[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: A small how-to - request for comments



On Wed, Aug 25, 2004 at 11:28:30PM -0400, Nick Mathewson wrote:
> Thanks, Thomas!  Cool HOWTO.  

Thanks.

> Have you thought about adding it to the
> wiki?  (http://wiki.noreply.org/wiki/TheOnionRouter)

Yes, I'll add it as soon as it has matured a bit.

> I worry about sections 2 through 4, though.  One warning about using
> tsocks in this way, however.

I thought about that and figured that it's better that people use
Tor/tsocks than running around without any of them. 
I also tried to make fetchmail use tor-resolve before polling but it seems its not
possible to do so.
Something like

 poll %h with proto POP3
  	[...]
	preconnect %h="tor-resolve mail.server.com";

would be kind of nice...

> tsocks correctly replaces 'connect' calls with calls to your SOCKS
> proxy (Tor).  But tsocks doesn't do anything about requests to your
> DNS server.  This means that if you refer to any machines by hostname
> when you're using tsocks, you'll be sending that hostname over the
> network, perhaps leaking the fact that you are about to connect to the
> corresponding server.
> 
> Tor 0.0.8 has a workaround for this problem, until we can hack tsocks
> (or a work-alike) to support DNS.  Instead of using a hostname
> directly, first use 'tor-resolve' to resolve the hostname into an IP
> (via Tor) and then use that IP address with your tsocks-ified
> application.

I've added this to the page (guessing that most people dont read the Tor
design doc).

/Thomas
-- 
== Encrypted e-mails preferred | GPG KeyID: 114AA85C
--

Attachment: signature.asc
Description: Digital signature