logs archiveIRC Archive / Oftc / #tor / 2010 / January / 5 / 1
misc
SchwarzeLocke: on the other hand, a dynamic bridge will help because the goal is to avoid be blacklisted, being dynamic mean that even blacklited, you will be useful
murb
assuming a client has a working bridge it can look up the current ip address via the bridge authority.
for bridges that don't work due to being dynamic with new addreses.
was what was mentioned in the talk.
misc: well presuably attackers can use the same method to lookup the current IP address of bridges?
misc
murb: possible, but I think this can pollute their database
phobos
clients will track bridges by fingerprint
or just get new bridges when the user realizes tor doesn't work anymore
murb
phobos: yes, has this been implemented yet?
misc: i was wondering how long it takes them to block a new tor node, listed in the standard directories.
misc
depend on who do it :)
phobos
it depends is the best answer
murb
misc: i just note that i tend to get a new IP address ever time i restart a ppp session.
phobos
for example, china didn't block tor nodes until september 25, 2009
         

SchwarzeLocke
but, when to much user's a running a bridge on a dynamic ip, then there is a possibility that s.o. has a list of bridges, which all doesn't work the other day?
phobos
and then again on 24 december, 2009
murb
so i was wondering how big i could make their lists.
misc
well, fetching the autority list can be quite fast, imho
the number of nodes is around 2000, and on linux, applying 2000 firewalls takes 30 sec on a regular server
but I doubt they use netfilter, more likely some specialised hardware and router
nike
phobos: When you say just run it on port 80 what do you mean?
SchwarzeLocke
so by now, it makes more sense to use a bridge than a node (except exit node), no matter whether static or dynamic ip?
nike, a lot of firewalls block outgoing connections not on port 80 (http) or 443 (https)
hellyeah
hey
SchwarzeLocke
hi hellyeah
hellyeah
i install polipo and tor i configure polipo conf file and restart i install torbutton and i enable but that doesnt work what can i do
phobos
nike: just run the webserver on port 80
SchwarzeLocke
hellyeah: are you using windows or linux?
hellyeah
http://www.torproject.org/docs/tor-doc-unix.html.en#polipo
linux
i do all steps in that adrs
nike
phobos: Dos that decrease security?
hellyeah
i need help
SchwarzeLocke
hellyeah, ok, first: are you sure Tor is running? -> ps ax | grep tor
hellyeah
SchwarzeLocke, http://paste.org/pastebin/view/14079
SchwarzeLocke
okay, it is (first row)
hellyeah
first row ?
1580 ? S 0:04 /usr/sbin/tor
something wrong
SchwarzeLocke
no, that's good 'til now
hellyeah
okey
what is next
         

SchwarzeLocke
donno, mom
hellyeah
hmm
:D
thats bad
SchwarzeLocke
may you post that config file? /etc/tor/torrc
phobos
ok, so tor is running
is polipo running?
hellyeah
wait a sec
SchwarzeLocke, phobos http://paste.org/pastebin/view/14080
SchwarzeLocke
i guess it's beacause of copy&pase; in #4 it is "ocksPort 9050", there is a "S" missing at the beginning
hellyeah
ha
in polipo file,
SchwarzeLocke
i guess polipo is not running
cause it is not in the first two lines
hellyeah
SchwarzeLocke, SocksPort 9050
nike
phobos: I run the web server on port 80 and I get 504 connection refused now
hellyeah
SchwarzeLocke, my polipo file is wrong
it is socksport in file
i guess no one help me :/
SchwarzeLocke
btw this is mine: http://paste.org/pastebin/view/14081
but i guess polipo is not running
ps ax | grep polipo
there should be one line with: /usr/bin/polipo
hellyeah
4429 pts/2 S+ 0:00 grep polipo
polipo is not runnign i guess
but
SchwarzeLocke
ok, it's not running. try this to start: > sudo /etc/init.d/polipo start
but?
hellyeah
before writing command you said
i wrote
/etc/init.d/polipo restart
Restarting polipo: polipo.
no process
SchwarzeLocke
tail /var/log/polipo/polipo.log
hellyeah
SchwarzeLocke, http://paste.org/pastebin/view/14083
SchwarzeLocke
uhm ok
there is some other program using that port
hellyeah
we see the problem
hmm
how can i look that
SchwarzeLocke
aeh
mom
hellyeah
which program use that
:D
SchwarzeLocke
sudo lsof -ni | grep 8118
it should return one row
hellyeah
yes
privoxy
SchwarzeLocke
okay, now we stop it: sudo /etc/init.d/privoxy stop
and then start polipo
hellyeah
restart or start
SchwarzeLocke
just start
restart = stop & start
and when it's not running it can not be stopped ;P
hellyeah
okey
i started
not
ops
SchwarzeLocke
and stopped privoxy first?
hellyeah
4912 ? Ss 0:00 /usr/bin/polipo -c /etc/polipo/config pidFile=/var/run/polipo/polipo.pid daemonise=true logFile=/var/log/polipo/polipo.log forbiddenFile=/etc/polipo/forbidden proxyOffline=false
it is okey
:D
SchwarzeLocke
and does tor work now?
https://check.torproject.org/
hellyeah
i sm checking
HAHAHA
YEHAHAH
SchwarzeLocke
=:>
hellyeah
must i do something more for safety
but it is little slow :D
SchwarzeLocke
so, now you have to care about privoxy, you may uninstall or deactivate it; but there i can't help you, it's your decision whether you need it or not
that's tor...
Tor needs more nodes to be faster
hellyeah
tor is slow ?
more nodes ?
bandwith yo mean
phobos
tor needs more exit nodes, more nodes overall
and more protocol fixes
SchwarzeLocke
Tor is a network, the more (exit-)nodes it has the faster it is. But because of some legal things (law is in every country diffrent, 'cause of that this abstract way) there are not so many people running a exit-node as it need to be to get a good bandwith
phobos, i've another question about torrc config for a node. Somewhere i read about using "RelayBandwidthRate" and somewhere else i read just "BandwidthRate" - what is correct?
is that rate the amount of up- and downstream, or is that for one single direction?
phobos
it's one the rate for each direction
relaybandwidthrate will only throttle bandwidth as relayed
vs. all traffic going through tor
such as if you are using the tor relay as your client
jr__
is tor rate limited by exit nodes?
one could safely make most users internal relays
the exit nodes bear all the risk
phobos
if i understand that, then yes
exit nodes bear the risk and of 1500 relays, there are only 400 or so exit relays
which is where a bottleneck exists
jr__
right
so adding more internal relays does really help throughput
s/does/doesn't/
phobos
it does if you want to get to hidden services, and such
jr__
such as?
phobos
no one has written an app other than hidden services
Goldstein
so what constitutes a brwser analysis?
is there an example of FF tested against the adversary model?
phobos
there is "the adversary model"
jr__
Goldstein: look at some of the Defcon works
phobos
err
there is no "the adversary model"
Goldstein
which could then be followed re: other browsers
phobos
decloak.net is a fine series of tests
Goldstein
phobos: there is on the tor website
phobos
torbutton is well documented as to what it protects against
SchwarzeLocke
so, when i've 160kb/s upstream, use a relayrate of 100kb/s and a rate of 130kb/s i habe 30kb/s for tor and 30kb/s free upload?
phobos
tor's options are bytes, not bits
Goldstein
i noticed that decloak.net asks one to sve a word document. does saving compromise you or is that some kind of activex test?
jr__
it compromises you
phobos
word is a web browser
Goldstein
i c
jr__
but decloak.net doesn't report you to the feds, you can try out all options :D
Goldstein
all versions?
sez u jr_
phobos
if someone send you a word doc with a hot linked image in it, word will dutifully get the image
and may not pay attention to socks settings
jr__
need transproxy!
phobos
or torvm
Goldstein
phobos: interesting, which versions?
phobos
i think all
Goldstein
one thing that might help with that is something like zonealarms firewall which blocks by application
there is no reason to allow word inet access
SchwarzeLocke
phobos: but i can say "RelayBandwidthRate 100 KBytes", can't i?
phobos
yes
jr__
Goldstein: really, applications should be denied network access unless explicitly granted
in practice MAC is a mess
Goldstein
lemme ask this: if any reproducable system configuration can withstand decloak.net, does it mean it's equivalent to torbutton?
MAC?
jr_ agreed
jr__
Goldstein: MAC == mandatory access control
Goldstein
k
jr__
http://en.wikipedia.org/wiki/Mandatory_access_control
as opposed to unix, which is essentially root == everything, user == limited subset
Goldstein
well how would you do the equivalent in unix?
jr__
linux and freebsd have MAC support
but it isn't enabled by default because it is a headache to configure
OS X makes limited use of it
a handful of apps are sandboxed
SchwarzeLocke
gn8
uhm, one thing
i guess it is usual that my node needs only about 20-30 kb/s?
s/needs/uses/
Goldstein
not if you conf'ed it that way
SchwarzeLocke
it's not an exit node, but i gave tor more bandwith
Goldstein
lemme ask this: if any reproducable system configuration can withstand decloak.net, does it mean it's equivalent to torbutton?
phobos
no, becaues torbutton digs deep into firefox to stop things decloak doesn't test (yet)
Goldstein
k
example of failure? js stuff like windowsize?
phobos
https://www.torproject.org/torbutton/design/#adversary
Goldstein
http://pseudo-flaw.net/log/
plopix
after 1 day after configuring a bridge I do not get any traffic. is the DNS hijacking of my ISP the problem?
Triskelios
plopix: local DNS shouldn't matter
plopix
hmm
Sebastian
plopix: There could be many issues
Meliboeus
plobix: bridges don
plobix: bridges don't attract much traffic in the beginning
« prev 1 2 3 next »