Re: First Vidalia Prototype including User Authorization on Hidden Services
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 This looks really cool, thanks for all of your hard work! Comrade Ringo Kamens Domenik Bork wrote: > Hey list, > > a few of you may know me from IRC, ohers may not. I'm one of this years > Google Summer of Code students. My project is about implementing Vidalia > support for Hidden Services with User Authorization, according to the > Tor proposal 121-hs-authorization of Karsten Loesing. > A Hidden Service is a service that is reachable by a .onion adress, but > the IP-Adress of the service provider is hidden. My goal is now to let > Vidalia configure those Hidden Services, give a Service provider the > possibility to create User Authorization data(.onion adress and a > descriptor cookie) for each user he wants to access the service. > Additionally there should be the option to store authorization data > needed to access other hidden services in Vidalia. So a Service Provider > has then the opportunity to create individual authorization data for > single users and it would be no problem to exclude users from a service > if he wants to let them no longer access the service. > > As a few of you may have noticed I uploaded the first prototype of my > Google Summer of Code Project. This prototype includes the complete > functionality explained above with all the communication to/from Tor as > well as persistent storage of the configuration. > > Within this Mail I give you a little How2 for the installation of my > Vidalia branch and the correct Tor branch you need to run it with User > Authorization. > > Here starts the little installation help: > > Tor related: > 1)Download the newest version of Karstens Tor branch (svn co > https://tor-svn.freehaven.net/svn/tor/branches/121-hs-authorization/) > 2)start a terminal and switch into the directory of 121-hs-authorization > 3)type in the following command lines > 1. ./autogen.sh [Enter] > 2. ./configure [Enter] > 3. make > 4) if everything worked fine there shoul be the Tor binary in > /121-hs-authorization/src/or/ > > Vidalia related: > 1)Download the newest branch of my Vidalia branch (svn co > https://svn.vidalia-project.net/svn/vidalia/branches/hidden-services) > 2)start a terminal and switch into the directory of hidden-services branch > 3)type in the following command lines > 1. cmake . && make [Enter] > 4)if everything worked fine there should be a Vidalia binary in > hidden-services/src/vidalia/ > 5)click on the binary to start Vidalia > 6)click on settings and then on „General“ to configure the path to the > Tor executable in that way that it points to the 121-hs-authorization > version > 7)click on „Save“ > 8)click on „Stop Tor“ > 9)click on „Start Tor“ > 10)now the new Tor version should be started and you can start > configuring Hidden Services with/without User Authorization etc by > clicking on „Settings“ and then „Services“. > > Possible configurations of Hidden Services: > •normal Hidden Service with one single adress for all users > •Hidden Service with User Authorization to easily include/exclude > single users while the service is still reachable with the „old“ adress > by other users who are configured. > •Store the Authorization Data you need to access Hidden Services. > > I would really appreciate it if I can find a few people who are > interested in testing it and giving me some feedback or/and bug reports. > Remember, this is just the first prototype and there are bugs and things > i'm going to change in the next weeks. So this test phase is thought to > give some feedback about the look and feel, whether the communication > to/from Tor works as it should etc.. GUI stuff. > > Best regards, > > - --Domenik > > -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIcpikmBTzXUpNYqQRAln2AKCSV53gheuM6er7HM1QFOaw+nOx1gCeMwNq 9U0pUtWopElyVKUFrAnmYR8= =JEOa -END PGP SIGNATURE-
First Vidalia Prototype including User Authorization on Hidden Services
Hey list, a few of you may know me from IRC, ohers may not. I'm one of this years Google Summer of Code students. My project is about implementing Vidalia support for Hidden Services with User Authorization, according to the Tor proposal 121-hs-authorization of Karsten Loesing. A Hidden Service is a service that is reachable by a .onion adress, but the IP-Adress of the service provider is hidden. My goal is now to let Vidalia configure those Hidden Services, give a Service provider the possibility to create User Authorization data(.onion adress and a descriptor cookie) for each user he wants to access the service. Additionally there should be the option to store authorization data needed to access other hidden services in Vidalia. So a Service Provider has then the opportunity to create individual authorization data for single users and it would be no problem to exclude users from a service if he wants to let them no longer access the service. As a few of you may have noticed I uploaded the first prototype of my Google Summer of Code Project. This prototype includes the complete functionality explained above with all the communication to/from Tor as well as persistent storage of the configuration. Within this Mail I give you a little How2 for the installation of my Vidalia branch and the correct Tor branch you need to run it with User Authorization. Here starts the little installation help: Tor related: 1)Download the newest version of Karstens Tor branch (svn co https://tor-svn.freehaven.net/svn/tor/branches/121-hs-authorization/) 2)start a terminal and switch into the directory of 121-hs-authorization 3)type in the following command lines 1. ./autogen.sh [Enter] 2. ./configure [Enter] 3. make 4) if everything worked fine there shoul be the Tor binary in /121- hs-authorization/src/or/ Vidalia related: 1)Download the newest branch of my Vidalia branch (svn co https://svn.vidalia-project.net/svn/vidalia/branches/hidden-services) 2)start a terminal and switch into the directory of hidden-services branch 3)type in the following command lines 1. cmake . && make [Enter] 4)if everything worked fine there should be a Vidalia binary in hidden- services/src/vidalia/ 5)click on the binary to start Vidalia 6)click on settings and then on „General“ to configure the path to the Tor executable in that way that it points to the 121-hs-authorization version 7)click on „Save“ 8)click on „Stop Tor“ 9)click on „Start Tor“ 10)now the new Tor version should be started and you can start configuring Hidden Services with/without User Authorization etc by clicking on „Settings“ and then „Services“. Possible configurations of Hidden Services: • normal Hidden Service with one single adress for all users • Hidden Service with User Authorization to easily include/exclude single users while the service is still reachable with the „old“ adress by other users who are configured. • Store the Authorization Data you need to access Hidden Services. I would really appreciate it if I can find a few people who are interested in testing it and giving me some feedback or/and bug reports. Remember, this is just the first prototype and there are bugs and things i'm going to change in the next weeks. So this test phase is thought to give some feedback about the look and feel, whether the communication to/from Tor works as it should etc.. GUI stuff. Best regards, - --Domenik PGP.sig Description: This is a digitally signed message part
Re: Traffic routed through Sweden
> **: FWIW and IMHO, I believe that much of the privacy and security of > clients not only has to be, but *should be* left to them. Stopping > Darwin and bottle-feeding those with inferior skills and/or capacity > only drags down the human race. Those who can, will learn; those who > cannot, will suffer the consequences. I cannot but strongly disagree with that notion. I expect my automobile vendor and my car mechanic to guarantee my safety while I know little more about cars than how to check the tyres' pressure. I expect the people who built the bridges in my area to guarantee that they won't fall down without me needing to know much about statics. And I expect to be able to go from Calais to Dover by ferry without knowing anything about ship buidling. This is not to say that we should guarantee anything at the exit-node level, but please don't take the elitist attitude that your car mechanic, your civil engineer and your ship-builder should know whether AES-128 is more or less secure than Blowfish. Juliusz
Re: locating hidden services
Thanks Comrade, that's good to know - I appreciate the quick response. - nD On Mon, 07 Jul 2008 16:00:19 + Ringo Kamens <[EMAIL PROTECTED]> wrote: >As long as you don't submit your hidden service to any wikis and >it's >not linked to from anywhere, nobody will be able to find out about >it. >Comrade Ringo Kamens >[EMAIL PROTECTED] wrote: >> Hi again, >> >> Learning about hidden services - what are the methods (if any) >for >> Tor users to locate a hidden service? Is there a way to search >for >> them, get the info from the directory servers, etc? >> >> Say for example that I have a web server running as a hidden >> service and I only want people from a certain group to be able >to >> locate/access that server. Authentication has already been >> addressed on the server but I don't want users who are not part >of >> that group to "bang" on my hidden service with a bunch of bogus >> login requests. >> >> In the past, I've used port knocking/SPA to address this issue >but >> I'm not exactly sure how that would work out in a Tor/Hidden >> Service environment - anyone have any experience along those >lines? >> Any other information or advice? >> >> Thanks as always - nD >> >> -- >> Live the good life! Click now for great retirement planning >assistance! >> >http://tagline.hushmail.com/fc/Ioyw6h4dQXa9Q3uwL9LU4xK72RWz8nFg7Ukz >DwSFU923hWGZKosOrH/ >> >> -- Click to get a free auto insurance quotes from top companies. http://tagline.hushmail.com/fc/Ioyw6h4d8EIMn1NBzRQK6vXIt0XRn2B8j2VZVuKm7IHKd7ZcWUNnnj/
Re: locating hidden services
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 As long as you don't submit your hidden service to any wikis and it's not linked to from anywhere, nobody will be able to find out about it. Comrade Ringo Kamens [EMAIL PROTECTED] wrote: > Hi again, > > Learning about hidden services - what are the methods (if any) for > Tor users to locate a hidden service? Is there a way to search for > them, get the info from the directory servers, etc? > > Say for example that I have a web server running as a hidden > service and I only want people from a certain group to be able to > locate/access that server. Authentication has already been > addressed on the server but I don't want users who are not part of > that group to "bang" on my hidden service with a bunch of bogus > login requests. > > In the past, I've used port knocking/SPA to address this issue but > I'm not exactly sure how that would work out in a Tor/Hidden > Service environment - anyone have any experience along those lines? > Any other information or advice? > > Thanks as always - nD > > -- > Live the good life! Click now for great retirement planning assistance! > http://tagline.hushmail.com/fc/Ioyw6h4dQXa9Q3uwL9LU4xK72RWz8nFg7UkzDwSFU923hWGZKosOrH/ > > -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFIcj2SmBTzXUpNYqQRAnFRAJwOruQ8a4YHGhw0WYe3jXUUFfFP2QCgtXCO LWmRygpUTa7jJm/UHCT51B8= =jEVH -END PGP SIGNATURE-
locating hidden services
Hi again, Learning about hidden services - what are the methods (if any) for Tor users to locate a hidden service? Is there a way to search for them, get the info from the directory servers, etc? Say for example that I have a web server running as a hidden service and I only want people from a certain group to be able to locate/access that server. Authentication has already been addressed on the server but I don't want users who are not part of that group to "bang" on my hidden service with a bunch of bogus login requests. In the past, I've used port knocking/SPA to address this issue but I'm not exactly sure how that would work out in a Tor/Hidden Service environment - anyone have any experience along those lines? Any other information or advice? Thanks as always - nD -- Live the good life! Click now for great retirement planning assistance! http://tagline.hushmail.com/fc/Ioyw6h4dQXa9Q3uwL9LU4xK72RWz8nFg7UkzDwSFU923hWGZKosOrH/
Re: No Tor server exists that allows exit to 127.0.0.1:80. Rejecting.
On Mon, Jul 07, 2008 at 12:12:54AM -0400, [EMAIL PROTECTED] wrote: > I noticed this in my tor client log [Tor v0.2.0.28-rc (r15188) with > SafeLogging 0 in torrc]: > > [notice] No Tor server exists that allows exit to 127.0.0.1:80. Rejecting. [snip] > like this." - http://archives.seul.org/or/talk/Mar-2007/msg00404.html That could be caused by someone mapping certain domains to 127.0.0.1 in their local DNS service, which when returned would cause your browser or http-proxy to request a document from localhost. I used to map doubleclick.net to 127.0.0.1 in my router, for example. Some malware and anti-malware software makes that kind of mapping in the Windows hosts file. Thus i don't think a Tor node is doing it, though from a client point of view one might consider a Tor exit node and its DNS as a single service. Perhaps it could be logged at the exit node itself as a possible misconfiguration warning. You can see your current exit node using Vidalia. I don't know how to find out past exit nodes, or if it is a bad idea to keep that kind of info around.
