, . .if You do not enable (Hide X-Forwarded-For) some sites are detecting that Proxomitron is being used. "Click Here" ~JAK~
Add Thank You Quote this message in a reply
Jan. 01, 2005, 06:52 AM
Post: #35
 
It's working great! Almost no speed loss!

I think I can dump SocksCap now Big Teeth

Keep on optimizing my friend Cheers
Visit this user's website
Add Thank You Quote this message in a reply
Jan. 01, 2005, 07:02 AM
Post: #36
 
In the main config of Privoxy, search for "logfile privoxy.log"

Delete it, and I think this will stop Privoxy from logging to a file Big Teeth
Visit this user's website
Add Thank You Quote this message in a reply
Jan. 01, 2005, 05:02 PM
Post: #37
 
Hey "KYE-U" glad You like the changes. Smile!
Still working editing the files. I knew that it take "time" for a program to scan a list, especially huge lists like Privoxy had, and if You could stop the scanning or at least minimize it, it had to be faster.

But on the Privoxy log file I think that You might have to use that "Cleaner_batch.file" on this one. It's like the index.dat file. If You delete it "Privoxy" will create another one. Sad

Also I've noticed another thing that might need some attention. If PROXO is set up to connect "DIRECTLY" to sites that You don't want to route through the TOR network, there is a possibility that it can be "Called" to directly connect to a site that You are wanting to route through the NETWORK. Of course this is setup in Your Fire-wall. IF PRoxo is set to connect only to PRivoxy, which is port 8118 by default, then there is no problem but if PROXO is set to connect to HTTP, Https, 3128, etc. , , , then it is possible that it can be called to connect to sites directly. And Your IP would be compromised. This has happened only once, but it is something to be considered. If You set Proxo up to connect "only" to PRivoxy, then You can't connect to site directly, if You set PROXO up to connect directly to sites then You could open up a security breach. Like I said it has only happened once, ,could have been just a glitch, . .but I'm going to give it some serious attention, after I get through with downsizing these config files. Smile!

Best Wishes,
"JaK" [smoke]
Add Thank You Quote this message in a reply
Jan. 01, 2005, 07:09 PM
Post: #38
 
my privoxy configration is broken.
It's randomly and selectively blocking ALL traffic WHENEVER it chooses.
What's wrong? Why can't I be completely anonymous on the net? *sob* *sob* *sniff*

Code:
Jan 02 00:52:05 Privoxy(03816) Connect: OK
Jan 02 00:52:05 Privoxy(02296) Header: New HTTP Request-Line: GET / HTTP/1.1
Jan 02 00:52:05 Privoxy(03816) Connect: accept connection ...
Jan 02 00:52:05 Privoxy(03816) Connect: accept connection ...
Jan 02 00:52:05 Privoxy(02296) Header: scan: Host: www.yahoo.com
Jan 02 00:52:05 Privoxy(02296) Header: scan: User-Agent: Mozilla/4.04 [en] (X11; I; Linux 2.0.32 i586) via HTTP/1.0 klingon.empire.star-travel.org/
Jan 02 00:52:05 Privoxy(02296) Header: scan: Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5
Jan 02 00:52:05 Privoxy(02296) Header: scan: Accept-Language: en-co
Jan 02 00:52:05 Privoxy(02296) Header: scan: Accept-Encoding: gzip, x-gzip, deflate
Jan 02 00:52:05 Privoxy(02296) Header: scan: Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Jan 02 00:52:05 Privoxy(02296) Header: scan: Cookie: no cookie for you my son...
Jan 02 00:52:05 Privoxy(02296) Header: scan: Cache-Control: no-store, no-cache, max-age=0
Jan 02 00:52:05 Privoxy(02296) Header: scan: Client-ip: 12.148.163.143
Jan 02 00:52:05 Privoxy(02296) Header: scan: Pragma: no-cache
Jan 02 00:52:05 Privoxy(02296) Header: scan: Referer: [URL=http://www.google.com/search?hl=en&ie=UTF-8&oe=UTF-8&q=Big+Bang]http://www.google.com/search?hl=en&ie=UTF-...TF-8&q=Big+Bang[/URL]
Jan 02 00:52:05 Privoxy(02296) Header: scan: Via: HTTP/1.1 ron8.uk.emb.gov.au (Squid/2.3.STABLE1)
Jan 02 00:52:05 Privoxy(02296) Header: scan: X-Forwarded-For: 195.4.192.52
Jan 02 00:52:05 Privoxy(02296) Header:  crunch!
Jan 02 00:52:05 Privoxy(02296) Header: addh-unique: Host: www.yahoo.com
Jan 02 00:52:05 Privoxy(02296) Header: addh: Cookie: forgot the cookie dough... sorry.
Jan 02 00:52:05 Privoxy(02296) Request: www.yahoo.com/
Jan 02 00:52:05 Privoxy(02296) Connect: to www.yahoo.com
Jan 02 00:52:05 Privoxy(02296) Writing: 
I can't go after this on ANY request, and I think I saw in one PC [neighbour] there was a "Memory leak" according to Anticrash (trial version)

<span style='font-size:8pt;line-height:100%'><i><span style='color:#0000FF'>Projekt</span> </span><span style='color:#FF0000'>D</span><span style='color:#008200'>F</span><span style='color:#8449a5'>S</span></i> : <b><span style='color:#0000FF'>projekt</span><span style='color:#FF0000'>d</span><span style='color:#008200'>f</span><span style='color:#8449a5'>s</span></b>[at]<span style='color:BLUE'>g</span><span style='color:RED'>m</span><span style='color:#ce9a31'>a</span><span style='color:BLUE'>i</span><span style='color:#008200'>l</span><span style='color:BLACK'>.</span><span style='color:#8449a5'>com </span><span style='color:BLACK'>: <u>What</u> is it?</span><br>It&#39;s ONLINE <span style='color:#FF0000'><span style='font-size:10pt;line-height:100%'>NOW</span></span>&#33;&#33;&#33;pm me for url. max 250 users. by invite only please.
Add Thank You Quote this message in a reply
Jan. 01, 2005, 07:47 PM
Post: #39
 
Hi "No13",
Do You think that You might have maybe some spyware that's trying launch out through PRivoxy? I've noticed that some of those TOR Socks servers run on some crazy ports, , ,and then Your fire-wall might not be configured to let TOR connect to them, so Privoxy just just "crunches" the connection. Not really sure, but some of those headers sure look familar to Me, , ,Smile!

Here is My firewall settings for TOR:
Code:
RULE #1
Where the protocol is TCP
And where the direction is INBOUND
And where the remote host is 127.0.0.1
And where the local port is 9050

RULE #2
Where the protocol is TCP
And where the direction is OUTBOUND
And where the remote port is HTTP, HTTPS, 9001-9004, 9030-9033, 9100, 9090, 9901, 7273, 20001, RDP, 27030, 9091
Allow it

My Firewall settings for PRivoxy:
Code:
RULE #1
Where the protocol is TCP
And where the direction is OUTBOUND
And where the remote host is localhost:loopback (127.0.0.1)
And where the remote port is 9050
Allow it

Rule #2
Where the protocol is TCP
And where the direction is INBOUND
And where the remote host is 127.0.0.1
And where the local port is 8118
Allow it

You might do some spyware scans and maybe a antivirus scan just to make sure that You don't have something trying to phone home.
And if nothing else You might want to reinstall the PRivoxy and see what happens. But don't worry it's still a work in progress and we'll get better as it goes along. Smile!
Best Wishes
"JaK" [smoke]
Add Thank You Quote this message in a reply
Jan. 01, 2005, 08:03 PM
Post: #40
 
"Guyz",
Here is what I got so far on the "PRivoxy"
Of course close Privoxy out and Copy this to Your Main Configuration File, THIS IS THE ONLY THING THAT YOU NEED IN IT! Smile!
Code:
forward-socks4a / 127.0.0.1:9050 .
forward-socks4a :443 127.0.0.1:9050 .
forward-socks4a :53 127.0.0.1:9050 .
listen-address  127.0.0.1:8118
actionsfile default   # Main actions file
actionsfile default   # Main actions file
actionsfile standard  # Internal purpose, recommended
toggle  1
buffer-limit 4096
debug   1    # show each GET/POST/CONNECT request
debug   4096 # Startup banner and warnings
debug   8192 # Errors - *we highly recommended enabling this*

I have left it so You can edit the Main Config file and the Default Config file from the main Dialog box instead of having to drill down to the Privoxy Main Directory to edit those files. Smile!
Now if You want to stop ALL filtering what so ever, just change the toggle 1 to toggle 0. But I wanted some control over it especially since I wanted to Block the X-Forwarded-For headers. As explained above when You don't block them as You route through the TOR Network it gives them two different X-Forwarded-For IPs, and the last one is always 127.0.0.1. And that's a tell-tale sign that PROXOMITRON is being used for the connections. So instead of just disabling them in PRoxo, I just use Privoxy to automatically block them when I route through the TOR Network. And when I'm connect directly to a site then PROXO forwards those headers through as part of JakxPack's spoofin' setup.

Also with Your PRivoxy Config changed You can delete the Jar.file and the Privoxy.log file. With these changes it will Not create the log files. Smile!
Also I left the Debugging in the config files so that the PRivoxy dialog box would show Your connections.

Now here is what You need to put in both Your "standard" and "Default.Action file". And Again, THIS IS ALL THAT YOU NEED TO HAVE IN THESE FILES. You can delete the other default file after You have made the Config file changes:
Code:
{ \
-add-header \
-block \
-crunch-outgoing-cookies \
-crunch-incoming-cookies \
-deanimate-gifs{last} \
-downgrade-http-version \
-fast-redirects \
-filter{js-annoyances} \
-filter{js-events} \
-filter{html-annoyances} \
-filter{content-cookies} \
-filter{refresh-tags} \
-filter{unsolicited-popups} \
-filter{all-popups} \
-filter{img-reorder} \
-filter{banners-by-size} \
-filter{banners-by-link} \
-filter{webbugs} \
-filter{tiny-textforms} \
-filter{jumping-windows} \
-filter{frameset-borders} \
-filter{demoronizer} \
-filter{shockwave-flash} \
-filter{quicktime-kioskmode} \
-filter{fun} \
-filter{crude-parental} \
-filter{ie-exploits} \
-filter{site-specifics} \
-handle-as-image \
+hide-forwarded-for-headers \
-hide-from-header{block} \
-hide-referrer{forge} \
-hide-user-agent \
-kill-popups \
-limit-connect \
-prevent-compression \
-send-vanilla-wafer \
-send-wafer \
-session-cookies-only \
-set-image-blocker{pattern} \
}
/
{ -crunch-outgoing-cookies \
  -crunch-incoming-cookies \
  -session-cookies-only \
}
/
+add-header{Client-IP}
-hide-Client-IP \
+add-header{Via} \
-hide-Via \
/
OR YOU CAN USE THIS IF YOU THINK YOU DON'T WANT TO CONTROL ANY OTHER PRIVOXY FUNCTIONS, THIS IS FASTER FOR DIAL-UP
Code:
{ \
+hide-forwarded-for-headers \
}
/
Now remember that Your speed will be determinded by how well the TOR network is running for You. But there should be very little slow down from Good Ole "Privoxy" now. Smile!

One thing that I did learn about socks proxies, a Socks4a automatically does DNS resolving through the Proxy, which means Your IP is not revealed to the DNS server, but the Socks 4 & 5 does it at the local level which would reveal Your IP and create a log of Your surfing habits on which ever DNS server You happen to be using whether it's Your ISP's or some other off world DNS server. So You really don't have to have the line in the config file forward-socks4a :53 127.0.0.1:9050 ., but I left it there just in case as an extra safe guard to make sure that Socks4a protocol was used for Your DNS resolving. Cheers

Take Care and Have a Great & Wonderful Day,
Best Wishes,
"JaK" [smoke]

PS: Oh and here is another nice little test page to check Your setup out with:
"Click Here" ~JaK~

For those of You who missed these on page one of this thread, be sure to add these filters to Your Set-up:
Code:
List.Tor_Proxo = "..\Lists\Tor_Proxo.txt"
[HTTP headers]
In = FALSE
Out = TRUE
Key = "URL:Tor-Proxy Bypass (Out) {Kye-U & JaK}"
URL = "$LST(Tor_Proxo)"
Replace = "$LOG(!RWARNING! ALERT! CAUTION!)$LOG(!CTHE T.O.R.-Proxy Network "IS NOT BEING USED" for this connection!!!)$LOG(!G"BABY YOU IS ALL OWN YER OWN!"  =:-o)"

In = FALSE
Out = TRUE
Key = "URL:Tor-Proxy Access (Out)" {Kye-U & Jak}"
URL = "*&(^$LST(Tor_Proxo))"
Match = "$LOG(!CTHE T.O.R.-PROXY Network "IS BEING USED" for this connection.)$LOG(!Y Says "JakBeNymble" =:-D)"
Replace = "$SETPROXY(127.0.0.1:8118)"

You will have to make a text file and name it Tor_Proxo and of course put it in the LISTS subdirectory of Your PROXO folder. Just list sites in it that You DO NOT want to be routed through the TOR network and Proxo's "Log window" will tell You if You are being routed or not. Smile! ~JaK~

"Hint": Also if You are using this filter (Connection: Close all connections (in+out) {JakBeNymble}) You can "DISABLE" it for extra speed. If You are using the TOR network Your connection will always be closed anyways, and for the pages that You Do Not want routed throught the Network You probably wouldn't care to have the connections open anyways because it's a trusted site. [smoke]
Add Thank You Quote this message in a reply
Jan. 02, 2005, 06:27 AM
Post: #41
 
Great guide Jack! My surf speed doesn't show any signs of a speed slowdown. Not sure if it's my config or by design, but the prox log opens when surfing even after closing it. Here is what I did to alter that and add TOR information to the TITLE (modified from Sidki's title filter):
Code:
[HTTP headers]
In = FALSE
Out = TRUE
Key = "URL:Tor-Proxy Access (Out)" {Kye-U & Jak}"
URL = "*&(^$LST(Tor_Proxo))"
Match = "\0&$LOG(CTHE T.O.R.-PROXY Network "IS BEING USED" for this connection.)"
Replace = "$SETPROXY(127.0.0.1:8118)&$SET(TOR=TOR-Proxy)"

In = FALSE
Out = TRUE
Key = "URL:Tor-Proxy Bypass (Out) {Kye-U & JaK}"
URL = "$LST(Tor_Proxo)"
Match = "\0&$LOG(CTHE T.O.R.-Proxy Network "IS NOT BEING USED" for this connection!!!)"
Replace = "$SET(TOR=*** TOR Bypassed ***)"

[Patterns]
Name = "<title>: Add TOR - Fix Tag - Snip Excess      4.11.24 (multi) [jd sd] (d.1)"
Active = TRUE
Multi = TRUE
URL = "$TYPE(htm)"
Bounds = "<title*((</title >|(<title|</tilte|/title|title) >$SET(0=/title-typo))\4|(\s)\4(^(^<(meta|link|/head)))$SET(0=/title-unclosed)|(^(^<!)))"
Limit = 12000
Match = "<title(\s*|)\1>($TST(title=1)$SET(title=)|$SET(title=1))"
"(\#<(/|)(div|span)[^>]+>)+\#"
"&$SET(a=\@)$TST(a=((?+{62})\3?$SET(2=\3...)*|\2)$TST(\4))"
"&"
"("
"$TST((\0)=*)$SET(eFixedT=$GET(eFixedT)\0 )"
"($TST(volat=*.log:2.*)$ADDLST(Log-Main,[$DTM(d T)]\tWEB Fixed_Tag\t\0 \t\u)|)"
"|)"
Replace = "<title\1>\2 ~$GET(TOR)</title>$SET(a=)$SET(TOR=)$STOP()"

The use of proxy-TOR will still show in the proxy log but will not automatically open the log. The title of web pages will show "TOR-Proxy" when running through TOR and "*** TOR Bypassed ***" when not. It will show neither if you have a site bypassed in prox. I am sure the Title filter can be simplified for anyone not using Sidki's set.

DamWill

.:WMP:.
Add Thank You Quote this message in a reply
Jan. 02, 2005, 06:57 AM
Post: #42
 
Hey "Damwill" Glad it's working for You! Smile!
You know I noticed the PRoxo Log window poppin' up to, but I thought it was something else I had running on this box. A Great Big Thankx for the work around, I'm going try it in just abit.
Best Wishes,
"JaK" [smoke]

PS: The Filters Works like a Charm! Thankx, but You know You ought put Your Nic also in the filters name. Nothing wrong with that at all. I believe in give credit where credit's due "My Friend". Smile!

Here is a nice article about the TOR network that was written back in aug.5, 2004
"T.O.R."
Sample from the article found at "wired news".com
Code:
The Tor network currently includes 35 servers that forward each data stream at least three times. Each server averages 10 Kbps of bandwidth. Those with reliable Internet connections, who can support at least 1 Mbps in both directions, are being recruited as potential servers in the network.
Add Thank You Quote this message in a reply
Jan. 02, 2005, 05:20 PM
Post: #43
 
Jak
running NO firewall.
Triple reinstall uselsess.

Got any more suggestions???

IMPORTANT: I have discovered than when connecting to google.com through firefox, the connection short-circuits Privoxy THROUGH Proxo.
Dunno how.

<span style='font-size:8pt;line-height:100%'><i><span style='color:#0000FF'>Projekt</span> </span><span style='color:#FF0000'>D</span><span style='color:#008200'>F</span><span style='color:#8449a5'>S</span></i> : <b><span style='color:#0000FF'>projekt</span><span style='color:#FF0000'>d</span><span style='color:#008200'>f</span><span style='color:#8449a5'>s</span></b>[at]<span style='color:BLUE'>g</span><span style='color:RED'>m</span><span style='color:#ce9a31'>a</span><span style='color:BLUE'>i</span><span style='color:#008200'>l</span><span style='color:BLACK'>.</span><span style='color:#8449a5'>com </span><span style='color:BLACK'>: <u>What</u> is it?</span><br>It&#39;s ONLINE <span style='color:#FF0000'><span style='font-size:10pt;line-height:100%'>NOW</span></span>&#33;&#33;&#33;pm me for url. max 250 users. by invite only please.
Add Thank You Quote this message in a reply
Jan. 02, 2005, 05:45 PM
Post: #44
 
Jak, I've edited your Main Config file to look like this:

Code:
forward-socks4a / 127.0.0.1:9050 .
forward-socks4a :443 127.0.0.1:9050 .
forward-socks4a :53 127.0.0.1:9050 .
listen-address  127.0.0.1:8118
actionsfile default   # Main actions file
actionsfile default   # Main actions file
actionsfile standard  # Internal purpose, recommended
toggle  1
buffer-limit 4096
debug   1    # show each GET/POST/CONNECT request
debug   4096 # Startup banner and warnings
debug   8192 # Errors - *we highly recommended enabling this*

Without the repetition of "actionsfile default # Main actions file", it will not show User Actions. Eyes Closed Smile
Visit this user's website
Add Thank You Quote this message in a reply
Jan. 03, 2005, 03:53 AM
Post: #45
 
Why the use if $SETPROXY versus $USEPROXY?

.:WMP:.
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: