Hi Robert, you wrote: > So is your cgi-proxy routing everything to an instance of privoxy/polipo > running on your machine or directly to the tor socks port? > > If it is routing everything to privoxy/polipo, what configuration are you > using? > > I think it is this sort of detail that phobos has in mind. Okay, here are how it works. There is CGIProxy which gets the requests over an SSL-secured channel. It takes them, and give it to a local squid-instance, which does some caching to speed things up and take load of the TOR-network. If requested data is not in the cache, squid gives the request to local running privoxy, which routes it to the local running TOR-server. Using privoxy seems to be senseless, but I did not find the possibility to make squid route to socks. To prevent any DNS-Leaks, I redirect all outgoing traffic to port 53 to the dns-proxy of Fabian Keil ( http://www.fabiankeil.de/blog-surrogat/2006/06/08/von-kopf-bis-fuss-auf-tor-eingestellt.html ) You can see that TOR is resolving DNS, because it is possible to access HiddenServices. Probably I will kick squid out of the setup for legal reasons. I am currently unsure, if I am responsible for (illegal) content in the squid-cache. So I have to read up about this. Do you see anonymity-risks there or have ideas to make things better? Best Regards, Ricky.
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil