oh, I don't understand this what you mean is, for example, when browsing webpages browser application sock Tor Ethernet interface send packet ----------> forward -------------> encrypt and -----------------> send to the entry node make tor cells receive packet<--------- forward<-------------- decrypt tor cells <--------------- receive from the entry node tcpdump -i eth0(this is my capturing) but you mean I can capture between the browser application and the sock? so I used tcpdump on the ethernet interface the packets are encrypted you mean I can capture the packets before 2012/10/31 Damian Johnson <atagar@torproject.org>
OK, thank you very much! besides, is it possible to get the cypher key for decoding the tcpdump captured packets on the TOR client??
I don't follow, do you mean the traffic between tor and the first hop? Why not just intercept the communication with the socks port? _______________________________________________ tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev