[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: SOCKS 4a or SOCKS 5 when using Polipo?

On Sun, 21 Nov 2010 11:48:59 +0000
Matthew <pumpkin@xxxxxxxxx> wrote:

>   Hello,
> According to the Tor manual 
> (https://trac.torproject.org/projects/tor/wiki/TheOnionRouter/TorFAQ#IkeepseeingthesewarningsaboutSOCKSandDNSandinformationleaks.ShouldIworry) 
> one should use SOCKS 4a.
> AIUI, Polipo or Privoxy are used as HTTP proxies which then allow the 
> client (Firefox) to "speak" to Tor as SOCKS 4a (therefore providing 
> hostnames rather than already resolved IP addresses as with SOCKS 4 or 5).

That was the original reason to use an HTTP proxy between Firefox and
Tor.  Firefox can now be configured to resolve hostnames using the
SOCKS proxy -- set the ânetwork.proxy.socks_remote_dnsâ option in
about:config to âtrueâ, or use Torbutton, which automatically sets that

The current reason to use an HTTP proxy between Firefox and Tor is that
Firefox has an inappropriately short, hard-coded timeout for
connections through SOCKS proxies.  See

> I therefore do not understand why in the Tor version of the Polipo 
> configuration file 
> (https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf) 
> it says:
> # Uncomment this if you want to use a parent SOCKS proxy:
> socksParentProxy = "localhost:9050"
> socksProxyType = socks5

Like the SOCKS 4A protocol, the SOCKS 5 protocol allows clients to
specify a hostname instead of an IP address, and Polipo does so.  Other
clients, including Firefox with the (well-hidden) socks_remote_dns
option turned off, may not specify a hostname to a SOCKS 5 server.

Robert Ransom

Attachment: signature.asc
Description: PGP signature