Hi again, Sorry for the delay to respond! On 10 Dec (20:27:14), tor@xxxxxxxxxxxxxxxxx wrote: > Hello David, > > thank you for your reaction. I've read some information about > "Torsocks" now and yes, it seems to be similar. Unfortunately the > information on Torsocks's homepage is rather short. So I can't tell > you if the internal technology is similar. Currently, an effort is still ongoing on rewriting torsocks and in code review process right now. Thus, the webpage is probably out of date big time. > It tells that it explicitly rejects UDP traffic. It would be possible > to block UDP traffic in InjectSOCKS as well. By the way, why does Tor > not support UDP via SOCKS? Yes, UDP is simply not supported by Tor thus it will be rejected when opening the socket. Actually, it's not only UDP that should be blocked but *every* other protocol except TCP. For instance, there is no way to send icmp request through Tor thus we don't want that to leak. > The Torsocks documents also say that it blocks local traffic as well. > While implementing InjectsSOCKS I saw that some Windows software > needs local traffic in order to work for internal inter process > communication (maybe Internet Explorer - not sure anymore). So I've > explicitly prevented using the SOCKS server for local traffic > (wouldn't make sense) and don't reject it - otherwise this software > wouldn't work anymore. This is dangerous and the reason why it's denied is that the application could easily make a DNS request for instance to a local server that will then resolve it on a remote one thus leaking. You should really reconsider that, going locally can be fine but also really dangerous. > > > Do you think you can put your code into a git repository (github, > > gitourious, ...). That would be *very* helpful to review/contribute > > and track changes. > > Unfortunately I'm not familiar with git. However, the source code is > rather small. The most important parts are in InjectSOCKS_DLL.c > The sources are already commented a little bit, but I think that I'll > add Visual C++ XML or doxygen style documentation. This way it's > easier to understand and review/analyze the code. For the moment I'd > like to suggest sending me any change suggestions or questions via > e-mail. If we detect that this is not manageable, we can still switch > to a different solution. Maybe you can use one you are familiar with? SVN, bazaar ... ? It's just that for an open source project, having it easily browsable on a public server that *anyone* can clone the latest, it helps a great deal. Maybe it's a good time to get familiar with the most awesome tool you'll ever play with, git! :P > > By the way, I've released V1.1 of InjectSOCKS now. This adds the BSD > license text and a dialog for creating a Windows shortcut file to > call InjectSOCKS correctly. The dialog pops up when you start > InjectSOCKS without any parameter. This helps users not familiar with > the command line. > Known bug: There is a small possible memory leak in the function > "CreateLink" of that dialog; it will be fixed in the next release :-) I'll take a look at it and if I can find a Windows, test it. From that point on, I'll check how feasible it is to integrate what you did in the new torsocks code so we can have *nix and Windows support in the same tool, that would be quite awesome. Cheers and thanks for this! David > > Regards, > ghostmaker > _______________________________________________ > tor-dev mailing list > tor-dev@xxxxxxxxxxxxxxxxxxxx > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev