[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector

To: or-talk@xxxxxxxxxxxxx
Subject: Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
From: 7v5w7go9ub0o <7v5w7go9ub0o@xxxxxxxxx>
Date: Wed, 25 Jun 2008 19:53:38 -0400
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Wed, 25 Jun 2008 19:53:51 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=1dxEVoBAkm8mJ3tYYeoB9vTp9Juu2pQfx/rOGPr4olA=; b=OGqpmcsdemSZ6FnGAIooZVgKWFVSdxWsDpJSkEMN7YvaI1p/AWtomH6zzm2oauPxeN 51ZduBTxN0Q7TrEe3R+gDY+BefFsPby7Guz31mG81YUVyNHq0wQ8i+CIVX/20Jij6UBE 7NEdZ/thuI5ota0gKTBC5BH3T+RmD/5Q9ebK0=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=AKTMKjHvXHoR7g21EGmGQfHPqlxsyIU0bE5hyCXDTS2EVkgnXG+Kvo/Jojxxj7JTeg L/NMOc/qkCI8HpaVXiOQQtHQB6zmBlAUjZJBIVWKXE2hSML/nDjChjKPeHNPM8UnwlYa FTUmpwkv1S5XEgCe96K7WmjZ7Vyi/iCWNpiAo=
In-reply-to: <20080625133336.GB16441@xxxxxxxxxxxxxxxxx>
References: <200806221054.53587.bf@xxxxxxxxxxxxxxxx> <48616892.9020101@xxxxxxxxx> <200806251315.04758.bf@xxxxxxxxxxxxxxxx> <4862451C.4040705@xxxxxxxxx> <20080625133336.GB16441@xxxxxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.14 (X11/20080421)

Dave Page wrote:

On Wed, Jun 25, 2008 at 09:16:12AM -0400, 7v5w7go9ub0o wrote:

Bernhard Fischer wrote:

On Tuesday 24 June 2008, 7v5w7go9ub0o wrote:

My hope is to use OnionCat on my laptop to VNC via TOR to my home
computer using nomachine NX. Is that kind of use possible with OC?

1. Connecting via TOR would be an extra, minor security option toconceal the fact that my home is running a VNC server - eavesdroppingkids at the hotspot may try to make it a hacking "prize".


If you are connecting using NX, the only port you need to access is SSH
- all NX traffic is tunneled over that. Of course, you should never use
the default NX SSH keys over the Internet.


Thanks for replying! I've set up new keys; NX works great! :-)

So if I  was using NX/SSH to the non-standard port of 443, and if my
server box looked like this:

eth0      Link encap:Ethernet  HWaddr 00:A0:A8:B4:45:74
          inet addr:192.168.1.4  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::2a0:ccff:fe7a:4574/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:8493 errors:0 dropped:0 overruns:0 frame:0
          TX packets:6762 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:7177839 (6.8 Mb)  TX bytes:1668147 (1.5 Mb)
          Interrupt:16 Base address:0x6000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:89151 errors:0 dropped:0 overruns:0 frame:0
          TX packets:89151 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:76689713 (73.1 Mb)  TX bytes:76689713 (73.1 Mb)

tun0      Link encap:UNSPEC  HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
          inet6 addr: fd87:d87e:eb43:e20e:a09d:5e14:fabb:edf3/48
Scope:Global
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

1. what address would I put in my SSH config to have it listen to OC?

config looks like this now:

#Port 22
Port 443

#AddressFamily any
#ListenAddress 0.0.0.0
#ListenAddress ::
=======================================
so would it be, e.g.:

ListenAddress fd87:d87e:eb43:e20e:a09d:5e14:fabb:edf3

or perhaps:

ListenAddress fe80::2a0:ccff:fe7a:4574

or perhaps:

ListenAddress 0.0.0.0

or ???

<snip>


You should be able to connect to your machine over SSH via Tor, and then
connect out from that machine normally.


Right you are.

I tried to connect out last night and couldn't get anywhere.  I tried
again today, and it works fine.

e.g.

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
loopback        *               255.0.0.0       U     0      0        0 lo
default         192.168.1.1     0.0.0.0         UG    0      0        0 eth0


Thanks In Advance

Follow-Ups:
- Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
  - From: Bernhard Fischer

References:
- OnionCat -- An IP-Transparent TOR Hidden Service Connector
  - From: Bernhard Fischer
- Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
  - From: 7v5w7go9ub0o
- Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
  - From: Bernhard Fischer
- Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
  - From: 7v5w7go9ub0o
- Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
  - From: Dave Page

Prev by Author: Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
Next by Author: Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
Previous by thread: Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
Next by thread: Re: OnionCat -- An IP-Transparent TOR Hidden Service Connector
Index(es):
- Author
- Thread