|
|
= Transocks and TOR =
|
|
|
|
|
|
It works like this:
|
|
|
|
|
|
* Set up iptables (on Linux) to direct all packages to the transocks port (default 1211) on the computer running transocks.
|
|
|
* Transocks forwards tcp-connections to a TOR-client using Socks.V4
|
|
|
* TOR take it from there
|
|
|
|
|
|
== Advantages ==
|
|
|
|
|
|
* Handles all TCP-connections
|
|
|
* Light weight
|
|
|
* Works for all applications. I.e. they do not need to be torified.
|
|
|
|
|
|
|
|
|
== Setup ==
|
|
|
|
|
|
There are three type of computers involved:
|
|
|
|
|
|
* The computer running the TOR server
|
|
|
* The computer running Transocks
|
|
|
* The computer(s) running the applications.
|
|
|
|
|
|
If these are not alle the same computer, the users will have to trust the other computers and the network connections to these.
|
|
|
|
|
|
=== Setting up Transocks: /etc/socks.conf ===
|
|
|
{{{
|
|
|
route {
|
|
|
from: 0.0.0.0/0 to: 0.0.0.0/0 via: 127.0.0.1 port = 9050
|
|
|
proxyprotocol: socks_v4
|
|
|
method: none
|
|
|
protocol: tcp
|
|
|
}
|
|
|
}}}
|
|
|
=== Packets ===
|
|
|
|
|
|
See example at:
|
|
|
http://cvs.sourceforge.net/viewcvs.py/transocks/transocks/README?rev=1.2&view=auto
|
|
|
|
|
|
== Interesting uses ==
|
|
|
|
|
|
Transocks+TOR can be used to make a gateway that transparently anonomize all traffic outwards.
|
|
|
|
|
|
The Linksys WRT54G accesspoint can run both TOR and transocks. This allows wireless clients to connect to the the accesspoint and have traffic routed through TOR. This have at least two uses.
|
|
|
|
|
|
* If he wireless clients encrypt their communication to the accesspoint (eg. WPA) and trust the accesspoint (eg. work or family setting) they are anonymouse.
|
|
|
* The owner of the accesspoint can let anyone share his bandwidth without worrying about being embarrassed by their traffic.
|
|
|
|
|
|
== Problems ==
|
|
|
|
|
|
Because no real proxy is involved and all TCP-ports can be used, there is a bigger risk of an application revealing the clients IP-address in the data. However this is not a serious problem when used in an accesspoint because the address of the accesspoint will not be revealed and the client will have a temporary DHCP-address.
|
|
|
|
|
|
== Links to software ==
|
|
|
|
|
|
Transocks:http://sourceforge.net/projects/transocks/
|
|
|
|
|
|
OpenWRT transocks: http://www.agol.dk/ipkg |