Showing posts with label TOR. Show all posts
Showing posts with label TOR. Show all posts

Monday, September 15, 2008

Addition to the TOR setup test (HTTP proxy bypass)

So what happen if you surf over HTTPS? (yes, some people would like to do so...)

A simple outbound rule "from:Client to:ANY service:HTTPS" will help but also open TOR (there are only a few TOR router listening on 443, but enough for a successful connect). Also a simple HTTP proxy which just forwards the HTTPS connection does the job: TOR will work.

But what if you UTM solution filters also HTTPS traffic?
The division will test and let you know.
Posted by at No comments:
Labels: , , , ,

Sunday, September 14, 2008

HTTP proxy bypassing: TOR


First technique tested: TOR
Because there is no Firefox extension with TOR support built in, the division installed the TOR package first, which includes a TOR based HTTP proxy: Privoxy.

The only thing man needs then is to configure the network settings in Firefox to 127.0.0.1:8118 - that's it.
Why installing an additional extension like Torbutton or FoxyProxy? (btw: Tor-Proxy.NET forwards all traffic to 1 private server and later to TOR... (al least they claim so))

So, does TOR help to bypass a HTTP proxy (in our test): nope.

The division does not have an insane "outbound allow all"-packetfilter rule on its firewall config, and that makes it very hard for the local tor-daemon to get a connect to his network. Configuring port 80 and activate "My firewal only lets me connect to certain ports" does not help, because the HTTP proxy of the UTM device does what it should do: filter out non-HTTP traffic.
Last chance: activate "My ISP blocks connections to the TOR network" and configure a TOR-bridge.
So, how should that work without "outbound allow all"...
Posted by at No comments:
Labels: , , , ,

Friday, September 12, 2008

HTTP proxy bypassing techniques disclosed

Today the division got non-anonymous hints about HTTP proxy bypassing:
  • "cached"-mark requests not inspected again - mmhh... ??? (maybe a flaw in a prehistoric SQUID-based HTTP proxy)
  • TOR support built in in Firefox: nope... but there are 3 extensions, actually only 2
  • SSH-based tunnel (yeah, not really new)
  • extra-install-tools (for all those who think squid is something you can eat, tor is the reverse of rot and SSH is the secret service of Elbonia)
The division will check it and let you now.

(If you have some secret information about HTTP proxy bypassing: let us (geheimp@mailservice from google) know, we are the right division for it.
Posted by at No comments:
Labels: , , , , , , ,
Subscribe to: Posts (Atom)