Arrakis wrote: > Greetings and welcome to 2006! > > <3, > Steve > > Excerpt from "How To Create Torpark" > > Step 31. set as follows: > noscript.notify.hideDelay = 30 > noscript.statusIcon = false > network.dns.disableIPv6 = true ; ipv6 addresses fail through tor. > network.proxy.socks_remote_dns = true > browser.sessionstore.enabled = false > browser.sessionhistory.max_entries = 1 > network.cookie.lifetime.days = 0 > dom.storage.enabled = false > dom.max_script_run_time = 60 ;script running time > dom.max_chrome_script_run_time = 60; > network.proxy.failover_timeout = 0 ;always retry the proxy, never > revert. > plugin.scan.plid.all = false ;Do not allow plugin scanning. > security.xpconnect.plugin.unrestricted = false; do not allow > unlimited access to XPConnect > layout.css.report_errors = false ;get rid of java console errors > network.http.keep-alive.timeout:1000 > network.http.max-persistent-connections-per-proxy:16 > network.http.pipelining:true > network.http.pipelining.maxrequests:8 > network.http.proxy.pipelining:true
I'm sure you've learned a great deal in the process of building Torpark. Have you ever documented why you've made these choices and explained them to the or-talk lost or Tor Developers privately? I think your contributions would be very valued if you only shared them in a constructive manner. Your message comes across as smug and counter productive. What are you trying to accomplish? With that said, I think your setup is still vulnerable to ipv6 leaks. I think that an attacker would merely have to list an ipv6 address rather than a name. Something along the lines of: <img src="http://fe80::123:5667:fe6d:ab10/cookie.img";> If you think this to be incorrect, perhaps you could share why? Does Firefox properly proxy ipv6 requests through Tor? Have you tested this? How did you test it? - Jaco
