Re: FreeCap and a Tor server – good combination?
watsonbladd at gmail.com
Tue May 2 23:00:47 UTC 2006
To link you to the connections, yes. To link connections, no.
On 5/2/06, Tor User <toruser256 at yahoo.com> wrote:
> Yes, I understand that anyone monitoring the SOCKS server could see my
> (middleman only) Tor server's connections to other Tor Servers, but wouldn't
> tunneling through this SSH/SOCKS server mean that an attacker would have to
> be able to monitor the SOCKS server (to see where my server is connecting
> to) as well as monitoring my computer (to see where the connections to my
> server came from)?
> *Watson Ladd <watsonbladd at gmail.com>* wrote:
> Because anyone observing the SOCKS server will be able to see what you are
> doing just as well as if it was your computer.
> On 4/28/06, Tor User < toruser256 at yahoo.com> wrote:
> > I'm not clear what you mean by " It loses security as one endpoint is
> > being used", could you expound on it? In the setup I was describing, the
> > Tor circuits still go through the same number of Tor routers, and since my
> > Tor server is just a middleman, nobody is exiting at the SOCKS server that I
> > used SSH to tunnel to... Basically, my server's connections to other Tor
> > servers are tunneled through SSH to some SOCKS server instead of just going
> > directly to the next Tor router in the circuit. Thanks.
> > *Watson Ladd <watsonbladd at gmail.com >* wrote:
> > It loses security as one endpoint is being used. Tor uses multiple
> > endpoints for sucessive connections to avoid tracking a connection.
> > On 4/27/06, Tor User <toruser256 at yahoo.com > wrote:
> > >
> > > I've been running an Tor server (middleman only) for a while and I've
> > > been wondering about using FreeCap and an account on an SSH server that has
> > > a SOCKS proxy to tunnel my Tor server's connections over an SSH tunnel to
> > > the SOCKS proxy running on that SSH server. Hopefully I explained
> > > that clearly, if not maybe this will help to visualize it:
> > >
> > > TOR Server – FreeCap – SSH Tunnel – SOCKS proxy – [Out to internet]
> > >
> > > I have tried testing this and it works. Clients are able to connect
> > > to my TOR server, and in trying it myself there is no noticeable increase in
> > > latency (ping time to the SSH server is < 15ms, and the server has a fast
> > > CPU and faster network connection). As far as I can tell, based on
> > > netstat and the like, when I client connects to my server, their circuit is
> > > built through the SSH tunnel and then to the SOCKS proxy server, and then
> > > out on the internet to the next Tor server in the circuit. When data
> > > comes back to my Tor server, it first comes through the SOCKS proxy on to
> > > the SSH tunnel, and then to my Tor server, then to the client or other Tor
> > > server in the chain.
> > >
> > > I get the feeling that this should be more secure because:
> > >
> > > My ISP can't monitor my Tor server's outgoing connections.
> > > Even of the SSH/SOCKS server's connection was monitored, other peoples
> > > Tor circuits should be mixed in with my Tor server's connections.
> > >
> > > Any thoughts on this?
> > >
> > > Also, just so there is no confusion, I am an authorized user of the
> > > SSH/SOCKS server, and I am not under any bandwidth or CPU usage constraints.
> > > My access to the server is very fast and the tiny bit of latency
> > > seems trivial. I'm only interested in the security implications of
> > > this approach. Thanks!
> > > ------------------------------
> > > Love cheap thrills? Enjoy PC-to-Phone calls to 30+ countries<http://us.rd.yahoo.com/mail_us/taglines/postman9/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com/>for just 2¢/min with Yahoo! Messenger with Voice.
> > >
> > --
> > "Those who would give up Essential Liberty to purchase a little
> > Temporary Safety deserve neither Liberty nor Safety."
> > -- Benjamin Franklin
> > ------------------------------
> > Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great
> > rates starting at 1¢/min.
> > <http://us.rd.yahoo.com/mail_us/taglines/postman7/*http://us.rd.yahoo.com/evt=39666/*http://messenger.yahoo.com>
> "Those who would give up Essential Liberty to purchase a little Temporary
> Safety deserve neither Liberty nor Safety."
> -- Benjamin Franklin
> Yahoo! Mail goes everywhere you do. Get it on your phone<http://us.rd.yahoo.com/evt=31132/*http://mobile.yahoo.com/services?promote=mail>.
"Those who would give up Essential Liberty to purchase a little Temporary
Safety deserve neither Liberty nor Safety."
-- Benjamin Franklin
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the tor-talk