Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Tor Question


  • Please log in to reply
6 replies to this topic

#1 xdwmx

xdwmx

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:20 PM

Posted 08 March 2007 - 02:10 AM

I have been aware of the Tor network for some months but have only started using it earlier today. I am very pleased with the service that Tor offers but i have a few questions.

When i am running Tor with Firefox and i test my machine over at GRC's ShieldsUP it shows that there are many ports either open or closed compared to my usually stealthed system when not running Tor.

Im guessing this is because ShieldsUp is testing the last Tor server en route to GRC and not actually testing my own IP, is this correct and are these results normal? If not how could i configure both my system and my firewall (Kaspersky Internet Security) to run Tor safely without leaving any ports open or closed.

Thanks.

BC AdBot (Login to Remove)

 


#2 thrillhouse

thrillhouse

  • Members
  • 1,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Va
  • Local time:12:20 PM

Posted 09 March 2007 - 02:41 AM

... how could i configure both my system and my firewall (Kaspersky Internet Security) to run Tor safely without leaving any ports open or closed.

Thanks.


wondering the same thing. Don't want to hijack, but I don't want to start a thread on the same thing so I'll add my situation too. I have Black Ice and use Torpark but I don't know how to add torpark to black ice without having to click continue like 5 times everytime I open it.

#3 Walkman

Walkman

  • Banned
  • 1,327 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:20 AM

Posted 09 March 2007 - 11:41 AM

Hello all,,

I use Tor, and I may be able to help.

Just bare with me for a few minutes.. I am finishing up on another computer job, and I'm going to walk my dog... be back in approximately 15 minutes..

#4 Walkman

Walkman

  • Banned
  • 1,327 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:20 AM

Posted 09 March 2007 - 02:10 PM

I've just come from ShieldsUp!

Everything on my computer passed on all tests. :thumbsup: All ports.... everything! Now that's a strong piece of mind of security

From this point on, Tor means Tor, Vidalia, & Privoxy together.
From this point on, browser means Firefox and not IE
=====================================================================

If your Tor is configured correctly, your are stealthed, and the report you have seen was a false positive. I'll explain later on below.

If your Tor is configured correctly, each time you click on a link on that site, and do another test, you should have a totally different ip address. :flowers: Tor works the same way when you're surfing from site to site.


How to test your Tor and make sure you're actually on the network (I use Firefox)

Before I tell you about the test you should take, please understand that Tor uses the ip address of
127.0.0.1 port:8118 to identify you. Very unique, because every computer owns that ip address.

When your Tor is configured correctly and you open your browser, goto Tools>Options>Advanced, then click on the tab Network, then click on Settings..... your setting should look like the image below.
Posted Image

To actually test your Tor, do the following.... and bookmark the links below because you'll want to always be able to know your Tor is working correctly.

goto:
http://www.cmyip.com .... it'll show your ip address, and it shouldn't be your real ip address

then open another tab, and goto:
http://www.showmyip.com .... it'll show your ip address, and it shouldn't be your real ip address.

If you were to check your ip address and then just simply type in another address to check your link, Tor will change your ip address again. :inlove: Very sleek and very unique.

You can bookmark as many ip verification sites as you like, but those two above I've been using for over a year now.
====================================================================

Tor can be setup to be run as a server, making you totally anonymous while p2p'ing. But, if you don't run Tor as a server, then your real ip is known when using/doing any p2p.

Want to know some else great about Tor? If you setup a server on your end, and run it through Tor, your actual web site is anonymous over the internet, as strange as it sounds.. A web site that can't be identified by it's ip address. :trumpet: because the ip address is either a Tor network ip address, which is everyone on the network, which is 127.0.0.1:8118, which is everyone. Ireally don't think it gets better than that.

If you are just surfing and browser using, then you're fine.


As far as other tools that you have, you will need to check their setting and verify that they're configured correctly to run with Tor. Unfortunately, I have never used Kaspersky nor Black Ice (I do have Black Ice though), so I couldn't tell you anything as to configuring them with Tor.

Tip:.. print out the Tor manual/docs .... and remember what I said Tor means. It's much better than trying to sit in front of the computer to read that much info. You will have to get used to using Tor, because it's very powerful, yet it has a learning curve to it.

Along side of Tor, I use PeerGuardian 2. That gives me that extra protection, just in case.


Things to know about Tor.... Tor has been designed to protect your privacy and therefor Tor itself can not identify the real source of an ip address. And I believe that too. But, it's not a 100% guarantee that your ip address can't be found out by using it,,, but to this day, no one has ever been able to do so. If the government uses it to hide their identity, and it works for them... it's all good. I believe just about every big institution is now using Tor.

Tracking cookies, spyware, and other monitoring scrips, codes and such are actually no match for you while using Tor, because the information that they get from your computer, ip address isn't yours, so the next time you log back on the internet, they'll never be able to track you, because your ip address always change, and the info they place on your computer actually goes to ip address 127.0.0.1:8118, which is everyone in the world with a computer. There is no real way they can spy on you as long as you are using Tor. And I see no way this system can be broken. It's like trying to pump all the water out of the ocean.
====================================================================

I can tell you more about Tor, but I think I've given you enough to at least test and verify for now. If you have any more questions about this,, just post back into this thread, so we don't get confused on the Tor topics. I'm not an expert on Tor yet,,, but I will be soon.

I guess I'll do a topic on Open Proxies, and why people better leave them alone, because you're actually using honey pots (a governmental term for a trap proxy server they setup) and other non safe surfing services. I'm glad I didn't have to learn any of this the hard way. Don't learn the hard way either.

Throw out every single hide ip, proxy services, proxy softwares, proxy web sites and all that crap.... in my book?.... they are all officially obsolete. And Tor is the exception to that rule.


Ohhhh, and before I forget... download the Firefox addon called Torbutton. it will allow you to turn Tor off and on, from the browser, and the bottom of it. and get NoScript and ShowIP for Firefox.


I'm out...... post back.

#5 thrillhouse

thrillhouse

  • Members
  • 1,040 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Va
  • Local time:12:20 PM

Posted 16 March 2007 - 03:56 PM

It's working for me, but black ice is still wilin, I just click continue like 4 or 5 times and it works, but when I add the tor dll's they dont stay added.

#6 Walkman

Walkman

  • Banned
  • 1,327 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:11:20 AM

Posted 17 March 2007 - 12:06 PM

Actually, you should just use PeerGuardian 2, and not Black Ice, not unless you're an ip analyzer. Here's the main reasons why I say don't use Black Ice if you're having issues while using Tor.

1. Black Ice has a ping function, which can be bad for you, because if you ping an ip address or domain, you're actually making a connection to it, and then your ip address is logged. With PeerGuardian 2, all you do is block them, and don't even attempt to trace them, because since they were blocked, they never got into your computer. With Black Ice, you're opening up that window for them to log your ip address.

2. Black Ice, along with many other firewalls don't know the difference between bad/banned ip addresses from any ip address at all, and when you allow it to allow your browser to go on the internet, you actually allow banned ip addresses to get into your computer.

3. Black Ice, along with mostly every firewall will not block many ip's once you're online surfing from site to site. It may stop periodically from site to site, but you have no idea of what it actually let get connected to your computer.

Here is one example, a true one at that:
Most people will allow Micr0$oft to automatically update their computer, thus, allowing the ip range of Micr0$oft connect to their computer, and at the same time, allow their computer to connect to them. Right there you've opened up a security breach. With PeerGuardian 2, Micr0$oft is on the banned/blocked ip list, and that means, even if my computer wanted to update, it won't happen, and, at the same time, every ip, and ip range of Micr0$oft is blocked from my computer, and that means I can't go to any of their ip addresses.

But now....... Tor.... when I'm using Tor along with PeerGuardian 2, I can go to M$ web site and such, and that is because Tor is connecting me to them, and them to me, ... and at the same time, not actually accessing my computer....... which means that PeerGuardian 2 haven't had an attempt from M$ trying to access my computer. Yet, at the same time, no access to M$ from my computer will go through.

I would have to do a video tutorial to really let you see them all work, in real time, and to better explain it.

One of the problems you may be having is that Tor uses the ip address 127.0.0.1. And that will throw off every ip monitoring software I can think of. How can you track 127.0.0.1? You can't, not that I've ever heard of such a possibility anyway.

Ohhhhh, and when you said:

It's working for me, but black ice is still wilin, I just click continue like 4 or 5 times and it works, but when I add the tor dll's they dont stay added.

That seems to be because Tor is constantly changing your ip address. I'm not sure, but it seems to be that. Even if you use Black Ice or any other firewall, use PeerGuardian 2... it's a ip blocking firewall. And right now, my PG2 is blocking over 2.9 [b]billion
ip addresses from connecting to my computer, and my computer connecting to those ip addresses too.

It's all about security, and not about avoiding apprehension.

#7 Indrananda

Indrananda

  • Members
  • 9 posts
  • OFFLINE
  •  
  • Local time:11:20 AM

Posted 03 April 2007 - 02:48 AM

Okay, so I'm running tor, but all those sites show my real IP... What am I doing wrong? Also I'm pinging back when pinged at GRC's site. I'm running Firefox, and have the tor/vidalia pkg. Shouldn't it be showing a dif IP?
Thanks, I'd like to get this resolved, as I'm very puzzled at the moment.
Indy




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users