oh, I don't understand this<br><br><br>what you mean is, for example, when browsing webpages<br><br>browser application sock Tor Ethernet interface<br> <br>
send packet ----------> forward -------------> encrypt and -----------------> send to the entry node<br> make tor cells<br><br>
<br> receive packet<--------- forward<-------------- decrypt tor cells <--------------- receive from the entry node<br><br> tcpdump -i eth0(this is my capturing)<br>
<br> but you mean I can capture between the browser application and the sock£¿<br><br><br><br>so I used tcpdump on the ethernet interface<br>the packets are encrypted<br>you mean I can capture the packets before <br><br><div class="gmail_quote">
2012/10/31 Damian Johnson <span dir="ltr"><<a href="mailto:atagar@torproject.org" target="_blank">atagar@torproject.org</a>></span><br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="im">> OK, thank you very much!<br>
> besides, is it possible to get the cypher key for decoding the tcpdump<br>
> captured packets on the TOR client??<br>
<br>
</div>I don't follow, do you mean the traffic between tor and the first hop?<br>
Why not just intercept the communication with the socks port?<br>
<div class="HOEnZb"><div class="h5">_______________________________________________<br>
tor-dev mailing list<br>
<a href="mailto:tor-dev@lists.torproject.org">tor-dev@lists.torproject.org</a><br>
<a href="https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev" target="_blank">https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev</a><br>
</div></div></blockquote></div><br>