[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Tor transparent proxy implementation on Windows

To: songso@xxxxxxxxxxx
Subject: Re: [tor-talk] Tor transparent proxy implementation on Windows
From: Lee Fisher <blibbet@xxxxxxxxx>
Date: Wed, 21 Dec 2011 16:16:19 -0800
Cc: tor-talk@xxxxxxxxxxxxxxxxxxxx
Delivered-to: archiver@xxxxxxxx
Delivery-date: Wed, 21 Dec 2011 19:15:57 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=/BOC/qbh75IqQXpAQuq6e77Pbw6U5QWlXvWtCubIY+s=; b=UYSa+ThqVghwoUsCsSUYGWgmASL/kvmANijbcHey+QKodgLpSeBYplkfwAnbpP9t6+ LjwMFK0jU6DxRqISjyJhqGUB7t8RUFPK0g76g1xNGeAGk3z8twSzM0ppxMhk7rOe0xve tAfEaOzdwfUQJUwlcVseZzz7sNuKPZuKJc1cM=
In-reply-to: <1RdTtB-0009J4-Am@xxxxxxxxxxxxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-talk>
List-help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-id: "This mailing list is for all discussion about theory, design, and development of Onion Routing." <tor-talk.lists.torproject.org>
List-post: <mailto:tor-talk@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
References: <1RdTtB-0009J4-Am@xxxxxxxxxxxxxxxxxxxx>
Reply-to: tor-talk@xxxxxxxxxxxxxxxxxxxx
Sender: tor-talk-bounces@xxxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.5; rv:6.0.1) Gecko/20110830 Thunderbird/6.0.1

On 12/21/11 1:39 PM, songso@xxxxxxxxxxx wrote:

> I am quite convinced of the transparent proxy approach. The conceptssound

> very convincing. [1] [2]
...
> Can you point me or post please some instructions how to build a Tor
> transparent proxy environment for Windows? (Windows host, Windows guest)

The current solution for Windows is to run a Linux distro. :-) So, useTAILs.

For a Windows solution that doesn't require another OS VM, there are fewways to go:

SOCKS is not well supported on Windows, at least by Windows. There are afew third party SOCKS solutions for Windows, none built-in. The maintechnique used for this is DLL Injection, which intercept's the appsWinSock API calls, and redirects the destination to the SOCKS server, toTor. The Microsoft Research "Detours" technology is an API for this sortof thing. Besides some antimalware tools disliking SOCKS DLL injectingsolutions, most solutions that I know of are user-mode-only, ignoringkernel socket I/O.

Windows Firewall in modern Windows is less lame than in the past. The'netcmd' tool can be used to setup rules like 'iptables' does on Linux.It might be possible to use Windows Firewall API in Tor or Vidalia atinstall-time to work with a transparent proxy solution.

http://msdn.microsoft.com/en-us/library/windows/desktop/aa366319%28v=VS.85%29.aspx

On Windows, Suricata uses the NetfilterWindows driver. I've not triedthis driver yet, not sure what options it might offer for Tor.

http://sourceforge.net/projects/netfilterforwin/
https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Windows

There's also this, which is a third party commercial tool, I've notlooked at, not sure what technology they're using.

http://netfiltersdk.com/

AFAIK, if the Firewall API can't handle it, the current proper Windowsnative solution for transparent socket proxying under Windows is towrite an Windows Filtering Platform (WFP) driver. I don't believe thereis any such drive that exists, in the open source community.

http://msdn.microsoft.com/en-us/library/windows/desktop/aa366510%28v=vs.85%29.aspx

All that said, IMO you'd be best to stick with TAILS until someone fromthe TorProject says that one of the above things works properly with Tor.


HTH
_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

References:
- [tor-talk] Tor transparent proxy implementation on Windows
  - From: songso

Prev by Author: Re: [tor-talk] Automatic vulnerability scanning of Tor Network?
Next by Author: Re: [tor-talk] Tor transparent proxy implementation on Windows
Previous by thread: [tor-talk] Tor transparent proxy implementation on Windows
Next by thread: Re: [tor-talk] Tor transparent proxy implementation on Windows
Index(es):
- Author
- Thread