Re: PHP coder needs Tor details
Few days ago I've successfully combined Tor and PHP and am utilizing them now. Regarding Tor nodes... where is that list stored on a computer. I am currently harvesting http://belegost.mit.edu/tor/ and using regular expression to put each node in a DB by its name, uptime, IP...etc. This makes me possible to query db for nodes I like, list them by uptime, listing by IP similarities etc... Now l think that same file that is located at http://belegost.mit.edu/tor/ must be somewhere where Tor is, because Tor needs to use it to too. That is because I would rather like to open file and harvest it then open http://belegost.mit.edu/tor/ and harvest it. - File is faster. Thanks in advanece. - Be a PS3 game guru. Get your game face on with the latest PS3 news and previews at Yahoo! Games.
Re: PHP coder needs Tor details
Thank you very much..., I didn't know that even if it is simple... :) David O Smith [EMAIL PROTECTED] wrote: At 3:21 pm on Thursday, February 15, 2007, [EMAIL PROTECTED] (Mr. Blue) said: Like: /usr/local/bin/tor If I just type tor than it doesn't work. That will be because your PATH environment variable for nobody doesn't include /usr/local/bin You can change this by doing something like: PATH=$PATH:/usr/local/bin: export PATH The actual command format will depend on what shell you're running. HTH Dave -- Dave Smith Wordsmith and yarnspinner, singer and storyteller - Be a PS3 game guru. Get your game face on with the latest PS3 news and previews at Yahoo! Games.
Re: PHP coder needs Tor details
At 3:21 pm on Thursday, February 15, 2007, [EMAIL PROTECTED] (Mr. Blue) said: Like: /usr/local/bin/tor If I just type tor than it doesn't work. That will be because your PATH environment variable for nobody doesn't include /usr/local/bin You can change this by doing something like: PATH=$PATH:/usr/local/bin: export PATH The actual command format will depend on what shell you're running. HTH Dave -- Dave Smith Wordsmith and yarnspinner, singer and storyteller
Re: PHP coder needs Tor details
I've found put that if I want to make nobody utilize Tor I must submit FULL path to Tor Like: /usr/local/bin/tor If I just type tor than it doesn't work. Now, when I try to execute Tor command like nobody I get this message: [notice] Tor v0.1.1.26. This is experimental software. Do not rely on it for strong anonymity. [notice] Configuration file /usr/local/etc/tor/torrc not present, using reasonable defaults. Initialized libevent version 1.2a using method kqueue. Good. Error creating directory //.tor: Permission denied Failed to parse/validate config: Couldn't access/create private data directory //.tor Last 2 rows are confusing me -what should I do? - No need to miss a message. Get email on-the-go with Yahoo! Mail for Mobile. Get started.
Re: PHP coder needs Tor details
Mr. Blue wrote: I've found put that if I want to make nobody utilize Tor I must submit FULL path to Tor Like: /usr/local/bin/tor If I just type tor than it doesn't work. Now, when I try to execute Tor command like nobody I get this message: [notice] Tor v0.1.1.26. This is experimental software. Do not rely on it for strong anonymity. [notice] Configuration file /usr/local/etc/tor/torrc not present, using reasonable defaults. Initialized libevent version 1.2a using method kqueue. Good. Error creating directory //.tor: Permission denied Failed to parse/validate config: Couldn't access/create private data directory //.tor Last 2 rows are confusing me -what should I do? Tor needs to create a directory where it can store network data. It tried to create one at //.tor, but it does not have the necessary permissions. You need to tell Tor someplace where it has permission to create a directory. Have you had a look at the sample torrc file that comes with the tor source? It is quite helpful. Here is an excerpt: ## The directory for keeping all the keys/etc. By default, we store ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows. #DataDirectory /usr/local/var/lib/tor So add a line like this to your torrc file: DataDirectory /path/to/where/nobody/can/write/tor (that's nobody as in the username nobody). You can also specify this as a command line parameter -- read the tor man page to see how to do that. -James
Re: PHP coder needs Tor details
Thank you VERY much! Main problem is that I've never been aware of DataDirectory And in my torrc file is commented out so I'll uncomment it and alter it if needed. James Muir [EMAIL PROTECTED] wrote: Mr. Blue wrote: I've found put that if I want to make nobody utilize Tor I must submit FULL path to Tor Like: /usr/local/bin/tor If I just type tor than it doesn't work. Now, when I try to execute Tor command like nobody I get this message: [notice] Tor v0.1.1.26. This is experimental software. Do not rely on it for strong anonymity. [notice] Configuration file /usr/local/etc/tor/torrc not present, using reasonable defaults. Initialized libevent version 1.2a using method kqueue. Good. Error creating directory //.tor: Permission denied Failed to parse/validate config: Couldn't access/create private data directory //.tor Last 2 rows are confusing me -what should I do? Tor needs to create a directory where it can store network data. It tried to create one at //.tor, but it does not have the necessary permissions. You need to tell Tor someplace where it has permission to create a directory. Have you had a look at the sample torrc file that comes with the tor source? It is quite helpful. Here is an excerpt: ## The directory for keeping all the keys/etc. By default, we store ## things in $HOME/.tor on Unix, and in Application Data\tor on Windows. #DataDirectory /usr/local/var/lib/tor So add a line like this to your torrc file: DataDirectory /path/to/where/nobody/can/write/tor (that's nobody as in the username nobody). You can also specify this as a command line parameter -- read the tor man page to see how to do that. -James - Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and get things done faster.
Re: PHP coder needs Tor details
Actually Windows does exactly the same thing... I'm sorry I have started this discussion, which is off-topic for this list. My point is merely that giving user ``nobody'' access to tor's data is a tragically bad idea. This has nothing to do with Windows. Juliusz
Re: PHP coder needs Tor details
Hm..., Why no one answers? Did I said something wrong? Mr. Blue [EMAIL PROTECTED] wrote: Hey Crew. Thanks to all for your help. First for all I would like to say that this file.php(which is manipulating Tor) will be located in admin area ONLY and will be intended for use ONLY by admin. Admin area is protected by Apache pass authentication (Digest) over SSL and after that is passed, admin must enter another login password to enter admin area. Only admin will use it - NOT publicly available to users! Next Firstly I need to issue to shell, from PHP, command that will start Tor. Regarding that command... It will have ALL directives that should normally be located in torrc, but there is no torrc, nor I have intention to use it. So command is: -- tor -gid $gid -pidfile $pidfile -RunAsDaemon $b -user $uid -ClientOnly 1 -EntryNodes $nickname, -ExitNodes $nickname -StrictExitNodes 1 -NewCircuitPeriod 3600 - -- Regarding nodes Entry and exit nodes will be same. Before I continue I would like to say that I have made a PHP script that is utilizing regular expresions and harvesting all exit nodes in a list of IP addresses from moria dirs. So I would like to pull from my database IP of a node(NOT nickname) and put it in a $nickname variable. Will this work? Can I select node by IP and NOT by nickname? Also when that will be achived I am going to use PHP cURL and connect with it to 127.0.0.1:9050 using SOCKS5 protocol - then do request to some page on the internet and finaly use POSIX - posix_kill($pidfile, SIGTERM); php function to shutdown Tor, alternatively use kill to which I pass $pidfile, all in shell. Now someone will say that I should connect to Tor using SOCKS4a and am I normall to use ONLY 1 node which will be entry and exit at the same time. Be sure that I am VERY aware of my actions - but I am not here because I don't wana be tracked and because I want to surf anonimously. Now here we come to the bigest obstacle for me.(oh men, soon as I finish this script I am going to read FreeBSD book that I just got and learn that UNIX at once!) Creating a valid shell command: -- tor -gid $gid -pidfile $pidfile -RunAsDaemon $b -user $uid -ClientOnly 1 -EntryNodes $nickname, -ExitNodes $nickname -StrictExitNodes 1 -NewCircuitPeriod 3600 - -- User nobody will run it. - Should I exlude -gid $gid part? - Should $b variable be 0 OR 1 (that is..., should I run it as deamon?) - Should I exlude -user $uid part? - What about $nickname? Can I pass it IP of a node? - What should I put in a $pidfile variable?!? - I never saw one (number or letters?) It will also be used for shuting down Tor at the end of a process... Also I just rememberd something... Whan tor was already runnig(started by root) I was able to utilize connection trough it by nobody, but when I attempted shutdown I got message that there was no process with pid belonging to it - or something similar - so that explains all. Thank in advance... - TV dinner still cooling? Check out Tonight's Picks on Yahoo! TV.
RE: Re: PHP coder needs Tor details
Actually Windows does exactly the same thing. e.g. the 'Network Service' and 'Local Service' accounts. See http://www.microsoft.com/technet/security/midsizebusiness/topics/networksecurity/securingaccounts.mspx People seem to forget that the original and worst worm outbreak ever - that efffectively shut down the internet for days was on UNIX... Windows might have its problems but they are not unique. From: [EMAIL PROTECTED] on behalf of Juliusz Chroboczek Sent: Tue 13/02/2007 06:53 To: or-talk@freehaven.net Subject: Re: PHP coder needs Tor details To shorten... How do I allow nobody to utilize Tor (It can already do that but I must start it like a root and stop it like a root) Please don't. The very reason Unix is more secure than Windows is that Unix actively uses the permission system to prevent insecure things like PHP from munging the networking daemons. By running PHP with higher privileges, you'll make your Unix system just as insecure as Windows. Juliusz winmail.dat
RE: Re: PHP coder needs Tor details
Windows hasn't rendered active content by default since XP SP2. It has never rendered it by default in Vista or Windows 2003. Windows also no longer runs as administrator by default (I guess you havnt used Vista yet). Its not just in theory. For instance IIS is now so improved that many sites fed up with the constant hacking, exploits, defacements and patching regime dependency compatibility issues that they experience on Linux are migrating over to Windows server 2003. This has been a consistent trend for some time now and Apache just dropped below 60% market share for the first time since 2002 as a direct result of cumulative migrations from Linux to Windows. As you say 'most installations are now secure by default'. Touché. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Eugen Leitl Sent: 13 February 2007 10:34 To: or-talk@freehaven.net Subject: Re: Re: PHP coder needs Tor details On Tue, Feb 13, 2007 at 10:25:54AM -, Tony wrote: This is offtopic, but... Actually Windows does exactly the same thing. e.g. the 'Network Service' and 'Local Service' accounts. See http://www.microsoft.com/technet/security/midsizebusiness/topics/netwo rksecurity/securingaccounts.mspx The point is that rendering active content is default, and running everything as administrator is default (in fact, most Windows userland software needs to be installed and run as administrator) -- the technology and the culture conspire to give us the 250 Mzombie Internet experience we love. People seem to forget that the original and worst worm outbreak ever - that efffectively shut down the internet for days was on UNIX... That was a long time ago. Unix is diverse, and most installations are now secure by default. The technology and the culture work together, and lower profile is one of the key points that diversity is good, monoculture is bad. Windows might have its problems but they are not unique. You're correct only in theory. -- Eugen* Leitl a href=http://leitl.org;leitl/a http://leitl.org __ ICBM: 48.07100, 11.36820http://www.ativel.com 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
Re: Re: PHP coder needs Tor details
On Tue, Feb 13, 2007 at 07:12:01PM -, Tony wrote: Microsoft Outlook is part of Microsoft Office - not part of Windows. Possibly you mean Outlook Express. [snip] This off-topic thread has gone on for too long. Please stop this thread now. -Paul -- Paul Syverson () ascii ribbon campaign Contact info at http://www.syverson.org/ /\ against html e-mail
Re: PHP coder needs Tor details
On Feb 13, 2007, at 9:37 AM, Michael Holstein wrote: Because TOR is running in the foreground in that terminal. If you want to background the process, put a '' after the command .. eg: '/path/to/tor ' Or you could put the following entry in the config file: RunAsDaemon 1
Re: PHP coder needs Tor details
Hey Crew. Thanks to all for your help. First for all I would like to say that this file.php(which is manipulating Tor) will be located in admin area ONLY and will be intended for use ONLY by admin. Admin area is protected by Apache pass authentication (Digest) over SSL and after that is passed, admin must enter another login password to enter admin area. Only admin will use it - NOT publicly available to users! Next Firstly I need to issue to shell, from PHP, command that will start Tor. Regarding that command... It will have ALL directives that should normally be located in torrc, but there is no torrc, nor I have intention to use it. So command is: -- tor -gid $gid -pidfile $pidfile -RunAsDaemon $b -user $uid -ClientOnly 1 -EntryNodes $nickname, -ExitNodes $nickname -StrictExitNodes 1 -NewCircuitPeriod 3600 - -- Regarding nodes Entry and exit nodes will be same. Before I continue I would like to say that I have made a PHP script that is utilizing regular expresions and harvesting all exit nodes in a list of IP addresses from moria dirs. So I would like to pull from my database IP of a node(NOT nickname) and put it in a $nickname variable. Will this work? Can I select node by IP and NOT by nickname? Also when that will be achived I am going to use PHP cURL and connect with it to 127.0.0.1:9050 using SOCKS5 protocol - then do request to some page on the internet and finaly use POSIX - posix_kill($pidfile, SIGTERM); php function to shutdown Tor, alternatively use kill to which I pass $pidfile, all in shell. Now someone will say that I should connect to Tor using SOCKS4a and am I normall to use ONLY 1 node which will be entry and exit at the same time. Be sure that I am VERY aware of my actions - but I am not here because I don't wana be tracked and because I want to surf anonimously. Now here we come to the bigest obstacle for me.(oh men, soon as I finish this script I am going to read FreeBSD book that I just got and learn that UNIX at once!) Creating a valid shell command: -- tor -gid $gid -pidfile $pidfile -RunAsDaemon $b -user $uid -ClientOnly 1 -EntryNodes $nickname, -ExitNodes $nickname -StrictExitNodes 1 -NewCircuitPeriod 3600 - -- User nobody will run it. - Should I exlude -gid $gid part? - Should $b variable be 0 OR 1 (that is..., should I run it as deamon?) - Should I exlude -user $uid part? - What about $nickname? Can I pass it IP of a node? - What should I put in a $pidfile variable?!? - I never saw one (number or letters?) It will also be used for shuting down Tor at the end of a process... Also I just rememberd something... Whan tor was already runnig(started by root) I was able to utilize connection trough it by nobody, but when I attempted shutdown I got message that there was no process with pid belonging to it - or something similar - so that explains all. Thank in advance... - Bored stiff? Loosen up... Download and play hundreds of games for free on Yahoo! Games.
Re: PHP coder needs Tor details
Um .. send the signal to the pid of tor? (or do it the lazy way and do 'killall -SIGNAL tor' from the command line) see the PidFile part of torrc. Something sensible like /var/run/tor.pid comes to mind ... Then just 'kill $signal $pid'. Note : to make this work, the command that executes the SIG_WHATEVER will have to be either the same UID as what started TOR, or root .. a security concern since I'm guessing you want to do some web $foo with it and PHP. Regards, Michael Holstein CISSP GCIA Cleveland State University Mr. Blue wrote: Hello, I am new here and am trying to utilize Tor by PHP from command line. I have read all manual and all faq but it helped me very little. With that information I've only achived to install tor and make PHP do request through Tor. Problem 1: I start Tor by simply typing tor in command line(FreeBSD 6.x). When I tried to stop it by SIGNALS form Tor man pages none of them worked. Obviously SIGNALS are not ment to be passed to Tor through command line(This MUST be in a man but it ISN'T!), while options with theirs values ARE ok if passed to Tor through command line. So let's firstly solve this - How to start and stop Tor through command line? After that I will pas question 2. Thanks in advance! Ipsens Any questions? Get answers on any topic at Yahoo! Answers http://answers.yahoo.com/;_ylc=X3oDMTFvbGNhMGE3BF9TAzM5NjU0NTEwOARfcwMzOTY1NDUxMDMEc2VjA21haWxfdGFnbGluZQRzbGsDbWFpbF90YWcx. Try it now.
Re: PHP coder needs Tor details
Mr. Blue writes: Problem 1: I start Tor by simply typing tor in command line(FreeBSD 6.x). When I tried to stop it by SIGNALS form Tor man pages none of them worked. Obviously SIGNALS are not ment to be passed to Tor through command line(This MUST be in a man but it ISN'T!), while options with theirs values ARE ok if passed to Tor through command line. So let's firstly solve this - How to start and stop Tor through command line? After that I will pas question 2. SIGNALS standardly refers to the Unix signals mechanism; see the man page for signal(2). The command-line program to send a signal to a process is called kill; see the man page for kill(1): NAME kill - send a signal to a process By using the kill program on the command line, you can generate the signals described in the SIGNALS section of the Tor man pages. It's probably also possible to generate signals from within a PHP script using an appropriate library function. It looks like the function to use would be posix_kill(). http://phpbuilder.com/manual/en/function.posix-kill.php The effects of posix_kill will be equivalent to the effects of using kill from the command line. -- Seth Schoen Staff Technologist[EMAIL PROTECTED] Electronic Frontier Foundationhttp://www.eff.org/ 454 Shotwell Street, San Francisco, CA 94110 1 415 436 9333 x107
Re: PHP coder needs Tor details
Thank you, Seth and Michael Obviously I haven't comprehend what SIGNAL really is. For me that was just another app specific command/function. Thanks for clarifing this... now I understand and am successfull in starting and stoping Tor. From my question it is obvious that I am totally UNIX newbie and am having very hard time using FreeBSD 6.1. I do my development on WinXP but for hosting am using FreeBSD because Win sucks in that point especially when it comes to security. Now all this works well when I perform it like a root, but when I want nobody(apache) to parse file.php that is calling Tor will not work. I know why - nobody doesn't have a permission for that. I installed Tor like a ROOT using portinstall -s security/tor command. Now..., I would like to chmod tor to allow nobody to run it with certain PID but I simply can't find Tor even if I use. (Yes I know - this is very funny!) If I can't find Tor dir on my server how am I suppose to chmod it? To shorten... How do I allow nobody to utilize Tor (It can already do that but I must start it like a root and stop it like a root) PS: Why after I start Tor like a root by typing tor in command line it start and then I simply can't issue ANY command to my server, whatever I type in command line and press enter it is like I am typing some text in a word(or nano for a unix)? Thank in advance - Need Mail bonding? Go to the Yahoo! Mail QA for great tips from Yahoo! Answers users.
Re: PHP coder needs Tor details
To shorten... How do I allow nobody to utilize Tor (It can already do that but I must start it like a root and stop it like a root) Please don't. The very reason Unix is more secure than Windows is that Unix actively uses the permission system to prevent insecure things like PHP from munging the networking daemons. By running PHP with higher privileges, you'll make your Unix system just as insecure as Windows. Juliusz
