|
|
|
|
|
Posted by Anonymous Remailer (austria) on September 30, 2008, 2:31 pm
If you were Registered and logged in, you could reply and use other advanced thread options
Ari wrote:
> On Tue, 30 Sep 2008 13:36:52 +0000 (UTC), Sparky wrote:
>
> > Stunnel, or SSL in general, extends the functionality of JAP/Tor by
> > securing content beyond the scope of those networks. For example,
> > without an SSL secured connection a Tor exit node could see everything
> > in your connection to http://gmail.com. Your login name, password, and
> > the content of everything you read or write to be sure. SSL keeps that
> > information out of the hands of the exit node and everyone between that
> > exit node and Gmail.
>
> This is an important point, it is a known vulnerability without knowing
> who runs many of these Tor nodes.
It's not a "vulnerability" you moron, it's common sense. Normal
people, and by normal I mean not like you, wouldn't dare log into
their email or bank/whatever sites without SSL.
So what in your tiny little pea of a brain sees this as something
that unique to Tor, JAP, or anything else?
>
> > Stunnel also adds functionality to software that doesn't support SSL by
> > serving as a locally running "tunnel" or proxy, accepting plain vanilla
> > connections on one end and making SSL secured connections on the other.
> >
> > And yes, I do realize Gmail doesn't even allow plain HTTP connections.
> > It's only an example. ;)
>
> Do you mean Port 80?
Did the poster say anything about ports?
No, nitwit, he did not. Try surfing to www.gmail.com. You're
redirected to a secure connection before the first bit of html is
transmitted. Imagine that.
|
|
Posted by Ari on October 1, 2008, 4:49 am
If you were Registered and logged in, you could reply and use other advanced thread options
On Tue, 30 Sep 2008 20:31:29 +0200 (CEST), Anonymous Remailer (austria)
wrote:
>>> Stunnel also adds functionality to software that doesn't support SSL by
>>> serving as a locally running "tunnel" or proxy, accepting plain vanilla
>>> connections on one end and making SSL secured connections on the other.
>>>
>>> And yes, I do realize Gmail doesn't even allow plain HTTP connections.
>>> It's only an example. ;)
>>
>> Do you mean Port 80?
>
> Did the poster say anything about ports?
Did I click my heels? Back to the cotton then. Instead of picking your
nose.
|
|
Posted by on October 2, 2008, 10:13 pm
If you were Registered and logged in, you could reply and use other advanced thread options
611 Folsom Street wrote:
> I'm still a bit unclear about the following points, perhaps the privacy
> gurus here can explain.
>
> 1) What is the major difference between JAP and TOR? Is it merely that
> Tor is a socks proxy that allows a suitably "sockified" app to connect
> with it, while JAP is strictly for HTTP only?
>
> 2) When you sockify a app and run it through TOR , your isp is hidden
> from whatever you connect to right? But what about your ISP? Can it see
> where you are connecting to? Or does it merely see you connecting to the
> socks proxy?
>
> 3)What is tunneling?
>
> 4)Stunnel appears to encrypt connections so no-one can see what is being
> sent right? How does this interact with Tor or JAP?
>
Stunnel is used to make applications that don't have native ssl tls
support be able to connect to encryption
enabled servers.
Like many usenet nntp clients don't have ssl support, so set the
stunnel script to accept localhost:1026
and remote_server.usenet.com:563
(563 is the default encrypted NNTP port, but any service, usenet pop3
http, can be on any port.)
Then take usenet client without native support and set usenet server
settings localhost:1026
Localhost is local machine, also known as 127.0.0.1
1026 and above are not restricted service ports.
Ok to sum it up in the end if a server does not have encryption then
stunnel will not make an encrypted connection
|
|
Posted by on October 2, 2008, 10:55 pm
If you were Registered and logged in, you could reply and use other advanced thread options
611 Folsom Street wrote:
> I'm still a bit unclear about the following points, perhaps the privacy
> gurus here can explain.
>
> 1) What is the major difference between JAP and TOR? Is it merely that
> Tor is a socks proxy that allows a suitably "sockified" app to connect
> with it, while JAP is strictly for HTTP only?
Tor by default blocks ports that have been abused and used up the bulf
of resources. Like p2p and NNTP
> 2) When you sockify a app and run it through TOR , your isp is hidden
> from whatever you connect to right? But what about your ISP? Can it see
> where you are connecting to? Or does it merely see you connecting to the
> socks proxy?
Just the tor server and an encrypted stream. Tor uses privoxy and that
tunnels the IP address through tor
instead of using the ISPs dns server.
To get a better understanding install wireshark, OK nobody would
expect you to understand this right away.
I still don't know what is happening. Then use encrypted connection
and unencrypted connection.
The encrypted one with tor and privoxy will not show any readable
information and no IP resolving, like
google.com, if it's working right the only IP resolving you will see
will be from other apps. Keep in mind that firefox has the4 newsticker
tab, delete that if you don't want unsolicited IP resolving with fire
fox.
Then unencrypted, that is what a network (wireshark) sniffer can see.
Works the same with all connection, protocols.
> 3)What is tunneling?
Tunneling a process through a server to a final destination. It's kind
of complicated, but simple also. If you were to use stunnel you need a
server to tunnel through to a final destination. Like usenet though a
open proxy, to a usenet server.
> 4)Stunnel appears to encrypt connections so no-one can see what is being
> sent right? How does this interact with Tor or JAP?
I'm not sure you can stunnel through tor, Jap I haven't used for ever.
Jap is not exactly secure if government
asks for access. Stunnel needs a server that accepts encrypted
comments, alone it does no encryption.
> Thanks
> --
> http://tinyurl.com/65pba5
|
| Similar Threads | Posted | | Re: JAP,TOR,Socks Proxy ,Tunneling and Stunnel | October 2, 2008, 12:57 pm |
| Re: JAP,TOR,Socks Proxy ,Tunneling and Stunnel | October 2, 2008, 12:27 pm |
| Tunneling newbie? | February 21, 2005, 8:52 pm |
| Encrypted Reverse Shell Utilizing Netcat & Stunnel | January 23, 2008, 2:57 pm |
| Proxy | June 15, 2005, 1:31 am |
| Hiding ip with proxy | June 29, 2005, 7:35 am |
| Re: Know about a proxy server? | January 2, 2007, 1:15 pm |
| Re: Know about a proxy server? | January 2, 2007, 7:21 pm |
| Palm with anonymous proxy | December 21, 2004, 10:30 pm |
| Auto Proxy Login?? Please help | March 14, 2005, 4:39 am |
|
|
|
XML site map