[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Set up a webproxy to TOR - tor-proxy.net



Hi Robert,

you wrote:

> So is your cgi-proxy routing everything to an instance of privoxy/polipo 
> running on your machine or directly to the tor socks port? 
> 
> If it is routing everything to privoxy/polipo, what configuration are you 
> using?
> 
> I think it is this sort of detail that phobos has in mind.

Okay, here are how it works.

There is CGIProxy which gets the requests over an SSL-secured channel.
It takes them, and give it to a local squid-instance, which does some
caching to speed things up and take load of the TOR-network. If
requested data is not in the cache, squid gives the request to local
running privoxy, which routes it to the local running TOR-server.
Using privoxy seems to be senseless, but I did not find the possibility
to make squid route to socks.

To prevent any DNS-Leaks, I redirect all outgoing traffic to port 53 to
the dns-proxy of Fabian Keil
( http://www.fabiankeil.de/blog-surrogat/2006/06/08/von-kopf-bis-fuss-auf-tor-eingestellt.html ) 

You can see that TOR is resolving DNS, because it is possible to access
HiddenServices.

Probably I will kick squid out of the setup for legal reasons. I am
currently unsure, if I am responsible for (illegal) content in the
squid-cache. So I have to read up about this.

Do you see anonymity-risks there or have ideas to make things better?

Best Regards,
Ricky.

Attachment: signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil