Post Reply 
"PROXO-TOR NETWORK"
Dec. 25, 2004, 02:45 AM
Post: #1
"PROXO-TOR NETWORK"
Summary of topic here: http://prxbx.com/forums/index....pic=361&st=75� (Jak, I hope you don't mind me adding this [lol])

Hi "Guyz",
I know that I saw elsewhere on the Forum where "Kye-u" talked about the "TOR" program. But I couldn't find it this evening so I thought that it might have gotten lost while the Forum was down. I have been working chaining "PRoxo" with this nice little proggie. I made some tweaks in the Tor default file so that My "JakxPack" will be allowed to do it's "stuff".

For those who haven't checked the "Tor" program out, it's a program that works to randomly reroute Your data stream through a series of computers. Once Your data stream reaches the first computer it's encypted and channeled though at least one or more other machines, so Your IP keeps changing! Big Teeth

Here is where You can read/download the "TOR" proggie and "PRivoxy" You will need both of these. "Click Here" However, You don't want to change Your Browser settings like it shows on the web-page, , ,instead, . .You just add this to Proxo's Remote Proxy list 127.0.0.1:8118 (Privoxy) Now after that You "merge" My PRox filter, . It will automatically route the PRoxo Traffic through the network. You DON'T Have to "tick" the "Use Remote PRoxy" box in PRoxo. The "SETPROXY" Filter will overide any Proxy settings You might have in "Proxo" Smile!

Now You can change the default config in the "Privoxy" program to let the PRoxo filters still work through.
Here is what I've got Browser---->PRoxomitron----->PRivoxy----->Tor
After You install PRivoxy, launch it and open up the Default config and change it to let the right headers filter through. However, I blocked the X-Forwared-For headers, the checker pages kept logging two IPs the fake one & the localhost IP. I thought it caused to much attention so I just left them blocked out in PRivoxy.
Code:
+hide-forwarded-for-headers{Screw-u-man} \
-hide-from-header{block} \
+hide-referrer{forge} \
-hide-user-agent{} \
+add-header{Via:} \
Also You need to add this at the very top of the "Main" config.
Code:
forward-socks4a / localhost:9050 .
Don't leave out the litttle "period" at the end, . .it needs it, Man, . it needs it.

Now I written a Proxo filter that uses this setup for my complete surfing, except for sites (like the Forum) where You have to use a "password", . and login.
Code:
[HTTP headers]
In = FALSE
Out = TRUE
Key = "URL: "TOR PROGRAM" (Out)"
URL = "^$LST(Tor_Proxo)"
Replace = "$SETPROXY(127.0.0.1:8118)"

Now make a new list and name it Tor_Proxo, and put all the urls in it that You DON'T WANT to be channeled through the TOR network in the list. Here is mine
Code:
# URL THAT YOU DO NOT WANT TO ROUTE THROUGH "TOR" NETWORK

[code]
*mail.yahoo*
*login*
*yimg.com*
[^/]++kye-u.com/*
#[^/]++google.com/*
[^/]++asp.flaaten.dk/*

Of course You have to set the path for the filter/list in Proxo too.

Now here's the thing, . .once You have TOR and PRivoxy installed You can route just about anything through it, . .I have my download manager, chat ware, , ,You just have to set it to the right port number. It's alittle slower for Me, ,,but for what it's doing, . .it's worth it right now, . .I've been thinking about having "broad-band" installed and then I don't think that I would notice very much "drag", . .

HAPPY HOLIDAYS EVERYONE,
Best Wishes,
"Jak" [smoke]

PS: "Here" is where the "Kye-U" used a "SocksCap" instead of "Privoxy" to chain the Tor network to PRoxo.
Add Thank You Quote this message in a reply
Dec. 25, 2004, 03:49 AM
Post: #2
 
Wow! Really cool Jak. But I don't think Kye-U ever mentioned it on this board, but maybe I missed it. Do you think I could chanel some P2P programs through it?

�{=(~�::[Shea]::��~)=}�
How 'bout you sideburns, you want some of this milk?
This fading text is pretty cool, eh? I bet you wish you had some.
Add Thank You Quote this message in a reply
Dec. 25, 2004, 03:53 AM
Post: #3
 
Shea Wrote:Wow! Really cool Jak. But I don't think Kye-U ever mentioned it on this board, but maybe I missed it. Do you think I could chanel some P2P programs through it?
I posted it 2 days ago, but then the server went down, and I only had a Dec. 17th Backup on my computer.

I've reposted it again Eyes Closed Smile (I saved my post in a txt file on my HD)
Visit this user's website
Add Thank You Quote this message in a reply
Dec. 25, 2004, 03:56 AM
Post: #4
 
LOL! "SHEA", . .You read My Mind! I certainly going to try, . .*smiles*
Best Wishes,
"Jak" [smoke]
Add Thank You Quote this message in a reply
Dec. 25, 2004, 06:11 AM
Post: #5
 
Very nice guide.

Here's my setup:

Browser (Proxomitron set as Proxy) --> Proxomitron (Privoxy set as Proxy) --> Privoxy (Tor set as SOCKS Proxy) --> Tor

I wrote this Proxomitron Header filter to create a "White List" of sites that you do not wish to use Tor on:

Code:
[HTTP headers]
In = FALSE
Out = TRUE
Key = "URL: Bypass Tor Proxy (Out)"
URL = "$LST(Tor_Proxo)"
Replace = "$USEPROXY(false)"

Create a new Blocklist called "Tor_Proxo" and put in URLs that you wish to surf without the proxy.

Big Teeth
Visit this user's website
Add Thank You Quote this message in a reply
Dec. 25, 2004, 07:25 AM
Post: #6
 
I removed Privoxy and reverted to my method (SocksCap).

I found that with Privoxy, there were many broken images, and page loading was significantly slower Sad
Visit this user's website
Add Thank You Quote this message in a reply
Dec. 25, 2004, 12:47 PM
Post: #7
 
Hi "Guyz",
Yes, . .I found that the SocksCap version runs much faster. There is a problem however, "Privoxy" has an extra anonymity feature built into that Keeps Your DNS resolving from "leaking out". If you pop up the Dos prompt window that "TOR" has running, it in the log complaining about NOT using "Privoxy"

I'm wondering that if I were to "Strip" the filtering out of Privoxy would it run faster? Here is a modification on "Kye-U's PRoxo filter,
Code:
In = FALSE
Out = TRUE
Key = "URL: Bypass Tor Proxy (Out)" {Kye-U}
URL = "$LST(Tor_Proxo)"
Replace = "$USEPROXY(false)$LOG(!CWARNING!  TOR-Proxy Network NOT BEING USED!)"

TaKe Care,
"JaK" [smoke]

PS: Great idea Kye-U for Starting Proxo with the SockCap Cheers ~JaK~
Add Thank You Quote this message in a reply
Dec. 25, 2004, 04:31 PM
Post: #8
 
Hi "Guyz",
Here is what I've got so far. I've tried very desperately to tweak the config files on the "Privoxy", . .and alas to No avail. The problem is that it has a certain set of defaults that it just want let You change, because if You do, . .then it won't load the very next PAGE!

The "SocksCap" program is very very much faster than "Privoxy". It doesn't do any filtering at all so it's more like an inter-face than anything else, which of course makes it light and fast. "Privoxy" is actually more like a "PRoxo" proggie. It's a nice program but it does tend to be very slow especially when it's connecting You to an Onion Routing network. So I've settled in on the SocksCap, however the creator only lets You have it for a little less than a year then the subscription????? runs out!

Now here's where I ran into an even bigger concern using the SocksCap over Privoxy. PRivoxy either does "In House" DNS resolving or it routes the query through the anonymous Proxy that it's connecting with, so Your "Personal Surfin' Habits are not seen in the DNS resolving. Now this tell-tale DNS squealing only goes on when Your are "Sockifing" port 80. Which is one of the two ports that "Proxomitron" monitors and since that it's "Good Ole PROXO" that's directly chained to one of these two "Socksifin' Interfacin' Wigitz, then, . . there is a concern about this DNS resolving issue.

However, I think that I might have some solutions for this, . .First of all, the only time that Your ISP's DNS server is queried by Your "Blessed Box" is when the Url isn't resolved in Your Hosts file. If the addy is in the hosts.file, the DNS server isn't even contacted. So You could just add the "addys" of the sites that You like to visit but not have everybody know that You did, to your hosts file. That's one solution, Second if You are using the "OutPost" Fire-wall this isn't much of a concern either , . .because "OutPost" has a configurable feature Called "DNS CACHING", . .So again the DNS server would Not be queried as long as the URL/IP is in the "OutPost's "DNS Storage Bin"!!! "Click Here"

Now eventhough that Your ISP's DNS server Isn't being queried, the "T.O.R." Dos splash-screen is going to be telling You over and over again, , so when Your Massive Data Packets are routed through the NetWork, . .the warning will appear in every line, ,, "Hey buddy You really need to using 'Privoxy' or 'Socat' instead". I haven't check this other proggie out yet, but I will the first chance that I get.


I'll keep the "Clan" informed on what I find out about this other Socksifying Proggie and see how it "stacks" up against Ye Ole "SocksCap". But as of right now, . .the SocksCap proggie wins hands down! Cheers

So in conclusion, I think that by making this "T.O.R. routing Network" a part of Your "Proxo" Anonymity Suite, it will go far in the battle for InterNet Security and Privacy. However, always remember Complete anonymity on the "Net" is a myth and even though Your data stream is encypted, and randomly being re-routed through several Machines, . . .the people that maintains the servers could take a peek, . .so alway excercise caution, . .a little common ole horse sense can go a long ways,

Best Wishes, and Happy Holidays from,
"Happy Jak & Family" [smoke]
Add Thank You Quote this message in a reply
Dec. 25, 2004, 07:05 PM
Post: #9
 
JakBeNymble Wrote:I've settled in on the SocksCap, however the creator only lets You have it for a little less than a year then the subscription????? runs out!


I haven't tried this myself, but have you tried Freecap?

http://www.freecap.ru/eng/?p=index

Anyway, I just want to say thanks to Kye-U, Jak & everybody else involved with Proxo for all the helpful info on this site. Cheers I'm still learning how to create filters, but browsing the net is so much more enjoyable now. Smile!
Add Thank You Quote this message in a reply
Dec. 25, 2004, 08:06 PM
Post: #10
 
Hi "GUyz",
I ran into a problem with using the SocksCap proggie, You can't control it. So I may have to go back to "Privoxy" until I find a better solution. I think what's happening is where that SocksCap is controling PRoxo instead of the other way around. I started noticing it when I was making the posts. Eventhough the filter is suppose to Stop the http/Socks interface, the Program is still routing the browser through the T.O.R. network. I looked at the "Socat" proggie and it's for linux. So I'm still going to try to get things up to speed with "Privoxy" or try to find something that will work alittle better.
Best Wishes,
"Jak" [smoke]

PS: Thankx "Clowny" for the link to FreeCap, it's almost the same program as the SocksCap. I really appreciate it. ~JaK~ Smile!
Add Thank You Quote this message in a reply
Dec. 25, 2004, 08:25 PM
Post: #11
 
"Ladies & Gentlemen"
For Your spoofin' Pleasure here are some filters if You wish to try out this kind of set-up, I went back to "Privoxy" for the time being. Smile! Ah, . .well back to the drawing-board.
Code:
List.Tor_Proxo = "..\Lists\Tor_Proxo.txt"
[HTTP headers]
In = FALSE
Out = TRUE
Key = "URL:Tor-Proxy Bypass (Out) {Kye-U & JaK}"
URL = "$LST(Tor_Proxo)"
Replace = "$LOG(!RWARNING! ALERT! CAUTION!)$LOG(!CTHE T.O.R.-Proxy Network "IS NOT BEING USED" for this connection!!!)$LOG(!G"BABY YOU IS ALL OWN YER OWN!"  =:-o)"

In = FALSE
Out = TRUE
Key = "URL:Tor-Proxy Access (Out)" {Kye-U & Jak}"
URL = "^$LST(Tor_Proxo)"
Match = "$LOG(!CTHE T.O.R.-PROXY Network "IS BEING USED" for this connection.)$LOG(!Y Says "JakBeNymble" =:-D)"
Replace = "$SETPROXY(127.0.0.1:8118)"

Best Wishes,
"Jak" [smoke]

PS: If You merge these filters , . .just take a look in PRoxo's Log Window. Big Teeth
Add Thank You Quote this message in a reply
Dec. 25, 2004, 09:16 PM
Post: #12
 
..::Jak::..

Have you had any success getting a P2P proggy to go through TOR? I tried a while ago to get eMule to go through an anonymous proxy, but it wouldn't connect to a server. I haven't had time to try this TOR thing because I've been busy being the holidays and all, but I hope to get it setup tonight.

�{=(~�::[Shea]::��~)=}�
How 'bout you sideburns, you want some of this milk?
This fading text is pretty cool, eh? I bet you wish you had some.
Add Thank You Quote this message in a reply
Dec. 25, 2004, 10:41 PM
Post: #13
 
Hi "Shea",
I tried "eMule" last night, but I couldn't get it to chain with any of the Programs, . .I will give it another try with another P2P client. I don't know why it didn't chain. I've got alittle more "ooumph" out of this "privoxy" by loading it into High memory. But the T.O.R program didn't like it at all! LOL!

I'll be back on later tonight. Let Me know how turns out. Smile!
Best WIshes,
"Jak" [smoke]
Add Thank You Quote this message in a reply
Dec. 26, 2004, 05:26 AM
Post: #14
 
hey, doesn't TOR change its routing path every few seconds, which means your "visible" ip changes with it, which means P2P and IM are off the list becoz they WANT the ip to be stable during your connection???

<span style='font-size:8pt;line-height:100%'><i><span style='color:#0000FF'>Projekt</span> </span><span style='color:#FF0000'>D</span><span style='color:#008200'>F</span><span style='color:#8449a5'>S</span></i> : <b><span style='color:#0000FF'>projekt</span><span style='color:#FF0000'>d</span><span style='color:#008200'>f</span><span style='color:#8449a5'>s</span></b>[at]<span style='color:BLUE'>g</span><span style='color:RED'>m</span><span style='color:#ce9a31'>a</span><span style='color:BLUE'>i</span><span style='color:#008200'>l</span><span style='color:BLACK'>.</span><span style='color:#8449a5'>com </span><span style='color:BLACK'>: <u>What</u> is it?</span><br>It&#39;s ONLINE <span style='color:#FF0000'><span style='font-size:10pt;line-height:100%'>NOW</span></span>&#33;&#33;&#33;pm me for url. max 250 users. by invite only please.
Add Thank You Quote this message in a reply
Dec. 26, 2004, 07:34 AM
Post: #15
 
ABOUT PRIVOXY: privoxy garbles GIF images in FF (but IE is still sane)
http://www.wilderssecurity.com/showthread.php?t=59694
Why? Can I circumvent it?

<span style='font-size:8pt;line-height:100%'><i><span style='color:#0000FF'>Projekt</span> </span><span style='color:#FF0000'>D</span><span style='color:#008200'>F</span><span style='color:#8449a5'>S</span></i> : <b><span style='color:#0000FF'>projekt</span><span style='color:#FF0000'>d</span><span style='color:#008200'>f</span><span style='color:#8449a5'>s</span></b>[at]<span style='color:BLUE'>g</span><span style='color:RED'>m</span><span style='color:#ce9a31'>a</span><span style='color:BLUE'>i</span><span style='color:#008200'>l</span><span style='color:BLACK'>.</span><span style='color:#8449a5'>com </span><span style='color:BLACK'>: <u>What</u> is it?</span><br>It&#39;s ONLINE <span style='color:#FF0000'><span style='font-size:10pt;line-height:100%'>NOW</span></span>&#33;&#33;&#33;pm me for url. max 250 users. by invite only please.
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: