[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Tor conection problem

To: or-talk@xxxxxxxxxxxxx
Subject: Tor conection problem
From: Edward Langenback <apostle@xxxxxxxxxxx>
Date: Mon, 3 Oct 2005 00:56:13 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Mon, 03 Oct 2005 01:56:51 -0400
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Greetings,

I have been having problems connecting via Tor that just don't make sense to me.
I've been over every setting and option for both programs below as well as Tor.

I've tried uninstalling, cleaning the system, and re-installing both
programs and Tor and I've also tried using both the 'stable' version
and the 'alpha' version. in both cases i'm using the default torrc
file provided by the installer.

Using JBN2-mod-2005-08-17 (the latest Panta mod) to post a message using the
smtp server at rjgcfnw4sd2jaqfu.onion

JBN set to use Tor as proxy (by ticking one option and restarting program)

With firewall set to ask when program attempts non-proxy connections, sygate
offers the following details

at the time of test, my i.p. is 207.119.207.80
my dyndns domain is peculiar.homeip.net


File Version :          2.01.0004
File Description :      C:\JBN2\jbn2.exe
File Path :             C:\JBN2\jbn2.exe
Process ID :            0xFFC7F771 (Heximal) 4291295089 (Decimal)

Connection origin :     local initiated
Protocol :              TCP
Local Address :         192.168.0.2
Local Port :            1068
Remote Name :           rjgcfnw4sd2jaqfu.onion.peculiar.homeip.net
Remote Address :        207.119.207.80
Remote Port :           25 (SMTP - Simple Mail Transfer Protocol)

Ethernet packet details:
Ethernet II (Packet Length: 64)
        Destination:    00-02-2a-b7-4c-85
        Source:         00-10-4b-6a-0e-0c
Type: IP (0x0800)
Internet Protocol
        Version: 4
        Header Length: 20 bytes
        Flags:
                .1.. = Don't fragment: Set
                ..0. = More fragments: Not set
        Fragment offset:0
        Time to live: 64
        Protocol: 0x6 (TCP - Transmission Control Protocol)
        Header checksum: 0x8b68 (Correct)
        Source: 192.168.0.2
        Destination: 207.119.207.80
Transmission Control Protocol (TCP)
        Source port: 1068
        Destination port: 25
        Sequence number: 722134
        Acknowledgment number: 0
        Header length: 28
        Flags:
                0... .... = Congestion Window Reduce (CWR): Not set
                .0.. .... = ECN-Echo: Not set
                ..0. .... = Urgent: Not set
                ...0 .... = Acknowledgment: Not set
                .... 0... = Push: Not set
                .... .0.. = Reset: Not set
                .... ..1. = Syn: Set
                .... ...0 = Fin: Not set
        Checksum: 0x871a (Correct)
        Data (0 Bytes)

Binary dump of the packet:
0000:  00 02 2A B7 4C 85 00 10 : 4B 6A 0E 0C 08 00 45 00 | ..*.L...Kj....E.
0010:  00 30 72 CA 40 00 40 06 : 68 8B C0 A8 00 02 CF 77 | .0r.@.@.h......w
0020:  CF 50 04 2C 00 19 00 0B : 04 D6 00 00 00 00 70 02 | .P.,..........p.
0030:  FF FF 1A 87 00 00 02 04 : 05 B4 01 01 04 02 5A E4 | ..............Z.


=====================

Trying the same test using quicksilver 1.4b22(beta version)

with tor set up in QSproxy and the test message set to use that proxy
to send via the panta-rhei smtp at rjgcfnw4sd2jaqfu.onion


File Version :
File Description :      C:\Program Files\QuickSilver\qs.exe
File Path :             C:\Program Files\QuickSilver\qs.exe
Process ID :            0xFFC4ED29 (Heximal) 4291095849 (Decimal)

Connection origin :     local initiated
Protocol :              TCP
Local Address :         192.168.0.2
Local Port :            1192
Remote Name :           rjgcfnw4sd2jaqfu.onion.peculiar.homeip.net
Remote Address :        207.119.207.80
Remote Port :           25 (SMTP - Simple Mail Transfer Protocol)

Ethernet packet details:
Ethernet II (Packet Length: 64)
        Destination:    00-02-2a-b7-4c-85
        Source:         00-10-4b-6a-0e-0c
Type: IP (0x0800)
Internet Protocol
        Version: 4
        Header Length: 20 bytes
        Flags:
                .1.. = Don't fragment: Set
                ..0. = More fragments: Not set
        Fragment offset:0
        Time to live: 64
        Protocol: 0x6 (TCP - Transmission Control Protocol)
        Header checksum: 0x705b (Correct)
        Source: 192.168.0.2
        Destination: 207.119.207.80
Transmission Control Protocol (TCP)
        Source port: 1192
        Destination port: 25
        Sequence number: 2750971
        Acknowledgment number: 0
        Header length: 28
        Flags:
                0... .... = Congestion Window Reduce (CWR): Not set
                .0.. .... = ECN-Echo: Not set
                ..0. .... = Urgent: Not set
                ...0 .... = Acknowledgment: Not set
                .... 0... = Push: Not set
                .... .0.. = Reset: Not set
                .... ..1. = Syn: Set
                .... ...0 = Fin: Not set
        Checksum: 0xc724 (Correct)
        Data (0 Bytes)

Binary dump of the packet:
0000:  00 02 2A B7 4C 85 00 10 : 4B 6A 0E 0C 08 00 45 00 | ..*.L...Kj....E.
0010:  00 30 7F E5 40 00 40 06 : 5B 70 C0 A8 00 02 CF 77 | .0..@.@.[p.....w
0020:  CF 50 04 A8 00 19 00 29 : F9 FB 00 00 00 00 70 02 | .P.....)......p.
0030:  FF FF 24 C7 00 00 02 04 : 05 B4 01 01 04 02 A0 CD | ..$.............

=====================

Using sockscap to start either program and attempt to use Tor that way
results in each program attempting to connect directly, with results
similar to above, the remote address is somehow modified and
.peculiar.homeip.net is added to the end of the .onion address I am
trying to reach and my current i.p. substituted for whatever it should
be.

However, using sockscap to start telnet.exe and then connect to
rjgcfnw4sd2jaqfu.onion port 25 results in

220 remailer-debian.panta-rhei.eu.org ESMTP Postfix

which is exactly what it should be and what QS 1.4b22 and JBN 2.1.4
should be connecting to when they are set to use Tor.  I'm sure that
some setting somewhere is wrong, but I haven't been able to figure out
why two programs that could use tor a couple weeks ago, cannot do so
now.

Also, using the non-beta version of Quicksilver (1.2.6b2) with it's
internal proxy options set to use tor, all connections work through
tor just exactly as they should. mail is successfully sent via panta's
hidden service and stats can be picked up via hidden service web
pages.



in Him,
 -Ed
- --
Note: If this email does not have a *VALID* PGP signature
you should contact me to verify the content.

The best way to get past my spam filter is to use pgp or
gnupg to encrypt your Mail to me with
RSA Key ID: 0x72A69CD5
(fingerprint: 9751 781B E690 9145 9641 220D E9C1 5265)
This key can be found on public keyservers such as
http://keyserver.kjsl.com:11371/#extract
- -=-=-=-=-=-=-=-=-=-=-=
*Christ is >NOT< Jesus' last name!*
http://peculiar.wcw.net/ps23v4.shtml
Psalm 23 Verse Four - Dark scary places on the road of life

 / \
 \ /   Join the ASCII-Ribbon Campaign to Stamp Out HTML Email !
  X
 / \
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)

iQEUAwUBQ0DIDfu4FzRyppzVAQig5gf2PcFfiAj5U4Yug3CS/aXlBDUubjHkxFiq
P/5g9Eq6sPgDfcxcivvT5s3e6vP2l7aXSofsFakR5ne6ySLdCQcPGy4G1aU+iGp1
7Wx1aQAK2/3aJP8YQs3oQtz/6XKhgumN5MM91xEgj/pmfbrhQBzegjF0gYMt5ZfP
BG0euGZEYlRolVrVi2fuDH6zg+G9FNLOu0fNY7v/JKNRhq7vLAfAJTfHURTYMK5/
TaR86uysIKamJ9W/y+nuhQ5L1tVesFK150irjhQEfdFiPN6/bKhvGvFLEhM5Sf4z
SfohivUtHJoZgCFES/FHnfy61j47rm9Ezali8gMGSIGLRF1KMuVn
=E+dS
-----END PGP SIGNATURE-----
Follow-Ups:
- Re: Tor conection problem
  - From: phobos
Prev by Author: Re: Handbook for bloggers and cyber-dissidents
Next by Author: Re[2]: Tor conection problem
Previous by thread: Re: nym-0.2.1 released (live demo available)
Next by thread: Re: Tor conection problem
Index(es):
- Author
- Thread