JAP,TOR,Socks Proxy ,Tunneling and Stunnel

JAP,TOR,Socks Proxy ,Tunneling and Stunnel
Secure Home | Search | About
Login Password
Register Now! Lost Password?

General Computer Security - General computer security discussions 

Bookmark this page:  YahooMyWeb Yahoo!  Google Google  Windows Live Favorites Windows Live  del.icio.us del.icio.us  digg digg  Add to Netscape Netscape
Subject Author Date
JAP,TOR,Socks Proxy ,Tunneling and Stunnel 611 Folsom Street 09-30-2008
Posted by Sparky on September 30, 2008, 9:47 am
If you were  Registered and logged in, you could reply and use other advanced thread options


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

611 Folsom Street wrote:

> On Tue, 30 Sep 2008 08:50:13 -0400, Ari wrote:
>
>> On Tue, 30 Sep 2008 08:28:47 -0400, 611 Folsom Street wrote:
>>
>>> I'm still a bit unclear about the following points, perhaps the privacy
>>> gurus here can explain.
>>>
>>> 1) What is the major difference between JAP and TOR? Is it merely that
>>> Tor is a socks proxy that allows a suitably "sockified" app to connect
>>> with it, while JAP is strictly for HTTP only?
>>>
>>> 2) When you sockify a app and run it through TOR , your isp is hidden
>>> from whatever you connect to right? But what about your ISP? Can it see
>>> where you are connecting to? Or does it merely see you connecting to the
>>> socks proxy?
>>>
>>> 3)What is tunneling?
>>>
>>> 4)Stunnel appears to encrypt connections so no-one can see what is being
>>> sent right? How does this interact with Tor or JAP?
>>>
>>> Thanks
>>
>> http://www.panta-rhei.dyndns.org/pan...dEncryptionFaq
>>
>> Is a very interesting and detailed guide on how to use Tor, Privoxy,
>> Stunnel, Freecap and DCPP.
>>
>> 1. JAP is an HTTP proxy but can handle HTTP, HTTPS and FTP protocols.
>> It has a limited number of mixes you can connect to so performance can
>> be slow. The client is written in Java so should run on any system where
>> a Java Runtime Environment is available. All traffic is encrypted using
>> 128-bit AES. The JAP client may soon be able to connect to Tor servers
>> (see the comment about JAP at the bottom).
>>
>> Tor uses SOCKS and has more servers available. It should be able to
>> handle any application that can be SOCKSified (not just web/file
>> transfers). Versions are available for Linux/UNIX and Windows but not
>> others (Apple OSX users may be able to use the FreeBSD version). All
>> traffic is encrypted using 128-bit AES.
>>
>> 2. Since both Tor and JAP encrypt traffic, all your ISP will able to
>> see is the encrypted traffic being sent to the first Tor node/JAP mix.
>>
>> 3. Tunneling is using one protocol to carry headers and data for
>> another - for example you could include file transfer protocol commands
>> within an HTTP request to allow it to pass through a firewall that only
>> allowed HTTP. For tunneling to work, it must go to a server that
>> "unwraps" the protocol at the other end. Tunneling can include
>> encryption and authentication but does not have to.
>>
>> 4. Stunnel allows you to tunnel network connections within an SSL
>> (HTTPS) connection providing encryption. It must connect to a stunnel
>> server which then decrypts the data. It does not provide anonymity on
>> its own but a network of stunnel servers randomly routing data between
>> themselves multiple times should give the same level of protection as
>> Tor or JAP.
>
> 1) Can your ISP see where you are connecting to?

Using JAP or Tor, no.

>
> 2) Can your destination figure out your orginating ip

Ditto

>
> 3) Are the contents you send secure against prying eyes on route?

Yes and no. :)

For JAP/Tor alone content is secure right up to the point it reaches
the last hop in whatever "chain" each software uses. At the exit node
Tor and JAP obviously cease to be a factor at all, so everything is
laid out naked for anyone to see. It is, however, still anonymous as
long as there's nothing in that content which identifies you.

>
> I'm less concerned with 1, but it's nice to have if possible.
>
> If I use Tor or JAPS I'm automatically assued of 1)+2) no? But it won't
> protect the contents from being intercepted between the last mix and the
> final destination?

Exactly. For that you need to either make secure connections "natively"
like you do when you visit https://whatever.com with a web browser that
supports SSL (pretty much all of them), or use something like Stunnel
to establish that SSL connection for you.

>
> What if I use a simple annoymizer service? Or just Stunnel?

There's no such thing as a "simple anonymizer service", they're not
really anonymous, and Stunnel doesn't afford you any anonymity at all.
Using those tools alone (without JAP or Tor) you give up 1 and 2, and
possibly 3. :(

-----BEGIN PGP SIGNATURE-----

iEYEAREDAAYFAkjiLgEACgkQUZCI41IC43g6FgCeNojx4UAq/GJNuh5ojU0DS3bw
IvAAnAqEZ1btY/pcYMc7HwNcYnB/xtoQ
=GZS8
-----END PGP SIGNATURE-----

Posted by on October 2, 2008, 8:44 pm
If you were  Registered and logged in, you could reply and use other advanced thread options


> > Tor or JAP.
>
> 1) Can your ISP see where you are connecting to?

Tor uses three hops, the first does not understand where the last hop
will be let alone the destination.

> 2) Can your destination figure out your orginating ip

In you web browser if you have your java on it definitely could
browsing web sites. Read about tor vulnerabilities.

> 3) Are the contents you send secure against prying eyes on route?

Until the last tor hop, if the end site you connect to is encrypted
it's secure all the way. end to end encryption.

> I'm less concerned with 1, but it's nice to have if possible.

Do you mean not seeing it's connected to a tor server, as far as I
know it's possible to use a proxy before
the first hop and even after the last, if the last is 4ncrypted even
better.

> If I use Tor or JAPS I'm automatically assued of 1)+2) no? But it won't
> protect the contents from being intercepted between the last mix and the
> final destination?

Jap is obsolete, at least for web browsing. Tor uses three server hops
and only the last server could see
the content to and from.

>
> What if I use a simple annoymizer service? Or just Stunnel?

I found anon services to only be as trustworthy as the government. It
is an it isn't.

With stunnel you need an ssl proxy server and it will need your ip to
work. You can however instruct stunnel to tunnel the connection
through a proxy.

If you share what you are trying to accomplish you would be better
helped.

Posted by occam on October 1, 2008, 1:45 am
If you were  Registered and logged in, you could reply and use other advanced thread options


Ari wrote:
> On Tue, 30 Sep 2008 08:28:47 -0400, 611 Folsom Street wrote:

>>
>> Thanks
>
> http://www.panta-rhei.dyndns.org/pan...dEncryptionFaq
>

I get address not found.
anyone?

Posted by Sparky on September 30, 2008, 9:36 am
If you were  Registered and logged in, you could reply and use other advanced thread options


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

611 Folsom Street wrote:

> I'm still a bit unclear about the following points, perhaps the privacy
> gurus here can explain.
>
> 1) What is the major difference between JAP and TOR? Is it merely that
> Tor is a socks proxy that allows a suitably "sockified" app to connect
> with it, while JAP is strictly for HTTP only?

That's probably the single largest difference from the user's
perspective. They're similar in concept, with your traffic being
encrypted multiple times and routed through several servers in such a
way that those servers can't collate your activity with an identity.
There's some "under the hood" differences, and the JAP network is
considerably smaller than the Tor network last I knew, but in practical
terms they're quite similar.

> 2) When you sockify a app and run it through TOR , your isp is hidden
> from whatever you connect to right?

You mean your IP address, right?

Yes, it is.

> But what about your ISP? Can it see
> where you are connecting to? Or does it merely see you connecting to the
> socks proxy?

Tor is a "SOCKS proxy" only at the local host typically. Beyond that
it's more of a simple connection based network of servers. So no,
technically your ISP can't see a SOCKS connection.

Your ISP sees only an encrypted connection to whatever entry node your
copy of Tor selects. They know you're using Tor, but can not know
anything about the content of that connection, or where it's ultimately
being made to.

> 3)What is tunneling?

Tunneling is using some third party server or service as an
intermediary or "relay", in such a way that all your tunneled activity
passes through and appears to originate from that third party.
Practical tunneling differs from simple proxying in that the connection
to the tunnel server (VPN, SSH, etc.) is secure, and you normally "log
in" to that server. But technically, even a plain vanilla HTTP proxy is
a "tunnel".

> 4)Stunnel appears to encrypt connections so no-one can see what is
> being sent right? How does this interact with Tor or JAP?

Stunnel, or SSL in general, extends the functionality of JAP/Tor by
securing content beyond the scope of those networks. For example,
without an SSL secured connection a Tor exit node could see everything
in your connection to http://gmail.com. Your login name, password, and
the content of everything you read or write to be sure. SSL keeps that
information out of the hands of the exit node and everyone between that
exit node and Gmail.

Stunnel also adds functionality to software that doesn't support SSL by
serving as a locally running "tunnel" or proxy, accepting plain vanilla
connections on one end and making SSL secured connections on the other.

And yes, I do realize Gmail doesn't even allow plain HTTP connections.
It's only an example. ;)

-----BEGIN PGP SIGNATURE-----

iEYEAREDAAYFAkjiK1IACgkQUZCI41IC43igZwCfVPAGnHbck7ZfuF/JZuT03syE
X5QAoKaujR/L05LD/8KugT3SU8x45pZR
=r+bN
-----END PGP SIGNATURE-----

Posted by Ari on September 30, 2008, 10:37 am
If you were  Registered and logged in, you could reply and use other advanced thread options


On Tue, 30 Sep 2008 13:36:52 +0000 (UTC), Sparky wrote:

> Stunnel, or SSL in general, extends the functionality of JAP/Tor by
> securing content beyond the scope of those networks. For example,
> without an SSL secured connection a Tor exit node could see everything
> in your connection to http://gmail.com. Your login name, password, and
> the content of everything you read or write to be sure. SSL keeps that
> information out of the hands of the exit node and everyone between that
> exit node and Gmail.

This is an important point, it is a known vulnerability without knowing
who runs many of these Tor nodes.

> Stunnel also adds functionality to software that doesn't support SSL by
> serving as a locally running "tunnel" or proxy, accepting plain vanilla
> connections on one end and making SSL secured connections on the other.
>
> And yes, I do realize Gmail doesn't even allow plain HTTP connections.
> It's only an example. ;)

Do you mean Port 80?

Similar ThreadsPosted
Re: JAP,TOR,Socks Proxy ,Tunneling and Stunnel October 2, 2008, 12:57 pm
Re: JAP,TOR,Socks Proxy ,Tunneling and Stunnel October 2, 2008, 12:27 pm
Tunneling newbie? February 21, 2005, 8:52 pm
Encrypted Reverse Shell Utilizing Netcat & Stunnel January 23, 2008, 2:57 pm
Proxy June 15, 2005, 1:31 am
Hiding ip with proxy June 29, 2005, 7:35 am
Re: Know about a proxy server? January 2, 2007, 1:15 pm
Re: Know about a proxy server? January 2, 2007, 7:21 pm
Palm with anonymous proxy December 21, 2004, 10:30 pm
Auto Proxy Login?? Please help March 14, 2005, 4:39 am

The site map in XML format XML site map

Contact Us | Privacy Policy