[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Blocked by Websense

Roger Dingledine wrote:
> On Sun, Nov 26, 2006 at 05:10:22PM +0800, John Kimble wrote:


>> A couple of questions:
>> Is there a way I can somehow supply Tor with directory information
>> when Tor is unable to do a plaintext HTTP download (which is quite
>> easy to block based on fixed strings in the path) when it starts up?
> Get a cached-routers file and the cached-status/* files from
> somewhere. Bring them from home on a USB stick if you like. I'm not
> sure how recent they need to be -- if you're using 0.1.1.x it needs
> to be from within 24 hours. I believe is more forgiving,
> but not by much. Let me know if you get it working and what it takes.
> Future versions of Tor will bootstrap better with whatever files it
> starts with; and will avoid the particular fingerprinting vulnerability
> you describe above.
>> Provided the first question is solved, once Tor has built its
>> circuits, can it be configured to download its directory updates
>> through the Tor circuits, so as to avoid leaving behind these telltale
>> footprints of periodical Tor directory downloads?
> Set "__AllDirActionsPrivate 1" in your torrc.
> (This config option is intended for controllers that bootstrap your
> initial circuits themselves, but it should work fine as a manual
> workaround for now.)
> Hope that helps,
> --Roger

wouldn't it be good to have tor keep track of some routers in
'last-known-good-working' circuits plus a bunch of
'average-best-working' routers  and keep those in a cache from
which tor starts up from to make the first connections to directory
servers through those or's.
for example from my dialup connection tor uses always the same few
entry servers to start building circuits (i guess those with the
lowest latency), so it would not make any difference (in regard of
predictability) to keep these routers locally cached and fetch the
directory information through circuits composed of those servers.
i know there are some problems with such functionality like
- initial startup (e.g. on a fresh installation)
- startup after a long period of inactivity (cache becomes outdated)

a solution to this could be the establishment of permanent tor servers
which are used to bootstrap from...

lester psigal

Telefonate ohne weitere Kosten vom PC zum PC: http://messenger.yahoo.de