i do not believe you get STREAM events for rendevouz connects on the service side. but, could be wrong ...

Hi all
Im curious about using tor with irc. But its my understanding that many servers block tor?

fling: yup, most irc networks block tor users, and the few exceptions generally require specific conditions which catastrophically degrade anonymity anyway, often blocking it completely as well at random intervals. welcome to the crippled functionality of tor.

fling: there are hidden service irc networks not available without tor
fling: but they generally don't advertise themselves

yeah you have to find them on reddit

i want to run a relay. here's the lines i changed in the conf. http://pastebin.com/73RikgCe ok?

Oct 14 03:30:04.000 [warn] Got headers "CONNECT www.google.com:443 HTTP/1.1\r\nHost: www.google.com:443\r\nProxy-Connection: Keep-Alive\r\n\r\n" with unknown command. Closing.
wtf?
mid-relay run in background - no info log - dunno what's happen

Hmm, so, appears there is a bug in sandbox.c where it is including bits/signum.h (BAD) which is causing the build to fail on musl.
worthy of a bug report?
https://gitweb.torproject.org/tor.git/tree/src/common/sandbox.c#n51 :|

for windows users: disable all NetBios ports in firewall - I caught suspect NetBios traffic from 192.168.100.255 thru port 137 (unknown sender wanted to grab the machine hostname and other data)

tor arm display in terminal goes wonky after a day or so... any idea why?

can someone tell me how to run tor with a specific exit node IP address ? I've tried with a few but no luck. For some reason specifying country, let's say {de} works, but not specifying an IP.

Onepamopa: Check out ExitNodes option https://www.torproject.org/docs/tor-manual.html.en#ExitNodes

SnowyNight, yes, already figured it out, turns out I had to put fingerprint id's, not actual IPs @ the config
btw, can "ExitNodes fpid" be provided via the command line (not config)?

hello how get foxyproxy blacklist... why does not work I mean

j0int: you are in the wrong channeel. try #foxyproxy on irc.mozilla.org

ok

(Action) hi there \o

hi is there a tor option to onmy build a circuit when needed ?

https://tor.stackexchange.com/questions/8819/how-to-mitigate-layer-7-attacks-on-hidden-services ?

any sort of firewalling that restricts use of tor relays is a risk to anonymity, of either the server or of clients
if you want to protect against misbehaving clients, do it entirely at the server/application layer, as though tor were not being used

velope: how if you can't distinguish between them?

i bet you can
or imagine overall limits and restrictions that will be no more than minor inconvenience to well-behaved connections

scrams?

chie: It's hard to answer in the abstract. Also, I'm getting the impression you are concerned about DoS, but that's not entirely clear; is it the case?

velope: even with client authentication, there is still attack surface
nicoo: yes that's the case

Again

things

chie: Ok. That's kinda iffy, then, because there isn't too much you can do pre-authentication. Post-auth, you can impose restrictions as velope suggested, but that won't help a whole lot if the authentication part is ressource-intensive.
(Though if it is, there is probably a problem somewhere ...)

this looks like some kind of design flaw ;-)

I want to download something I can get clicking on a torified webpage over tor. What is the command name?
I can use wget but it is not torified on Tails.

dwaye: try the 'torify' command?

or tor?

It is very slow. Is it an good idea?

if you contribute bandwidth back yes

I'm not sure, does torify somehow send DNS requests over tor? or do you have to worry about things leaking?

yeah you do
you have to use tor properly

zandi: torify in recent versions is a wrapper on torsocks, which does gethostbyname(3) over Tor (domain is resolved at the exit)
it tries to block other DNS requests but may not be successful depeneding on the program
*depending
torify/torsocks isn't magic, it just rewrites some C standard library functions to its own
which means it can miss things, especially if you have a statically linked program or one whose basic networking stuff isn't written in C

yeah, makes sense.

Who here think torify may leak?

dwaye: I just explained how and why it may.
on TAILS it won't because of the other layers of TAILS, specifically the iptables rules
which reject all outgoing non-Tor except from clearnet user

What you told is not totally true because it may really fail at blocking non-tor request and some commands are not toriefied yet.

dwaye: okay, I'm losing interest, because it appears that nothing other people tell you affects what you want to say. Good luck. :)