logs archiveIRC Archive / Oftc / #tor / 2010 / March / 13 / 1
nsa
or: kloesing committed revision 21933 (/website/trunk/en): Update link to EFF's GSoC ideas list.
jiso
I can not open onion urls
i'm using tor
I do ssh with dnamic forwarding to a machine that runs tor
what should i do to fix it
does this have anything to do with dns ?
bja
What exactly are you doing?
jiso
jiso: I do ssh with dnamic forwarding to a machine that runs tor
what should I choose for dns name lookup at proxy end : no , auto, or yes?
formalist
dynamic forwaring proably isn't necessary.
istead of using option -D in ssh, use -L or -R.
um...
jiso
do you know what is the difference between -L or -R ?
formalist
L for local.. R for remote.
ssh -L 127.0.0.1:9050:127.0.0.1:9050 <host>
jiso
hehe
formalist
i'm thinking this^ is what you want to do.
         

pipe
both are fine, -D is just easier do use
it doesn't sound like the problem
jiso
yes but -R is totally wrong
pipe
yeah
formalist
jiso. right.
pipe
both = -D/-L :)
formalist
jiso. the problem with -D is that it is going to try to resolve your .onion addresses.
jiso
the problem is not with the D
pipe
jiso: Does it work with 'normal' usage of tor, when you don't use .onion?
jiso
yes it works
Snafu
I have a question if someone wouldn't mind working with me
Manny
Snafu: ask the question
Snafu
Its regarding Backtrack 4, and usage of the Tor network
so heres the situation
formalist
jiso. then what's wrong?
jiso
what should I choose for dns name lookup at proxy end : no , auto, or yes?
Snafu
I installed TOR via apt-get install tor privoxy
Manny
jiso: you want dns lookups proxied
Snafu
i modified the privoxy config file to reflect forward-socks4a / 127.0.0.1:9050 .
i restarted privoxy and tor
i installed the torbutton in firefox
Manny
since i dont know which answer does that, I'd rec disabling your dns server setting, then seeing which setting above works
either no or yes
Snafu
my web browsing capability though very slow, worked with the torbutton
so i then decided to proxychain a telnet connection
it worked
i also did a proxychains lynx -dump checkip.dyndns.org
it returned a bogus IP
formalist
jiso. i guess we can move to #nottor with your concerns unless there's something we're missing.
         

Snafu
everything was PERFECT
so
Using backtrack4, whenever i find something i like
I build it into the distro itself
Manny
Snafu: just use one paragraph
Snafu
sry
Manny
dont hit enter every phrase
Snafu
So, I did all of the above, rebuilt the ISO....reinstalled it. Now nothing works
formalist
jiso. you don't want to ask ssh's dynamic socks forwarder to handle .onion addresses unless sshd is torified.
Snafu
Im wondering if someone can help me trace wtf im doing wrong, or tell me if there is a way to find out if the tor exit node im using has gone "down:
jiso
so setting do dns lookup at proxy end will not fix the problem
formalist
jiso. i'm not even sure if i understand your setup.
jiso
so setting do dns lookup at proxy end will not fix the problem with D forwarding
Snafu
So what I have done is, completly redo my BT4 installation prior to any apt-get installing....Now I have a fresh box......and would like some guidance on installing tor and configuring proxychains properly
formalist
if you are using ssh -D <port> <sshd_host> , then the sshd process must be torified.
jiso
i'm not sure on which port tor is running.
formalist
most likely 9050.
that's the default.
jiso
so this is a problem with -L
Snafu
yep
formalist
i seriously suggest using... ssh -L 127.0.0.1:9050:127.0.0.1:9050 <sshd_host>
then you don't have to worry about torifying the sshd process.
jiso
ok
Manny
formalist: can you hold a brief ssh tunnelling Q&A on #nottor
formalist
Manny. i was contemplating that but jiso has some alternatives.
jiso
no ok.thank you for answering me
formalist
okay. you're welcome.
Snafu
no idea on my question?
formalist
slow down.
Snafu
Boy, this sure is a talkative channel
formalist
Snafu. do you use vidalia?
Snafu
no...no gui interface
i cant build GUIs into the distro that I know of
formalist
well, tor itself will always try to get you to the content sought.
Snafu
and I didnt use Vidalia when i had it working
formalist, u a linux user?
formalist
so it won't matter if "an" exit nodes is down as long as they're not all down.
Snafu. so to speak.
Snafu
how many exit nodes does my installation of tor look for?
just certain ones?
or does it dynamically pick one
formalist
dynamically picks one.
Snafu
gotcha
okay
So lets pretend that you are using debian, you familiar with that?
formalist
it'd be best if you could textually make a picture of your circuit.
are you tunneling to a telnet server running tor?
i don't understand what you're doing with proxychains.
Snafu
ah
Okay
Well, I want to be able to telnet using a false IP
I did it last night using the command...: proxychains telnet mud.lysator.liu.se 2000
connected to a game i used to play, i had the admin trace my ip, he did, and it was not my ip, so it worked
formalist
so where does tor come into the picture?
Snafu
well, proxychains is using tor to proxy my programs
formalist
ah!
okay.
Snafu
is there a more direct way to use tor to torify a program? if it is torify..would torify telnet mud.lysator.liu.se 2000 work?
formalist
yes.
Snafu
okay
so with that in mind.........how do i properly install tor
formalist
but if liu.se bans tor exit nodes then you'll want some way to get around that.
Snafu
I've seen two methods.......
formalist
Snafu. tor isn't working?
Snafu
okay so what is a site that DOES not ban exit nodes that i can use lynx on?
to check my proxy status via the command line
ie lynx -dump checkip.dyndns.org
formalist
<cli_browser> http://check.torproject.org
torify <cli_browser> http://check.torproject.org
rather.
Snafu
okay, should I do an apt-get install tor, or should i modify my sources list first prior to doing so?
actually let me rephrase the question
having tor on the default setup, via apt-get install tor.......will typing torify lynx -dump check.torproject.org
work?
formalist
read the wht check.torproject.org says.
if it says you're coming from an exit node then, torify was successful.
Snafu
well when i torify it, nothing happens
it just sits there
|S-chain|-<>-127.0.0.1:9050-<>-<>-4.2.2.2:53-<--timeout
the dnsresponse says that check.torproject.org is not exist
that is using proxychains though
formalist
uh...
maybe there's something wrong with 4.2.2.2:53
it has to be tcp/53, which i'd assume it is but...
Snafu
is DNS
so how do i check it?
formalist
whatever too you're using to must not timeout so quicly.
tool*
Snafu
hmm...its the timeout issue u think then?
so do i adjust the timeout via the torc file or via the file of the program using the tor application
formalist
whatever tool you're using to make dns queries. set it to timeout after 10 minutes.
Snafu
okay
formalist
instead of 10 seconds.
Snafu
would checking 209.237.247.84 work?
thats the ip of check.torproject.org
formalist
oh!!!!
well...
it's worth a try.
Snafu
hmm
formalist
this isn't the channel for help about proxychains btw either.
Snafu
yeah its for tor =)
TOR is the root cause right now=)
formalist
i can certianly say that proxychains doesn't work the same ways as tor does.
Snafu
i know proxychains tsocks work
formalist
tor is a daemon.
Snafu
right and it opens a socks proxy on 127.0.0.1:9050 by default
for connections to the tor network
correct?
formalist
yeah.
Snafu
so anything connecting to 127.0.0.1:9050 will be in effect using the tor network to gain access to the internet correct?
formalist
yes.
Snafu
nods
which means my use of proxychains or tsocks or whatever is transparent
im just trying to make the tor network work
torify is a wrapper for tsocks
so i have to have tsocks set up proper for torify to work
this is straight from the man page of torify
formalist
yeah.
similar software is tork.
(desinged for kde)
Snafu
ah
Manny
torify leaks dns though doesnt it?
fossiiil
just redirect all DNS requests to DNSPort. I use iptables
Snafu
still timing out even though i used the IP address rather than the DNS
formalist
Manny. that's why some people use tork.
tork has a way of making sure dns is resolve through tor.
jiso
i'm out.Later
Manny
i like fossiiil idea
fossiiil
Manny: it's not my idea, it's "Tor transparent proxy" setup described in some official/unofficial online documentation
Manny
relative to this discussion it is
fossiiil
I don't even know where was this DNSPort option added to Tor
anrxc
having localhost as the main DNS server would work the same, no?
maybe better said, the only not just main
especially in a LAN, with one Tor gateway... could be set as the DNS server
formalist
anrxc. it's semi-appropriate.
Manny
only if the dns server you run on localhost uses tor exclusively
formalist
tor's dns listner only understands queries for A records or PTR records.
anrxc
formalist: ah, thank you!
formalist
it doesn't understand SOA, MX, etc.
Snafu
does anyone know an ip/port for a proxyserver off the top of their head?
formalist
most of which isn't necessary.
Manny
Snafu: localhost:9050
Snafu
no tor is broken on my machine
im trying to find a proxyt other than a tor one?
formalist
there's little point in having it support AAAA, MX, or SOA records, each for a unique reason.
Manny
that sounds nottor to me
formalist
tor exit nodes are blocked from sending to most mail servers because of how the service has been aboused for the last two decades.
(goes back prior to tor's advent)
Manny
formalist: only unauthenitcated
formalist
Manny. that makes a bit of sense. i don't see how mail originating from any proxy could be authenticated.
Manny
I mean, you can connect to any SMTP server generally if you AUTH
even if using tor
formalist
interesting.
Manny
you just cant run a general mail server like for example yahoo does and also exit port 25
« prev 1 2 3 4 5 6 next »