[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Proper TOR DNS Configuration Testing Help
Mark Manning wrote:
That's awesome! That's exactly how I was thinking but to be honest I
wasn't sure how to implement the background service that ties the query
logs to the web server.
If it wouldn't take too long, do you think you could talk about the
specifics a little bit more?
1.) You visit http://clayman.tor.grepular.com/torcheck.cgi
2.) The cgi generates a unique code. In this case, a 32 character
alphanumeric string. It then spits out some html containing several
triggers to try and make the web browser do a dns lookup on
"$code.tordnscheck.grepular.com" where $code is replaced by the unique
id it just generated. The triggers are inside the <head></head> and are:
<link rel="stylesheet" type="text/css"
href="http://$code.tordnscheck.grepular.com/style.css" />
<link rel="shortcut icon" type="image/x-icon"
href="http://$code.tordnscheck.grepular.com/favicon.ico" />
<script type="text/javascript"
src="http://$code.tordnscheck.grepular.com/script.js"></script>
3.) A meta refresh then refreshes the page and adds ?code=$code to the
uri arguments.
4.) When the page is reloaded it "asks" a separate process that I will
describe in a moment, whether or not it knows the IP that did the lookup
of $code.tordnscheck.grepular.com, and if so it displays it.
5.) There is a separate process written in perl, which uses File::Tail
to monitor the bind query log. It's a threaded application. One thread
tails the log looking for entries like $code.tordnscheck.grepular.com.
When it comes across any, it stores the code and the ip together in a
shared variable, for up to 10 minutes
6.) The second thread accepts incoming socket connections. Basically,
the torcheck.cgi script makes a tcp connection to the app tailing the
log file and writes $code to it, and the app then returns the IP address
and closes the connection.
The gopher request works in a similar fashion. The trigger is:
<img src="gopher://grepular.com/torgophertest/$code" width="0" height="0" />
Then I have another application listening on the gopher port looking for
requests like "/torgophertest/$code" and then linking $code with the
client IP. Then it makes the information available to the cgi via the
same socket method.
I hope that all makes sense.
Mike