[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: FreeCap and a Tor server – good combination?



Yes, I understand that anyone monitoring the SOCKS server could see my (middleman only) Tor server's connections to other Tor Servers, but wouldn't tunneling through this SSH/SOCKS server mean that an attacker would have to be able to monitor the SOCKS server (to see where my server is connecting to) as well as monitoring my computer (to see where the connections to my server came from)?

Watson Ladd <watsonbladd@xxxxxxxxx> wrote:
Because anyone observing the SOCKS server will be able to see what you are doing just as well as if it was your computer.

On 4/28/06, Tor User < toruser256@xxxxxxxxx> wrote:
I'm not clear what you mean by " It loses security as one endpoint is being used", could you expound on it?  In the setup I was describing, the Tor circuits still go through the same number of Tor routers, and since my Tor server is just a middleman, nobody is exiting at the SOCKS server that I used SSH to tunnel to... Basically, my server's connections to other Tor servers are tunneled through SSH to some SOCKS server instead of just going directly to the next Tor router in the circuit. Thanks.


Watson Ladd <watsonbladd@xxxxxxxxx > wrote:
It loses security as one endpoint is being used. Tor uses multiple endpoints for sucessive connections to avoid tracking a connection.

On 4/27/06, Tor User <toruser256@xxxxxxxxx > wrote:
I've been running an Tor server (middleman only) for a while and I've been wondering about using FreeCap and an account on an SSH server that has a SOCKS proxy to tunnel my Tor server's connections over an SSH tunnel to the SOCKS proxy running on that SSH server.   Hopefully I explained that clearly, if not maybe this will help to visualize it:

TOR Server â?? FreeCap â?? SSH Tunnel â?? SOCKS proxy â?? [Out to internet]

I have tried testing this and it works.   Clients are able to connect to my TOR server, and in trying it myself there is no noticeable increase in latency (ping time to the SSH server is < 15ms, and the server has a fast CPU and faster network connection).   As far as I can tell, based on netstat and the like, when I client connects to my server, their circuit is built through the SSH tunnel and then to the SOCKS proxy server, and then out on the internet to the next Tor server in the circuit.   When data comes back to my Tor server, it first comes through the SOCKS proxy on to the SSH tunnel, and then to my Tor server, then to the client or other Tor server in the chain.

I get the feeling that this should be more secure because:

My ISP can't monitor my Tor server's outgoing connections.
Even of the SSH/SOCKS server's connection was monitored, other peoples Tor circuits should be mixed in with my Tor server's connections.

Any thoughts on this?

Also, just so there is no confusion, I am an authorized user of the SSH/SOCKS server, and I am not under any bandwidth or CPU usage constraints.   My access to the server is very fast and the tiny bit of latency seems trivial.  I'm only interested in the security implications of this approach.  Thanks!

Love cheap thrills? Enjoy PC-to-Phone calls to 30+ countries for just 2¢/min with Yahoo! Messenger with Voice.



--
"Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin


Talk is cheap. Use Yahoo! Messenger to make PC-to-Phone calls. Great rates starting at 1¢/min.



--
"Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin


Yahoo! Mail goes everywhere you do. Get it on your phone.