A small how-to - request for comments
Thomas Sjögren
thomas at northernsecurity.net
Thu Aug 26 14:12:04 UTC 2004
On Wed, Aug 25, 2004 at 11:28:30PM -0400, Nick Mathewson wrote:
> Thanks, Thomas! Cool HOWTO.
Thanks.
> Have you thought about adding it to the
> wiki? (http://wiki.noreply.org/wiki/TheOnionRouter)
Yes, I'll add it as soon as it has matured a bit.
> I worry about sections 2 through 4, though. One warning about using
> tsocks in this way, however.
I thought about that and figured that it's better that people use
Tor/tsocks than running around without any of them.
I also tried to make fetchmail use tor-resolve before polling but it seems its not
possible to do so.
Something like
poll %h with proto POP3
[...]
preconnect %h="tor-resolve mail.server.com";
would be kind of nice...
> tsocks correctly replaces 'connect' calls with calls to your SOCKS
> proxy (Tor). But tsocks doesn't do anything about requests to your
> DNS server. This means that if you refer to any machines by hostname
> when you're using tsocks, you'll be sending that hostname over the
> network, perhaps leaking the fact that you are about to connect to the
> corresponding server.
>
> Tor 0.0.8 has a workaround for this problem, until we can hack tsocks
> (or a work-alike) to support DNS. Instead of using a hostname
> directly, first use 'tor-resolve' to resolve the hostname into an IP
> (via Tor) and then use that IP address with your tsocks-ified
> application.
I've added this to the page (guessing that most people dont read the Tor
design doc).
/Thomas
--
== Encrypted e-mails preferred | GPG KeyID: 114AA85C
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: Digital signature
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20040826/42acd28a/attachment.pgp>
More information about the tor-talk
mailing list