Setting up TOR

jesus saves ilcjvm at hotmail.com
Mon Mar 14 20:31:55 UTC 2005 

Hi,


Thanks for responding to my question.  I think that you are correct and that 
I need "socksify" nmap somehow. I went to the web-site you referred to and 
read about using privoxy in conjunction with tor. I did that and went to a 
web-site that was supposed to track my ip and another ip showed up that was 
not my actual ip, so that worked.

I don't think privoxy will help me with the test that I am performing with 
nmap. I was looking at the nmap man page, and I was thinking that maybe I 
could "socksify" it by telling it to use port 9050 (TOR Socks port) as the 
source port. I'm going to try this and see what happens. Are you familiar 
with nmap? If so, do you think this will work with the test that I am 
performing?

Thanks in advance

>From: Matthias Fischmann <fis at wiwi.hu-berlin.de>
>Reply-To: or-talk at freehaven.net
>To: or-talk at freehaven.net
>Subject: Re: Setting up TOR
>Date: Mon, 14 Mar 2005 15:19:22 +0100
>
>
>On Mon, Mar 14, 2005 at 09:04:01AM -0500, jesus saves wrote:
> > To: or-talk at freehaven.net
> > From: jesus saves <ilcjvm at hotmail.com>
> > Subject: Setting up TOR
> > Reply-To: or-talk at freehaven.net
> >
> > Hi,
> >
> > I was recently tasked with setting up TOR in our lab environment where i
> > work to see if it would be useful tool for us to be "anonymous" while
> > conducting pen testing. I installed TOR on Win. XP box. I ran TOR.  In
> > order to see if TOR was working properly, I connected to the web using a
> > dial up client and then I scanned my co-workers box using nmap from ppp0
> > interface. While I was scanning his box, he ran tcpdump on his end to 
>see
> > the traffic and he was able to tell that the traffic was coming directly
> > from me.
> >
> > If I understand TOR correctly, if I'm running TOR, when I connect to the
> > internet,  and I send traffic, my traffic should go through a series of
> > onion router, so it would be difficult to determine the source of the
> > traffic. When running the above test, my co-worker did not see any 
>traffic
> > from any ip other than my ppp0 address.  Am I do something wrong?
>
>tor opens a tunnel entry (to be more specific: a socks server) on your
>host that will swallow any tcp traffic that you have configured to let
>through, and route it through tor to an exit point different from your
>host.  however, if you don't tell your application, it won't find the
>tunnel entry and use direct connections as before.
>
>so you need to "socksify" the program generating network traffic,
>i.e. force it through a socks firewall.  there are tools to do that
>which are fairly easy to operate.  you find all the links you need on
>tor.eff.org.
>
>was that your problem?
>
>hope this helps,
>matthias
><< signature.asc >>

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today - it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

More information about the tor-talk mailing list