Re: Set up a webproxy to TOR - tor-proxy.net
On Sun, Sep 23, 2007 at 10:20:39PM -0400, [EMAIL PROTECTED] wrote 2.1K bytes in 44 lines about: Just a follow up to my own email now that you've obviously been working on the site. : I have a few concerns about your proxy setup and service. First off, : you should disclaim that this site and service isn't an official : project of Tor. People may confuse your url with the real Tor and : think they are getting the same anonymity properties. Thank you for adding the disclaimer sentence and FAQ page QA. : Second is a concern over the last bullet point at the bottom : of http://tor-proxy.net/impressum.html. It appears to say that you are : recording IP address and browser in a log file. Additionally, the log : file is purged when 48 hours old. Why log at all? Simply disable all : logging in relation to the proxy service on the server. The default : Tor log settings should be sufficient. I notice you completely removed this section of the faq. have you also stopped logging? : Third, can you publish the source code that runs the proxy site? It : appears you are using php and CGI:Proxy code to interface with Tor. : Feel free to choose a FSF-approved license, such as the GPL or : 3-clause BSD, and publish the source for the site, along with any dependent : software and licenses as required by their license terms. Any progress or thoughts on releasing the source? : Fourth, in order to be more transparent, you should publish the : configuration of the proxy. A clear description, whether text or : graphical, will help increase the trustworthiness of the service. Any progress or thoughts on detailing the configuration on the site? : Fifth, you probably want to publish the fingerprint of your : self-signed ssl cert, or look into getting a cert signed by a browser : accepted CA. This is weak, but possibly better than nothing. I see the FAQ explains why users may be prompted, great. Also, I like the new look. -- Andrew
Free SSL-Certificates from StartCom Ltd. (Was: Re: Set up a webproxy to TOR - tor-proxy.net)
TOR-Admin (gpfTOR1) schrieb: or you may try the free SSL-service at http://cert.startcom.org/ It is accepted by Mozilla browsers by default. Not anymore, since you have to integrate a so called intermediate certificates in the servers and clients to fix an CA update issue: ...On the 24th of December we updated our Intermediate CA certificates and added a few needed extension to the original certificate. The public key however did not change and all subscriber certificates are perfectly valid. Please follow the instructions below to update your Intermediate CA certificate... [1] They ease of use is not given anymore, not for the server admins (a less point), nor for the users/visitors (a very bad point). Greets [1] http://cert.startcom.org/?app=131 -- BlueStar88 PGPID: 0x36150C86 PGPFP: E9AE 667C 4A2E 3F46 9B69 9BB2 FC63 8933 3615 0C86 signature.asc Description: OpenPGP digital signature
Re: Set up a webproxy to TOR - tor-proxy.net
Am Dienstag, den 25.09.2007, 10:08 +0200 schrieb Marco Bonetti: On Tue, September 25, 2007 09:54, Ricky Fitz wrote: To prevent any DNS-Leaks, I redirect all outgoing traffic to port 53 to the dns-proxy of Fabian Keil uhmmm another point of trust, why do you do so? you can run a torified dns resolver on your local box, see: http://p56soo2ibjkx23xo.onion/ Probably a misunderstanding. dns-proxy is a perl-script, which of course runs only localy. And it is the one, which you can download on the site you have written above ;-) Regards, Ricky. -- Falls Freiheit überhaupt etwas bedeutet, dann bedeutet sie das Recht darauf, den Leuten das zu sagen, was sie nicht hören wollen. - George Orwell, aus dem Nachwort zu Animal Farm, 1945 - GPG-Fingerprint: 10D6 7B8F 1F7C 7CB1 2C4E 930E AFD2 FDF3 A10B D302 GPG-Key-ID: AFD2FDF3A10BD302 http://www.lawlita.com/pgp-schluessel/ signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Set up a webproxy to TOR - tor-proxy.net
On Tue, September 25, 2007 10:50, Ricky Fitz wrote: Probably a misunderstanding. dns-proxy is a perl-script, which of course runs only localy. To sort things out, when you wrote I redirect all outgoing traffic to port 53 to the dns-proxy of Fabian Keil, what do you mean: a) traffic on port 53 is redirected to port 53 on F. Keil machine b) traffic on port 53 is redirected to your local dns proxy, the same referred by F. Keil blog post. if (a), you're adding another ring to the trust chain and it's bad, if (b) it should be ok. And it is the one, which you can download on the site you have written above ;-) sorry, I haven't check the link as it was written in a language I don't understand :-P (well, I've should at least click on it as some words here and there are in english) -- Marco Bonetti Slackintosh Linux Project Developer: http://www.slackintosh.org Linux-live for powerpc: http://www.slackintosh.org/pub/rsync/mb/linux-live My webstuff: http://sidbox.homelinux.org My GnuPG key id: 0x86A91047
Re: Set up a webproxy to TOR - tor-proxy.net
BlueStar88 schrieb: or you may try the free SSL-service at http://cert.startcom.org/ It is accepted by Mozilla browsers by default. Wow, was my first thought, a free certificate already integrated into current browsers, but where is the crux? What's about the StartCom-side private key generation issue? http://www.heise.de/english/newsticker/news/56808 Tried yesterday, they're still doing it this way. Not the best approach, I think. You may generate your own server request certificate on a Linux/Unix system with OpenSSL. They will sign your request (ssl.csr), your privat key (ssl.key) does not leave your computer. # openssl genrsa -des3 -out ssl.key 1024 # openssl req -new -key ssl.key -out ssl.csr Use the wizzard without CSR generation: https://cert.startcom.org/?app=101 Is this way ok for you?
Re: Set up a webproxy to TOR - tor-proxy.net
Am Dienstag, den 25.09.2007, 11:21 +0200 schrieb Marco Bonetti: On Tue, September 25, 2007 10:50, Ricky Fitz wrote: Probably a misunderstanding. dns-proxy is a perl-script, which of course runs only localy. To sort things out, when you wrote I redirect all outgoing traffic to port 53 to the dns-proxy of Fabian Keil, what do you mean: a) traffic on port 53 is redirected to port 53 on F. Keil machine b) traffic on port 53 is redirected to your local dns proxy, the same referred by F. Keil blog post. if (a), you're adding another ring to the trust chain and it's bad, if (b) it should be ok. it is b. With dns-proxy of Fabien Keil i meant: dns-proxy (the program, running local) which is written by Fabian Keil. Sorry for the confusion. And it is the one, which you can download on the site you have written above ;-) sorry, I haven't check the link as it was written in a language I don't understand :-P (well, I've should at least click on it as some words here and there are in english) Sorry, I did not thought about that. ;-) Ricky. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Set up a webproxy to TOR - tor-proxy.net
Ricky Fitz [EMAIL PROTECTED] wrote: To prevent any DNS-Leaks, I redirect all outgoing traffic to port 53 to the dns-proxy of Fabian Keil ( http://www.fabiankeil.de/blog-surrogat/2006/06/08/von-kopf-bis-fuss-auf-tor-eingestellt.html ) I didn't write dns-proxy-tor, I merely created the FreeBSD port. dns-proxy-tor was written by Tup. And while I don't know who's behind this pseudonym, I'm quite confident that it isn't me. Fabian signature.asc Description: PGP signature
Re: Set up a webproxy to TOR - tor-proxy.net
Hi, BlueStar88 wrote: What's about the StartCom-side private key generation issue? http://www.heise.de/english/newsticker/news/56808 Tried yesterday, they're still doing it this way. Not the best approach, I think. Err... just create your own secret key and a certificate request (for example using OpenSSL's CA.sh -newreq), choose SSL Server Certificate (Without CSR generation) on StartCom's web site, copy/paste your CSR, whee, you get a signed cert without ever revealing your secret key to StartCom. Am I missing something? Marco
Re: Set up a webproxy to TOR - tor-proxy.net
[EMAIL PROTECTED] schrieb: On Mon, Sep 24, 2007 at 12:42:31AM +0200, [EMAIL PROTECTED] wrote 0.9K bytes in 40 lines about: : I just wanted to let you know, that I have set up a Webproxy to the : TOR-Network, for letting people get the advantages of TOR who are not : able to install TOR for themselves. [...] Fifth, you probably want to publish the fingerprint of your self-signed ssl cert, or look into getting a cert signed by a browser accepted CA. This is weak, but possibly better than nothing. Ricky, you should try http://www.cacert.org/ They provide *free* certificates by email verification and an optional trust concept. A root-certificate to include into the clients webbrowser is available too, which can be offered to the users for download and installation. On some linux distros this root certificate is already included, or available as package at least. As they're working on getting into the Mozilla Firefox by default, it seems basically to be a good idea to try them... Greets -- BlueStar88 PGPID: 0x36150C86 PGPFP: E9AE 667C 4A2E 3F46 9B69 9BB2 FC63 8933 3615 0C86 signature.asc Description: OpenPGP digital signature
Re: Set up a webproxy to TOR - tor-proxy.net
Hi Andrew, thanks first four your long answer! I have a few concerns about your proxy setup and service. First off, you should disclaim that this site and service isn't an official project of Tor. People may confuse your url with the real Tor and think they are getting the same anonymity properties. Although the Layout is much different, you are right, there could be some confusion. I will add a hint, that it is no official project of TOR. Second is a concern over the last bullet point at the bottom of http://tor-proxy.net/impressum.html. It appears to say that you are recording IP address and browser in a log file. Additionally, the log file is purged when 48 hours old. Why log at all? Simply disable all logging in relation to the proxy service on the server. The default Tor log settings should be sufficient. I suppose there is a misunderstanding. I am not logging anything about the proxy-service (like output of tor, privoxy, etc.). Only logging is made by a simple counter, included in the frontpage (index.php) for me to get some informations about how much people are using the service. There is no possibilty to use the data to find out, which sites users were accessing through the proxy, and if they were using the proxy at all. But I suppose it would be possible to change the counter that way, that it does not collect IP-Adresses at all, or delete it immediatly after counting the user. Third, can you publish the source code that runs the proxy site? It appears you are using php and CGI:Proxy code to interface with Tor. Feel free to choose a FSF-approved license, such as the GPL or 3-clause BSD, and publish the source for the site, along with any dependent software and licenses as required by their license terms. The project works with CGIProxy of James Marshall ( http://jmarshall.com/tools/cgiproxy/ ). Did you mean that with the source code, that runs the proxy? Of course I could mention some more technical details like configuration-files etc. Fourth, in order to be more transparent, you should publish the configuration of the proxy. A clear description, whether text or graphical, will help increase the trustworthiness of the service. Yes, good idea. I will do so. Fifth, you probably want to publish the fingerprint of your self-signed ssl cert, or look into getting a cert signed by a browser accepted CA. This is weak, but possibly better than nothing. Thinking about using cacert.org as mentioned by Bluestar. Sixth and final, if you decide to put ads on the site or become a commercial entity, please contact The Tor Project before doing so. We cannot allow a commercial entity to confuse users about Tor. As an open source project, the disclaimer in the first paragraph may be enough to not confuse users. Well, first I will never take money for using that service. I also wrote that in the FAQ. I think it isn't fair to all the other ones who are running nodes, and which the service relies on. Second, at the moment there is no need for me to put ads on the site, because server-costs are okay for me. If service would get very popular, and server-costs are getting higher, than probably it will be neccessary to do so, but thats totaly unclear. I would say, we can think about that, when the moment comes. Hopefully I answered some questions, Regards, Ricky. -- Falls Freiheit überhaupt etwas bedeutet, dann bedeutet sie das Recht darauf, den Leuten das zu sagen, was sie nicht hören wollen. - George Orwell, aus dem Nachwort zu Animal Farm, 1945 - GPG-Fingerprint: 10D6 7B8F 1F7C 7CB1 2C4E 930E AFD2 FDF3 A10B D302 GPG-Key-ID: AFD2FDF3A10BD302 http://www.lawlita.com/pgp-schluessel/ signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Set up a webproxy to TOR - tor-proxy.net
On Monday 24 September 2007 02:22:34 Ricky Fitz wrote: Am Sonntag, den 23.09.2007, 20:50 -0400 schrieb [EMAIL PROTECTED]: On Mon, Sep 24, 2007 at 12:42:31AM +0200, Ricky Fitz wrote: It is running on the same server my TOR-Server is running (called GrossATuin). Does your proxy use a separate Tor client, do you exclude your node as as an entry? No, it does not use a seperate Tor-Client. Therefore it doesn't make sense to exklude my node. It uses the Tor-Session which runs as a tor-node. So if you spy on the traffic of the server, you will not be able to see, which traffic is from routing traffic for acting as a server, and which from acting as a client. I think that's safer than using a second client. So is your cgi-proxy routing everything to an instance of privoxy/polipo running on your machine or directly to the tor socks port? If it is routing everything to privoxy/polipo, what configuration are you using? I think it is this sort of detail that phobos has in mind. I was wondering recently about the security implications of such a setup. I was thinking of using a vpn to access my Tor server. From there, all vpn traffic would be proxied through another tor instance running in client mode with no bw limitations. Would that be more secure because a tor server is already running there or less secure because, if in some way, the traffic from the two instances could be differenciated and the vpn connections would make the whole system less secure because they would allow timing and statistical attacks relating vpn traffic to the second tor traffic? I really don't know, if it will be possible to identify the vpn-connection because of the data which is transferred. But it would be possible, to see that there is another service running than tor. Also, what Bluestar is doubled. If we build a VPN from my server to yours, not only me is theoretical able to spy on the traffic, but also you. (Not that I want to say I do not trust you, but it kills the advantages of onion-system. I think the answer is 'less secure'. That vpn link to bluestar88 is used only by you and it contains all your anonymous traffic on one little pipe over the internet. Unless the link is padded to camouflage inactivity that has to make things easier for an observer. -- Browse Anonymously Anywhere - http://anonymityanywhere.com TorK- KDE Anonymity Manager - http://tork.sf.net KlamAV - KDE Anti-Virus- http://www.klamav.net
Set up a webproxy to TOR - tor-proxy.net
Hi Folks, I just wanted to let you know, that I have set up a Webproxy to the TOR-Network, for letting people get the advantages of TOR who are not able to install TOR for themselves. For example, if they are using a computer, they do not have full access to, or something else. It is running on the same server my TOR-Server is running (called GrossATuin). You can reach it here: http://www.tor-proxy.net or https://www.tor-proxy.net Let me know what you think about! Greetings, Ricky. signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Set up a webproxy to TOR - tor-proxy.net
Ricky Fitz schrieb: Hi Folks, I just wanted to let you know, that I have set up a Webproxy to the TOR-Network, for letting people get the advantages of TOR who are not able to install TOR for themselves. [...] Let me know what you think about! Greetings, Ricky. First: Another single-point-of-trust service. Principally a bad idea, because *you* know all the sites the users are surfing to! Why should I (as user) trust you? Second: You are showing your proxy host name to the target web service. This... https://www.tor-proxy.net/cgi-bin/nph-proxy.cgi/00A/http/torcheck.xenobite.eu/ ...leads to following result: Your HTTP-VIA1.1 v31663.1blu.de:8080 (squid/2.6.STABLE1) Like this you are uncovering the the first onion hop (yourself). You should fix that, at least! Greets -- BlueStar88 PGPID: 0x36150C86 PGPFP: E9AE 667C 4A2E 3F46 9B69 9BB2 FC63 8933 3615 0C86 signature.asc Description: OpenPGP digital signature
Re: Set up a webproxy to TOR - tor-proxy.net
Hi Bluestar, First: Another single-point-of-trust service. Principally a bad idea, because *you* know all the sites the users are surfing to! Why should I (as user) trust you? Of course, that is true, and I mention it in the FAQ. But you can ask every anonymizer on the web the same question. Of course it is better to use TOR by yourself, but as I said, it is not made for people who can run their own TOR-Session. Your HTTP-VIA 1.1 v31663.1blu.de:8080 (squid/2.6.STABLE1) Like this you are uncovering the the first onion hop (yourself). You should fix that, at least! Thanks a lot for that hint, should be fixed now. Best regards, Ricky. -- Falls Freiheit überhaupt etwas bedeutet, dann bedeutet sie das Recht darauf, den Leuten das zu sagen, was sie nicht hören wollen. - George Orwell, aus dem Nachwort zu Animal Farm, 1945 - GPG-Fingerprint: 10D6 7B8F 1F7C 7CB1 2C4E 930E AFD2 FDF3 A10B D302 GPG-Key-ID: AFD2FDF3A10BD302 http://www.lawlita.com/pgp-schluessel/ signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Set up a webproxy to TOR - tor-proxy.net
On Mon, Sep 24, 2007 at 12:42:31AM +0200, Ricky Fitz wrote: It is running on the same server my TOR-Server is running (called GrossATuin). Does your proxy use a separate Tor client, do you exclude your node as as an entry? I was wondering recently about the security implications of such a setup. I was thinking of using a vpn to access my Tor server. From there, all vpn traffic would be proxied through another tor instance running in client mode with no bw limitations. Would that be more secure because a tor server is already running there or less secure because, if in some way, the traffic from the two instances could be differenciated and the vpn connections would make the whole system less secure because they would allow timing and statistical attacks relating vpn traffic to the second tor traffic? If this is insecure then you could expose your users by using a second instance. If it is secure then it is a necessary mesure, I think. Otherwise, you could be offering access to a lesser secure version of Tor for your users by circumventing the three nodes by-design circuits of Tor. pgpXJTOMh7WD2.pgp Description: PGP signature
Re: Set up a webproxy to TOR - tor-proxy.net
Am Sonntag, den 23.09.2007, 20:50 -0400 schrieb [EMAIL PROTECTED]: On Mon, Sep 24, 2007 at 12:42:31AM +0200, Ricky Fitz wrote: It is running on the same server my TOR-Server is running (called GrossATuin). Does your proxy use a separate Tor client, do you exclude your node as as an entry? No, it does not use a seperate Tor-Client. Therefore it doesn't make sense to exklude my node. It uses the Tor-Session which runs as a tor-node. So if you spy on the traffic of the server, you will not be able to see, which traffic is from routing traffic for acting as a server, and which from acting as a client. I think that's safer than using a second client. I was wondering recently about the security implications of such a setup. I was thinking of using a vpn to access my Tor server. From there, all vpn traffic would be proxied through another tor instance running in client mode with no bw limitations. Would that be more secure because a tor server is already running there or less secure because, if in some way, the traffic from the two instances could be differenciated and the vpn connections would make the whole system less secure because they would allow timing and statistical attacks relating vpn traffic to the second tor traffic? I really don't know, if it will be possible to identify the vpn-connection because of the data which is transferred. But it would be possible, to see that there is another service running than tor. Also, what Bluestar is doubled. If we build a VPN from my server to yours, not only me is theoretical able to spy on the traffic, but also you. (Not that I want to say I do not trust you, but it kills the advantages of onion-system. Regards. Ricky. -- Falls Freiheit überhaupt etwas bedeutet, dann bedeutet sie das Recht darauf, den Leuten das zu sagen, was sie nicht hören wollen. - George Orwell, aus dem Nachwort zu Animal Farm, 1945 - GPG-Fingerprint: 10D6 7B8F 1F7C 7CB1 2C4E 930E AFD2 FDF3 A10B D302 GPG-Key-ID: AFD2FDF3A10BD302 http://www.lawlita.com/pgp-schluessel/ signature.asc Description: Dies ist ein digital signierter Nachrichtenteil
Re: Set up a webproxy to TOR - tor-proxy.net
On Mon, Sep 24, 2007 at 12:42:31AM +0200, [EMAIL PROTECTED] wrote 0.9K bytes in 40 lines about: : I just wanted to let you know, that I have set up a Webproxy to the : TOR-Network, for letting people get the advantages of TOR who are not : able to install TOR for themselves. Hi, I have a few concerns about your proxy setup and service. First off, you should disclaim that this site and service isn't an official project of Tor. People may confuse your url with the real Tor and think they are getting the same anonymity properties. Second is a concern over the last bullet point at the bottom of http://tor-proxy.net/impressum.html. It appears to say that you are recording IP address and browser in a log file. Additionally, the log file is purged when 48 hours old. Why log at all? Simply disable all logging in relation to the proxy service on the server. The default Tor log settings should be sufficient. Third, can you publish the source code that runs the proxy site? It appears you are using php and CGI:Proxy code to interface with Tor. Feel free to choose a FSF-approved license, such as the GPL or 3-clause BSD, and publish the source for the site, along with any dependent software and licenses as required by their license terms. Fourth, in order to be more transparent, you should publish the configuration of the proxy. A clear description, whether text or graphical, will help increase the trustworthiness of the service. Fifth, you probably want to publish the fingerprint of your self-signed ssl cert, or look into getting a cert signed by a browser accepted CA. This is weak, but possibly better than nothing. Sixth and final, if you decide to put ads on the site or become a commercial entity, please contact The Tor Project before doing so. We cannot allow a commercial entity to confuse users about Tor. As an open source project, the disclaimer in the first paragraph may be enough to not confuse users. Feel free to bring up any questions/concerns with my six requests. Thanks. -- Andrew
Re: Set up a webproxy to TOR - tor-proxy.net
On Mon, Sep 24, 2007 at 03:22:34AM +0200, Ricky Fitz wrote: Am Sonntag, den 23.09.2007, 20:50 -0400 schrieb [EMAIL PROTECTED]: On Mon, Sep 24, 2007 at 12:42:31AM +0200, Ricky Fitz wrote: It is running on the same server my TOR-Server is running (called GrossATuin). Does your proxy use a separate Tor client, do you exclude your node as as an entry? No, it does not use a seperate Tor-Client. Therefore it doesn't make sense to exklude my node. It uses the Tor-Session which runs as a tor-node. So if you spy on the traffic of the server, you will not be able to see, which traffic is from routing traffic for acting as a server, and which from acting as a client. I think that's safer than using a second client. I was also wondering how this affects your proxy users anonymity. Even if you don't disclose your proxy in the headers, there still is a superior risk due to the fact that an attacker knows that there is a more than average proportion of your users that are using you as first node. This proportion is derivable from your proxy trafic (as you mention there is some risk in having a second, different service that access tor). Adding a fourth node to your server circuits could plug this hole, even make it more secure for some users, I guess, but it would also make it slower, probably for every users (I'm not sure it would affect trafic for which you are not the entry node). I was wondering recently about the security implications of such a setup. I was thinking of using a vpn to access my Tor server. From there, all vpn traffic would be proxied through another tor instance running in client mode with no bw limitations. Would that be more secure because a tor server is already running there or less secure because, if in some way, the traffic from the two instances could be differenciated and the vpn connections would make the whole system less secure because they would allow timing and statistical attacks relating vpn traffic to the second tor traffic? I really don't know, if it will be possible to identify the vpn-connection because of the data which is transferred. But it would be possible, to see that there is another servicei running than tor. Also, what Bluestar is doubled. I already use the vpn for other things local to that network so it's not obvious that the trafic coming in is going out through tor or staying in. At the network level both tor connections look the same (random local port - tor server port). I was mostly asking if at Tor's level there would be some abnormal behavior (like connecting twice to the same node) that could tell an attacker that there is two tor instances generating those connections and, eventually allow him to tell their trafic apart. If we build a VPN from my server to yours, not only me is theoretical able to spy on the traffic, but also you. (Not that I want to say I do not trust you, but it kills the advantages of onion-system. I was talking of a proxied vpn access to tor for tcp protocols. It's a generalisation of your setup and so has the same implications security-wise. I'm not sure what a tunnel between servers could be used for (let alone a vpn ;) Since you bring it up, I'm not sure but I think it could be considered as an extension the family concept for tor servers... Nice work on tor-proxy, anyway. Regards pgp1vlcJdOWlq.pgp Description: PGP signature
