[tor-talk] [warn] Rejecting SOCKS request…

Drew at FoundingDocuments.org Drew at FoundingDocuments.org
Tue Jun 11 20:58:39 UTC 2019


Jun 03 23:02:51.000 [warn] Rejecting SOCKS request for anonymous connection to private address [scrubbed]. [2 similar message(s) suppressed in last 300 seconds]


I have done some reading on what this means but am still unclear. I see this warning because I %include a ‘log notice’ line. Using Tor Browser and visiting some websites causes this warning to appear. 

At first the warning sounded like a webpage might have a JavaScript on it that was able to concoct a command to talk the SOCKS protocol specifically to [invade privacy]. This seemed possible since I didn’t check the log as I browse and sometimes I am forced to enable JavaScript and thus load external js files. Yes, I do my best to conscientiously always browse with JS off.

But after paying closer attention during browsing and looking at the source of a page I loaded, I’m pretty sure the message is generated by various in-line JavaScripts. Please excuse me for not actually testing this. 

Below are a few trac tickets regarding the log notice [warn] and for a twist of irony which I didn’t intend, the StackExchange page will generate this [warn] and you can also read about what is said there. :-) 

My question is similar ~ what does this warning mean? What’s being attempted? Perhaps a websockets connection? I see wss:// is in the Stack Exchange source. But a check of Wikipedia https://en.wikipedia.org/wiki/WebSocket indicates websockets is designed to work/upgrade/[hijack] traditional http port 80 & port 443 connections.  So this perhaps is why I don’t see ws:// or wss:// in other webpages which generate a [warn]? 

Is the “private address [scrubbed]” in my LAN? Or is it inside of one of these tracking companies? 

Last but not least I am sure a “Thank You Tor Developers” is in order for blocking these things!

--------------
https://trac.torproject.org/projects/tor/ticket/13129
Option for downgrading "Rejecting SOCKS request for anonymous connection to private address” log


https://trac.torproject.org/projects/tor/ticket/10419#comment:32
Can requests to 127.0.0.1 be used to fingerprint the browser?

https://tor.stackexchange.com/questions/1537/what-does-warning-rejecting-socks-request-for-anonymous-connection-to-private
What does “[Warning] Rejecting SOCKS request for anonymous connection to private address [scrubbed].” means?


More information about the tor-talk mailing list