On 12/10/12 18:43, Kamtarin Sorood wrote:
Were I setting it up for everything to use tor and as such planning for no direct DNS requests from my system I personally would be inclined to firewall all outgoing traffic to any address TCP & UDP to port 53 note that even doing such as configuring the DNS server settings in network settings is not always enough to guarantee some program wont attempt a resolution itself. While many client applications do rely on having a DNS forwarder and would promptly just fail without one if there is software with full resolver capability it can always go for the fallback of a traversal from .Yes , you are right , But in some cases the anonymity is not the main goal of using tor. For exam. in my country Youtube is filtered and i use Tor to overcome and bypassing filtering system only. Furthermore the important issue of using Flash player and proxifiers concurrently is a vulnerability known as "DNS leakage" . The configuration file of TBB has been modified to prevent this issue. You can modify related configuration in normal FireFox installed on your system manually. For this open a new tab and type a local url about:config ,Accept the FireFox warning and next type remote in search bar.Some lines included "remote" keyword will appear. Select the line which says : "network.proxy.socks_remote_dns" ,default value for this variable is False double click on it and change the value to "True". From now all DNS requests will be passed through Tor and not directly. Although you should be aware about some programs like GoogleTalk and other messengers which are tending to obtain ip using DNS lookup directly. On Fri, Oct 12, 2012 at 3:58 AM, Joe Btfsplk <joebtfsplk@xxxxxxx> wrote:On 10/11/2012 3:07 PM, Kamtarin Sorood wrote:* Hello I don't know what is the reason for your insistence on using FireFox bundled into Tor browser package while privacy and maximum security is not the case. After lunching bundled FireFox and showing welcome screen you can minimize that and lunch your normal FireFox then set its Socks section of proxy settings to 127.0.0.1 port 9050 and see and play all restricted medias such as flash videos. This is my shortest and easiest method to resolve that problem * On Fri, Oct 5, 2012 at 7:30 AM, k e bera <keb@xxxxxxxxxxxxxx> wrote: On Thu, 4 Oct 2012 16:37:00 -0700numetro <numetro@xxxxxxxx> wrote: I've now tried everything and I cannot get ANY Flash content to play inthis Tor-Firefox ESR web browser, even though I've tried installing the Flash player plugin that this browser asks for when I'm on a YouTube page (and even though this computer already had a current Flash Player plugin installed previously). Let me make it clear that privacy is not important to me _/*right now*/_ during this quest to make the Flash Player plugin work with this Tor browser... I can reset any settings for maximum privacy later when I go back to that purpose for using Tor... right now, I'm just trying to make the Tor browser play Flash content.i have gotten Flash content to play on Youtube with the Gnash player plugin (using RequestPolicy to restrict who gets to see my requests) but it is necessary to enable plugins and 3rd party cookies for the session. even then it doesnt work for all videos. you can bypass Flash on Youtube if you enable HTML5 enabled or manually add &webm=1 to the url, but it doesnt work for all videos especially for those that interact with doubleclick.net(i wouldnt be sad if someone nuked those parasites). So even though I've /*UNCHECKED*/ the /*Torbutton>Preferences>**Security Settings>Disable plugin during Tor usage*/ box, and I installed a new Flash player plugin /*THROUGH*/ this browser, and I even set it to allow all scripts because I thought maybe that was complicating things, /*IT STILL WILL NOT PLAY FLASH CONTENT OF ANY TYPE*/. /*Now, this, explained below, could be part of the problem that I'd like to ask for your help with...*/ If I go to the Tor Browser folder on my hard drive at /*C:>Tor Browser>FirefoxPortable>Data>**plugins*/ there are NO Flash plugin files that show up in that folder even after I install a new Flash Player plugin THROUGH this browser... I believe that is why it will not play Flash content.Yes, you CAN run unmodified Fx & the Tor proxy, but NO, it won't havethe settings & modifications of TBB, that provide extra anonymity. TBB is modified & Flash content (Flash Player) disabled for a reason. It can leak your identity or make it easier to identify you. If you don't care so much about that, maybe Tor isn't needed at all. Don't know if there are apps / addons that allow d/l a flash video to disk, w/o playing the video - at same time capturing it. Even if, extra apps / addons can present anonymity problems. NoScript also blocks Flash, by default - for a reason. The purpose of TBB isn't really to watch flash vids anonymously. ______________________________**_________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/**cgi-bin/mailman/listinfo/tor-**talk<https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
Another option is to use tor as your DNS forwarder in your network settings which would make sure that any application relying on the OS to provide that information used tor for DNS. If I understand the manual correctly this is possible by setting the options DNSPort and DNSListenAddress using the standard port 53 listening on 127.0.0.1 would probably be about easiest to configure, then it would just be a matter of changing your network properties to use the same, usually this is possible while still having IP addresses etc come from DHCP.
Only issue you might have with doing that is that DNS timeouts are typically pretty short, I could see it being likely that for uncached addresses you might get a DNS fail first try though a reload a second or two later should work.
Of course firewalling off other traffic going out to 53 still wouldn't be a bad idea in case some application has other ideas about where to resolve names.
_______________________________________________ tor-talk mailing list tor-talk@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk