Transocks and TOR

It works like this:

• Set up iptables (on Linux) to direct all packages to the transocks port (default 1211) on the computer running transocks.
• Transocks forwards tcp-connections to a TOR-client using Socks.V4
• TOR take it from there

Advantages

• Handles all TCP-connections
• Light weight
• Works for all applications. I.e. they do not need to be torified.

Setup

There are three type of computers involved:

• The computer running the TOR server
• The computer running Transocks
• The computer(s) running the applications.

If these are not alle the same computer, the users will have to trust the other computers and the network connections to these.

Setting up Transocks: /etc/socks.conf

route {
       from: 0.0.0.0/0   to: 0.0.0.0/0   via: 127.0.0.1 port = 9050
       proxyprotocol: socks_v4
       method: none
       protocol: tcp
}

Packets

See example at: http://cvs.sourceforge.net/viewcvs.py/transocks/transocks/README?rev=1.2&view=auto

Interesting uses

Transocks+TOR can be used to make a gateway that transparently anonomize all traffic outwards.

The Linksys WRT54G accesspoint can run both TOR and transocks. This allows wireless clients to connect to the the accesspoint and have traffic routed through TOR. This have at least two uses.

• If he wireless clients encrypt their communication to the accesspoint (eg. WPA) and trust the accesspoint (eg. work or family setting) they are anonymouse.
• The owner of the accesspoint can let anyone share his bandwidth without worrying about being embarrassed by their traffic.

Problems

Because no real proxy is involved and all TCP-ports can be used, there is a bigger risk of an application revealing the clients IP-address in the data. However this is not a serious problem when used in an accesspoint because the address of the accesspoint will not be revealed and the client will have a temporary DHCP-address.

Links to software

Transocks:http://sourceforge.net/projects/transocks/

OpenWRT transocks: http://www.agol.dk/ipkg