logs archiveIRC Archive / Oftc / #tor / 2015 / October / 24 / 1
rampart
whitanne_: you could test that pretty easily on linux by running the app as a sandboxed user that's totally firewalled off from everything except the tor SOCKS port (using the owner iptables module)
that being said, I can't think of any way for it to connect OTHER than connect() on *NIXes atm
whitanne_
rampart: what about if the application spawned another application/process for internet communication? would that application/proccess be torified?
qwerty1
yes child processes are also torified
rampart
whitanne_: I'm not familiar with the inner workings of torsocks specifically, but these types of programs usually use LD_PRELOAD and other path trickery to override the real calls with their own wrappers
so as long as the environment stays the same, it should be
qwerty1
there are many ways to bypass torsocks though
if the application actively wants to bypass tor
rampart
that's actually an interesting question though -- CAN a program bypass torsocks by unsetting LD_PRELOAD et all?
whitanne_
qwerty1: how can it bypass torsocks?
rampart
(and then exec()ing or whatever)
qwerty1
many ways which i won't go into but it's not that difficult
         

rampart
whitanne_: at the end of the day, IF you want to be absolutely sure that nothing leaks over clearnet, then you have to make a sandboxed user
for instance, skype has native support for socks proxies but it still tries connecting over clearnet and the relevant bug has been open on their tracker for literally YEARS
whitanne_
rampart: what do you mean by sandboxed user?
rampart
I wouldn't even trust just torsocks with something like that because the circumstances make it look quite deliberate
qwerty1
it could happen accidentally too
although not very likely
rampart
whitanne_: a sandboxed user is usually a task-specific user account that you run just one program under for isolation purposes
whitanne_
rampart: how do you set one up?
rampart
historically it's been for filesystem and privilege isolation, but linux' iptables has an owner module that allows user-specific firewalling too
whitanne_: something like 'iptables -A OUTPUT -m owner --uid-owner sandboxuser -p tcp -d 127.0.0.1 --dport 9050 -j ACCEPT' and 'iptables -A OUTPUT -m owner --uid-owner sandboxuser -j REJECT'
you can use similar rules in the nat table (-t nat) to transparently redirect all tcp traffic through tor and all dns requests to tor's DNSPort, but that's problematic sometimes
anyway, with those two rules, anything you run as 'sandboxuser' would either connect to the socks proxy port and succeed, or fail with something akin to 'connection refused'
Mattfly
.
sine0
So I take it that john the ripper is not built with CUDA support as default in kali2 ?
kvm234
join #notnottor
proscan
hello, so I have this software that allows me to set up DNS and proxy separately, and I have reason to believe that the DNS lookup isn't happening through the tor system, to what server can I set up the DSN portion so it will go through tor?
evilolive
put DNSPort 53 in your torrc and change your dns server in /etc/resolve.conf to 127.0.0.1
restart
make sure there are no other nameservers in /etc/resolv.conf
proscan
im using windowze :D
the software has a DNS configuration area where I can set the DNS server but there isn't a port I can set up there.
evilolive
no idea sorry don't use windows with tor
rampart
proscan: yes, just set DNSPort 53 (the dns default port), put 127.0.0.1 in the first nameserver spot, and leave the secondary one blank if it'll let you
it's also worth mentioning that this arrangement will leave you unable to resolve anything at all if tor isn't running, so you'll have to switch from manual back to automatically picking up the dns servers to use stuff over the clearnet again
prosit
use openresolv
Chocolate_Chip
https://github.com/stribika?tab=repositories
Is this person the main Tor Dev? I'm confused because who this is has tor listed as an unforker repo, and the Tor Project github has no actual "tor" program, except the browser
kvm234
OS4M4
Chocolate_Chip: thatø
thats really just a guy called tor
Chocolate_Chip
huh?
         

OS4M4
It's a nordic name, used throughout Scandinavia
Chocolate_Chip
stribika means tor?
OS4M4
nvm I'm drunk, apparently can't read >.<
arma
Chocolate_Chip: unless this stribika has another name, i do not recognize him/her. so no, not a tor dev.
Chocolate_Chip: you might enjoy https://gitweb.torproject.org/
a few tor people have set up some of them tor things at github, but in general most tor things aren't there.
(insert rant about non-free proprietary for-profit platforms, if you're into those rants.)
prosit
[A[A[A[A
slackie
(Action) hi there \o
rajrajraj
do we have fun or active channel on this network?
bigfondue
#nottor is pretty active
proscan
test
rajrajraj
Tested
« prev next »