Library Defeats Tor

Scott Bennett bennett at cs.niu.edu
Fri Sep 28 00:52:30 UTC 2007 

     On Thu, 27 Sep 2007 20:35:58 -0400 Watson Ladd <watsonbladd at gmail.com>
wrote:
>mark485anderson at eml.cc wrote:
>> Then after agreeing to the TOS, you are able to connect to tor servers,=
>
>> but all dns requests go through a library computer IP, such that they
>> can see and record where you are going. I am not sure if they can see
>> the TCP content, but the UDP (which I assume is the dns lookups are all=
>
>> being monitored and probably logged by the library server through which=
>
>> you are connected. Firewall logs clearly show the outgoing and incoming=
>
>> DNS packets to the library IP. Rest of connections to Tor servers in th=
>e
>> firewall log appear normal.
>Make sure to run DNS queries over tor if anonymity is important.

     Absolutely.  Check your privoxy configuration file to make sure its
first line is

forward-socks4a / localhost:9050 .

If you're using some other port than 9050, change that accordingly.  Other
programs, e.g. PuTTY, will need to be configured, too, if you use them.
In the case of PuTTY, each remote login site that you configure to be
proxied through tor will need to be set to use socks5 and to do DNS name
lookups at the proxy end (see "Proxy" under "Connection").

>>=20
>> I have not run a sniffer yet on this, because my laptop is old and it
>> might not be able to handle it. But tor anonymity is obviously shot whe=
>n
>> connecting to their wifi nodes. I believe I tried to block the DNS
>> lookups to the Library IP with privoxy generic block rules and then I\
>Using socks-4a should fix this.

     Right.  Or socks5, though privoxy doesn't yet appear to support that.

>> could not load any web pages, indicating again that the dns requests ar=
>e
>> first being routed to the library machine, where they are, of course,
>> logged (and maybe sent off to the FBI, if your reading muslim materials=
>,
>> haha).
>Now are these DNS requests for sites you are browsing? It sounds like
>that is the case, but I just want to make sure.

     Most public wireless locations use no encryption at all.  In these
situations, things like tor and SSH are about the only significant privacy
protection most users have.


                                  Scott Bennett, Comm. ASMELG, CFIAG
**********************************************************************
* Internet:       bennett at cs.niu.edu                              *
*--------------------------------------------------------------------*
* "A well regulated and disciplined militia, is at all times a good  *
* objection to the introduction of that bane of all free governments *
* -- a standing army."                                               *
*    -- Gov. John Hancock, New York Journal, 28 January 1790         *
**********************************************************************

More information about the tor-talk mailing list