[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Confused about Tor settings

On Sat, 07 Oct 2006 Total Privacy replied to George Shaffer:
> > As for the DNS leaks, I think more is being made of this than it

> WasÂnt this solved several months ago, in Torpark (Windows)? 

I have no idea, but even if it was, it doesn't mean it's solved in 
Tor. If so, their solution may be directly applicable, but Torpark
does not seem to be making their full source available. I downloaded
their source package, and it had only one medium size source file
and several non text files. I could find no copyright or credits
for any Firefox or Tor developer.

> > Even if it's encrypted Tor traffic, they still know at a minimum the
> > Tor entry node it's for, and depending on how well the Tor headers >
> are constructed, may even be able to find the final destination.

> That must be wrong. What do you mean by "Tor headers"? As far as I can see 
> in packet logs, the "Tor headers" only appear when a circuit is established 
> initially (such as in the startup process) and donÂt contain anything about 
> exit destination, unencrypted. The rest of session just looks like random 
> garbage (encrypted) also with DNS request in it, not in clear visible. 

My mistake. You are most likely right regarding the final destination 
and content. As long as the cryptography is sound, the ISP is unlikely to 
break it; since Tor requires OpenSSL this should be the case. I did not
understand that the full content of all Tor packets was encrypted, but if
you've been looking at them, I'll take your word.

Regarding the entry node, every TCP (and UDP) packet has to have some 
destination where it's expected in an IP header. If they don't, routers
would not know what to do with the packet. In the case of Tor packets
leaving the original client, this would be the entry node, not the real 

George Shaffer

PS Sorry about the lack of headers to thread this properly. My ISP, Comcast,
blocked about 30 messages from Friday afternoon to Sunday afternoon and I
had to get this off the web, and build a reply in a new message.