|
|
|
|
|
Posted by Barry Margolin on October 1, 2008, 1:22 am
If you were Registered and logged in, you could reply and use other advanced thread options
> > 2) Can your destination figure out your orginating ip
>
> Not from the traffic alone - it will appear to come from the last server
> in Tor/JAP. However Java or Javascript can be used to find this
> information from your browser (hence the reason for using Proxomitron or
> another web filter to stop this). To see what information your browser
> reveals, visit a site like BrowserSpy or Leader Network Tools.
If you're using a NAT router, the IP that it will get from the browser
is your private IP behind the router. This isn't very useful to them.
BrowserSpy shows this as the "local address". It also displays "IP
address", but it's getting this from the HTTP connection, and if you go
through a TOR or JAP it will be the address of the last hop, not your
originating IP.
--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
|
|
Posted by on October 2, 2008, 11:27 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Ari wrote:
> On Tue, 30 Sep 2008 08:52:28 -0400, 611 Folsom Street wrote:
>
> > 1) Can your ISP see where you are connecting to?
>
> They will be able to see a connection to the first server of JAP or Tor
> but not where they connect to in turn - so they will not know the
> ultimate destination. Assuming that you are running a firewall, this
> should report the same information - as will a netstat command run from
> a command prompt window.
Yes netstat will show all connections your computer is connected to.
Same as the ISP can see, nothing after the TORT server(s)
> > 2) Can your destination figure out your orginating ip
>
> Not from the traffic alone - it will appear to come from the last server
> in Tor/JAP. However Java or Javascript can be used to find this
> information from your browser (hence the reason for using Proxomitron or
> another web filter to stop this). To see what information your browser
> reveals, visit a site like BrowserSpy or Leader Network Tools.
>
> It is also possible for a webpage to include Java/Javascript code
> designed to cause a browser to make a direct connection bypassing any
> proxies.
Same goes with FTP so change web browser settings to use tor with FTP,
TOR doesn't do FTP but it is good to block unintended connections. Use
all settings with tor.
Aside from blocking all Java/Javascript, the best defence
> against this is to use your firewall to restrict your browser to
> contacting the proxy only.
Likewise flash can reveal an IP address, So use IE for flash sites and
don't let flash be installed on firefox.
|
|
Posted by Barry Margolin on October 3, 2008, 6:03 pm
If you were Registered and logged in, you could reply and use other advanced thread options
In article
astroncer@yahoo.com wrote:
> Likewise flash can reveal an IP address, So use IE for flash sites and
> don't let flash be installed on firefox.
If you're behind a NAT router, Flash, Java, and JavaScript will only
know your private IP, not your routable IP. So it's not a big deal in
this case.
--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE don't copy me on replies, I'll read them in the group ***
|
|
Posted by Cyberiade.it Anonymous Remaile on October 6, 2008, 9:46 am
If you were Registered and logged in, you could reply and use other advanced thread options
Barry Margolin wrote:
> In article
> astroncer@yahoo.com wrote:
>
> > Likewise flash can reveal an IP address, So use IE for flash sites and
> > don't let flash be installed on firefox.
>
> If you're behind a NAT router, Flash, Java, and JavaScript will only
> know your private IP, not your routable IP. So it's not a big deal in
> this case.
WRONG!
The more common functions for determining local IP addresses will
return non-routeables, but there's been numerous examples of Java
especially performing little tricks like DNS lookups or
establishing side channel connections that TOR/JAP don't manage to
discover public IP addresses.
Never, NEVER make anonymous connsctions with that crap enabled.
Shut off Java/JS, flash, cookies, everything. And don't rely on
things like Privoxy to filter them either unless you absolutely
have to. Disable them completely. Privoxy is as likely to fail as
your browser's proxy settings.
>
|
|
Posted by Sparky on October 6, 2008, 12:10 pm
If you were Registered and logged in, you could reply and use other advanced thread options
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160
Cyberiade.it Anonymous Remailer wrote:
> Barry Margolin wrote:
>
>> In article
>> astroncer@yahoo.com wrote:
>>
>> > Likewise flash can reveal an IP address, So use IE for flash sites and
>> > don't let flash be installed on firefox.
>>
>> If you're behind a NAT router, Flash, Java, and JavaScript will only
>> know your private IP, not your routable IP. So it's not a big deal in
>> this case.
>
> WRONG!
>
> The more common functions for determining local IP addresses will
> return non-routeables, but there's been numerous examples of Java
> especially performing little tricks like DNS lookups or
> establishing side channel connections that TOR/JAP don't manage to
> discover public IP addresses.
Has any of this ever been actually demonstrated to be a threat in the
real world? Have you a cite, perchance. :)
>
> Never, NEVER make anonymous connsctions with that crap enabled.
> Shut off Java/JS, flash, cookies, everything. And don't rely on
> things like Privoxy to filter them either unless you absolutely
> have to. Disable them completely. Privoxy is as likely to fail as
> your browser's proxy settings.
I agree with this 100%. It's not just common sense, it's what Tor's
maintainers recommend. Disable the crap if you can... fall back to
Privoxy/Polipo if you must.
-----BEGIN PGP SIGNATURE-----
iEYEAREDAAYFAkjqNqsACgkQUZCI41IC43h+GACeNUkVviLeMCUl45rnFBFT/FTF
eU4AnRcPtCA5jeeJsMJRbkkLMLOxhiyb
=J4Ol
-----END PGP SIGNATURE-----
|
| Similar Threads | Posted | | Re: JAP,TOR,Socks Proxy ,Tunneling and Stunnel | October 2, 2008, 12:57 pm |
| Re: JAP,TOR,Socks Proxy ,Tunneling and Stunnel | October 2, 2008, 12:27 pm |
| Tunneling newbie? | February 21, 2005, 8:52 pm |
| Encrypted Reverse Shell Utilizing Netcat & Stunnel | January 23, 2008, 2:57 pm |
| Proxy | June 15, 2005, 1:31 am |
| Hiding ip with proxy | June 29, 2005, 7:35 am |
| Re: Know about a proxy server? | January 2, 2007, 1:15 pm |
| Re: Know about a proxy server? | January 2, 2007, 7:21 pm |
| Palm with anonymous proxy | December 21, 2004, 10:30 pm |
| Auto Proxy Login?? Please help | March 14, 2005, 4:39 am |
|
|
|
XML site map