Re: FreeCap and a Tor server – good combination?

Watson Ladd watsonbladd at
Tue May 2 01:34:20 UTC 2006

Because anyone observing the SOCKS server will be able to see what you are
doing just as well as if it was your computer.

On 4/28/06, Tor User <toruser256 at> wrote:
> I'm not clear what you mean by " It loses security as one endpoint is
> being used", could you expound on it?  In the setup I was describing, the
> Tor circuits still go through the same number of Tor routers, and since my
> Tor server is just a middleman, nobody is exiting at the SOCKS server that I
> used SSH to tunnel to... Basically, my server's connections to other Tor
> servers are tunneled through SSH to some SOCKS server instead of just going
> directly to the next Tor router in the circuit. Thanks.
> *Watson Ladd <watsonbladd at>* wrote:
> It loses security as one endpoint is being used. Tor uses multiple
> endpoints for sucessive connections to avoid tracking a connection.
> On 4/27/06, Tor User <toruser256 at> wrote:
> >
> > I've been running an Tor server (middleman only) for a while and I've
> > been wondering about using FreeCap and an account on an SSH server that has
> > a SOCKS proxy to tunnel my Tor server's connections over an SSH tunnel to
> > the SOCKS proxy running on that SSH server.   Hopefully I explained that
> > clearly, if not maybe this will help to visualize it:
> >
> > TOR Server – FreeCap – SSH Tunnel – SOCKS proxy – [Out to internet]
> >
> > I have tried testing this and it works.   Clients are able to connect to
> > my TOR server, and in trying it myself there is no noticeable increase in
> > latency (ping time to the SSH server is < 15ms, and the server has a fast
> > CPU and faster network connection).   As far as I can tell, based on
> > netstat and the like, when I client connects to my server, their circuit is
> > built through the SSH tunnel and then to the SOCKS proxy server, and then
> > out on the internet to the next Tor server in the circuit.  When data
> > comes back to my Tor server, it first comes through the SOCKS proxy on to
> > the SSH tunnel, and then to my Tor server, then to the client or other Tor
> > server in the chain.
> >
> > I get the feeling that this should be more secure because:
> >
> >  My ISP can't monitor my Tor server's outgoing connections.
> > Even of the SSH/SOCKS server's connection was monitored, other peoples
> > Tor circuits should be mixed in with my Tor server's connections.
> >
> > Any thoughts on this?
> >
> >  Also, just so there is no confusion, I am an authorized user of the
> > SSH/SOCKS server, and I am not under any bandwidth or CPU usage constraints.
> > My access to the server is very fast and the tiny bit of latency seems
> > trivial.  I'm only interested in the security implications of this
> > approach.  Thanks!
> >  ------------------------------
> > Love cheap thrills? Enjoy PC-to-Phone calls to 30+ countries<**>for just 2¢/min with Yahoo! Messenger with Voice.
> >
> --
> "Those who would give up Essential Liberty to purchase a little Temporary
> Safety deserve neither  Liberty nor Safety."
> -- Benjamin Franklin
> ------------------------------
> Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates
> starting at 1¢/min.
> <**>

"Those who would give up Essential Liberty to purchase a little Temporary
Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the tor-talk mailing list