Reducing java leakage in windows
coderman
coderman at gmail.com
Sun Dec 2 20:10:43 UTC 2007
On Dec 2, 2007 11:02 AM, Arrakis <arrakistor at gmail.com> wrote:
> It appears that Java attacks for causing external IP data to be leaked
> can be mitigated to some good degree. The upshot is that you can now run
> Java applets that even when attempting to phone home directly (revealing
> your IP), they are routed through the socks port
> ... [ discussion of deployment.properties for socks setup ]
the last time i looked into this (over a year ago) the socks proxy
settings, either 4 or 5, still did name lookup external to the proxy
(not 4a nor 5 with names). this means the same DNS resolution tricks
to leak your IP will work, even if the simpler "open a TCP sock to
eve" does not.
i think HD Moore's revealer used this as one of the tricks, so it
might be worth checking against that with an updated
deployment.properties to confirm.
if you really want to use java you should use it behind a transparent Tor proxy.
best regards,
More information about the tor-talk
mailing list