| View previous topic :: View next topic |
| Author |
Message |
audiodef
Watchman
Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere
|
 Posted: Wed Feb 09, 2011 1:41 am Post subject: Configuring TOR |
 |
|
Does anyone use TOR? I have a couple of questions.
1. Any way to speed it up? I have a FIOS connection and TOR appears to slow things down a great deal.
2. How do I make my blacklist work? I want my router IP address and localhost to not go through TOR, because with TOR (running through FoxyProxy), I get "this is a bin file. Download/Cancel" boxes, and I have to completely disable TOR to see my router and localhost. I put *123.456.7.8* (not the real IP, of course) into the TOR blacklist in FoxyProxy, but this appears to do nothing.
_________________
decibel Linux: https://decibellinux.org
Github: https://github.com/Gentoo-Music-and-Audio-Technology
Facebook: https://www.facebook.com/decibellinux
Discord: https://discord.gg/73XV24dNPN
Last edited by audiodef on Wed Feb 09, 2011 3:15 am; edited 1 time in total |
|
| Back to top |
|
 |
audiodef
Watchman
Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere
|
|
| Back to top |
|
|
audiodef
Watchman
Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere
|
|
| Back to top |
|
|
Bircoph
Developer
Joined: 27 Jun 2008
Posts: 261
Location: Moscow
|
| Posted: Wed Feb 09, 2011 8:35 am Post subject: |
|
|
I usually use privoxy -> polipo -> tor chain. Of course, torify and firefox tor button are used as well.
Privoxy helps to improve your privacy a bit and to remove almost all nasty ads, the latter is important for the slow tor connections.
Privoxy can be easily configured to forward different addresses to different proxies or to not forward them at all. Use forward directive for that.
_________________
Per aspera ad astra! |
|
| Back to top |
|
|
audiodef
Watchman
Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere
|
|
| Back to top |
|
|
audiodef
Watchman
Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere
|
|
| Back to top |
|
|
Bircoph
Developer
Joined: 27 Jun 2008
Posts: 261
Location: Moscow
|
| Posted: Thu Feb 10, 2011 8:28 am Post subject: |
|
|
| audiodef wrote: | | I thought Privoxy and Polipo were the same, just that Polipo does caching and Privoxy does not. |
Who on the earth told you that?
Polipo just caches and speeds up via some thechniques, there are no page mangling and filtering is limited only to the list of forbidden URLs.
Privoxy does not cache by design, but can heavily modify pages: both outgoing to remove some identification data and incoming to filter nasty ads via complicated regexps with different rules for different sources.
| Quote: |
I configured Thunderbird to use my proxy, but had to add the mail server addresses to the exclude list in order to send and receive email. So what would be the point? Can I send and receive email with Thunderbird routed through TOR?
|
Have you configured it for the socks proxy (tor is socks proxy itself) or for polipo? Try the socks proxy if thunderbird supports it. But be aware, many tor exit nodes blocks 25 port to stop spam, you should consider using SSL or TLS.
_________________
Per aspera ad astra! |
|
| Back to top |
|
|
audiodef
Watchman
Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere
|
|
| Back to top |
|
|
audiodef
Watchman
Joined: 06 Jul 2005
Posts: 6639
Location: The soundosphere
|
| Posted: Thu Feb 10, 2011 3:18 pm Post subject: |
|
|
Hm, this chain with my configs is unacceptably slow - most sites I need to get to just time out.
What would I be missing? Should I perhaps put Polipo first?
I just noticed that my router IP was NOT hidden by Privoxy, but it was hidden by Polipo.
All this, by the way, is without any Firefox plugins. I'm just putting in 127.0.0.1 (port) directly into the connection settings. |
|
| Back to top |
|
|
Bircoph
Developer
Joined: 27 Jun 2008
Posts: 261
Location: Moscow
|
| Posted: Sun Feb 13, 2011 9:30 pm Post subject: |
|
|
| audiodef wrote: | I think I got it now. Thanks for helping me out.
I have Privoxy running on port 1234 (for example), Polipo on port 5678, and TOR on 9012. Privoxy has forward / 127.0.0.1:5678, and Polipo has
| Code: |
socksParentProxy = "localhost:9012"
socksProxyType = socks5
|
As for Thunderbird, I simply changed the proxy port to the one TOR uses (9012 in my example).
Does that all look right? How can I really test all this? |
This chain looks normal for me.
If you want to test how your browser uses tor, use this checker: https://check.torproject.org/
For e-mail you may send mail via tor to another account and check for the e-mail header, it will contain ip of a sender.
Also you must take in mind the following vital security issue. Even if you use tor, you are continuing to use the normal dns requests unless special actions are taken. This issue is critical because your provider will know the exact timing when you accessed some resource and some deduction attacks may be successfully performed on your tor traffic.
There are several chooses here.
1) You may tell programs which are aware of tor to use tor, firefox tor plugin is a good example.
2) For those programs, which know nothing about tor, you may use torify program which actually preloads the library to intercept the system resolve calls and redirect them via tor.
3) The third way is to setup your own dns server and to redirect it via tor, perhaps, using torify. This will also save your traffic and lower response times.
| Quote: |
Hm, this chain with my configs is unacceptably slow - most sites I need to get to just time out.
What would I be missing?
|
Severe slowdown is normal for tor, because of the lack of exit points; not so many people (or government agencies?) are risking to run tor exit nodes. Maybe you were not using tor properly before.
| Quote: |
Should I perhaps put Polipo first?
|
No, polipo should be used after privoxy, otherwise it will be almost useless. Frankly, privoxy can't take advantage of all benefits of polipo due to some architectural reasons, so if you'll just use polipo+tor chain without privoxy, it should be faster; but this will lower your privacy a bit, so this is up to you to choose.
| Quote: |
I just noticed that my router IP was NOT hidden by Privoxy, but it was hidden by Polipo.
|
Hmm, I haven't noticed this before because I never used privoxy alone: only as a pair for squid or polipo. Perhaps, this isn't privoxy work at all: it's job is to tamper with html headers and fields.
| Quote: |
All this, by the way, is without any Firefox plugins. I'm just putting in 127.0.0.1 (port) directly into the connection settings.
|
The real benefit of the tor button plugin is not the proxy settings, but secured dns requests (by redirecting them via tor) and special treatment for cookies and other web stuff. Do not forget that even with tor being used, sites may identify you via stray cookies.
_________________
Per aspera ad astra! |
|
| Back to top |
|
|
|
Networking & Security
