Set up a webproxy to TOR - tor-proxy.net
Ricky Fitz
calypso at satyr.ath.cx
Tue Sep 25 07:54:10 UTC 2007
Hi Robert,
you wrote:
> So is your cgi-proxy routing everything to an instance of privoxy/polipo
> running on your machine or directly to the tor socks port?
>
> If it is routing everything to privoxy/polipo, what configuration are you
> using?
>
> I think it is this sort of detail that phobos has in mind.
Okay, here are how it works.
There is CGIProxy which gets the requests over an SSL-secured channel.
It takes them, and give it to a local squid-instance, which does some
caching to speed things up and take load of the TOR-network. If
requested data is not in the cache, squid gives the request to local
running privoxy, which routes it to the local running TOR-server.
Using privoxy seems to be senseless, but I did not find the possibility
to make squid route to socks.
To prevent any DNS-Leaks, I redirect all outgoing traffic to port 53 to
the dns-proxy of Fabian Keil
( http://www.fabiankeil.de/blog-surrogat/2006/06/08/von-kopf-bis-fuss-auf-tor-eingestellt.html )
You can see that TOR is resolving DNS, because it is possible to access
HiddenServices.
Probably I will kick squid out of the setup for legal reasons. I am
currently unsure, if I am responsible for (illegal) content in the
squid-cache. So I have to read up about this.
Do you see anonymity-risks there or have ideas to make things better?
Best Regards,
Ricky.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20070925/e14b1be4/attachment.pgp>
More information about the tor-talk
mailing list