To link you to the connections, yes. To link connections, no.<br><br><div><span class="gmail_quote">On 5/2/06, <b class="gmail_sendername">Tor User</b> <<a href="mailto:toruser256@yahoo.com">toruser256@yahoo.com</a>> wrote:
</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div style="direction: ltr;">Yes, I understand that anyone monitoring the SOCKS server could see my (middleman only) Tor server's connections to other Tor Servers, but wouldn't tunneling through this SSH/SOCKS server mean that an attacker would have to be able to monitor the SOCKS server (to see where my server is connecting to) as well as monitoring my computer (to see where the connections to my server came from)?
</div><div style="direction: ltr;"><span class="e" id="q_10af5ad1710d3ea3_1"><br><br><b><i>Watson Ladd <<a href="mailto:watsonbladd@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">watsonbladd@gmail.com
</a>></i></b> wrote:<blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> Because anyone observing the SOCKS server will be able to see what you are doing just as well as if it was your computer.
<br><br><div><span class="gmail_quote">On 4/28/06, <b class="gmail_sendername">Tor User</b> <<a href="mailto:toruser256@yahoo.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> toruser256@yahoo.com
</a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div style="direction: ltr;">I'm not clear what you mean by " It loses security as one endpoint is being used", could you expound on it? In the setup I was describing, the Tor circuits still go through the same number of Tor routers, and since my Tor server is just a middleman, nobody is exiting at the SOCKS server that I used SSH to tunnel to... Basically, my server's connections to other Tor servers are tunneled through SSH to some SOCKS server instead of just going directly to the next Tor router in the circuit. Thanks.
</div><div style="direction: ltr;"><span><br><br><b><i>Watson Ladd <<a href="mailto:watsonbladd@gmail.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">watsonbladd@gmail.com </a>></i></b> wrote:
<blockquote style="border-left: 2px solid rgb(16, 16, 255); margin-left: 5px; padding-left: 5px;"> It loses security as one endpoint is being used. Tor uses multiple
endpoints for sucessive connections to avoid tracking a connection. <br><br><div><span class="gmail_quote">On 4/27/06, <b class="gmail_sendername">Tor User</b> <<a href="mailto:toruser256@yahoo.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
toruser256@yahoo.com </a>> wrote:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;"><div style="direction: ltr;"> <div>I've been running an Tor server (middleman only) for a while and I've been wondering about using FreeCap and an account on an SSH server that has a SOCKS proxy to tunnel my Tor server's connections over an SSH tunnel to the SOCKS proxy running on that SSH server.
<span> </span>Hopefully I explained that clearly, if not maybe this will help to visualize it:<br><br></div> <div>TOR Server – FreeCap – SSH Tunnel – SOCKS proxy – [Out to internet] <br><br></div> <div>I have tried
testing this and it works. <span> </span>Clients are able to connect to my TOR server, and in trying it myself there is no noticeable increase in latency (ping time to the SSH server is < 15ms, and the server has a fast CPU and faster network connection).
<span> </span>As far as I can tell, based on netstat and the like, when I client connects to my server, their circuit is built through the SSH tunnel and then to the SOCKS proxy server, and then out on the internet to the next Tor server in the circuit.
<span> </span>When data comes back to my Tor server, it first comes through the SOCKS proxy on to the SSH tunnel, and then to my Tor server, then to the client or other Tor server in the chain. <br><br></div> <div>I get the feeling that this should be more secure because:
<br><br> </div> <div>My ISP can't monitor my Tor server's outgoing connections.</div> <div>Even of the SSH/SOCKS server's connection was monitored, other peoples Tor circuits
should be mixed in with my Tor server's connections. </div> <div><br>Any thoughts on this?<span> <br><br> </span></div> <div>Also, just so there is no confusion, I am an authorized user of the SSH/SOCKS server, and I am not under any bandwidth or CPU usage constraints.
<span> </span>My access to the server is very fast and the tiny bit of latency seems trivial.<span> </span>I'm only interested in the security implications of this approach.<span> </span>Thanks!</div></div> <div style="direction: ltr;">
<span> <div> </div><hr size="1">Love cheap thrills? Enjoy PC-to-Phone <a href="http://us.rd.yahoo.com/mail_us/taglines/postman9/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com/" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
calls to 30+ countries</a> for just 2¢/min with Yahoo! Messenger with Voice. <div></div></span></div></blockquote></div><br><br clear="all"><br>-- <br>"Those who would give up
Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." <br>-- Benjamin Franklin </blockquote><br></span></div><div style="direction: ltr;"><span><div> </div><hr size="1">Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls.
<a href="http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> Great rates starting at 1¢/min.
</a><div></div></span></div></blockquote></div><br><br clear="all"><br>-- <br>"Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety."<br>-- Benjamin Franklin
</blockquote><br></span></div><div style="direction: ltr;"><span class="ad"><p>
</p><hr size="1">Yahoo! Mail goes everywhere you do. <a href="http://us.rd.yahoo.com/evt=31132/*http://mobile.yahoo.com/services?promote=mail" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> Get it on your phone
</a>.
<p></p></span></div></blockquote></div><br><br clear="all"><br>-- <br>"Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety."<br>-- Benjamin Franklin