why TOR seems to work, even only port 23/TCP is open ?
Hello.
I checked with the following nmap-command what port are open on the GW/firewall: # nmap domain.name PORT STATE SERVICE 23/tcp open telnet My idea was, that TOR requires much more open ports.... Or do I miss something? Thank's a lot for additional help! John |
Quote:
tor normally runs on port 9050...but this is normally on the localhost rather then a router/gateway. the idea is that you will forward traffic to localhost:9050 and this in turn connects out to tor hosts:443 |
Quote:
Thank's for the promt reply. Good question! I just started/booted the pc from the Icognito LiveCD and connected a website and - yes that site is shown in the www browser, and the connection is slow. In TorK -> TorNetwork -> Connections the following connections are displayed: Source Host/Port -> www.ibm.com:443 -> stats.surfaid.ihost.com:80 -> www.ibm.com:80 -> data.coremetrics.com:80 -> www.ibm.com:80 Thank's a lot for additional help/informations! John |
Quote:
Code:
lsof -i TCP | grep 9050 |
Quote:
Quote:
Thank you! John |
Quote:
Code:
apt-get install lsof |
Quote:
localmachine listens on 9050. say for example my company had blocked outgoing connections to msn port 1863, i could configure msn settings to point via a proxy on port 9050 of localhost. so my outgoing msn connections would work like this Code:
|
Quote:
In TorK -> Tor Log there are somestrange log entries: Time---------------->Severity---------->Summary 2009-12-17 17:10--->Tork------------->(1 of 1) Are you sure your privacy proxy is running? 2009-12-17 17:10--->WARN------------->(1 of 1) Controller gave us config lines that didn't validate: Unkfnow option '_ReloadTorrrc0 2009-12-17 17:10--->WARN------------->(1 of 1) Controller gave us config lines that didn't validate: Must set TunnelDirConns if Prefer 2009-12-17 17:10--->WARN------------->(1 of 1) Closing no-longer-configured OR listener on 0.0.0.0:9001 2009-12-17 17:10--->NOTICE------------->(1 of 1) Closing no-longer-configured Directory listener on 0.0.0.0:9030 2009-12-17 17:10--->NOTICE------------->(1 of 1) Closing old OR Listener on 0.0.0.0:9001 2009-12-17 17:10--->NOTICE------------->(1 of 1) Closing old Directory Listener on 0.0.0.0:9030 2009-12-17 17:10--->TorK------------->(1 of 1) Your Broadband Router My Not Be Plug 'n Playable! 2009-12-17 17:10--->TorK------------->(1 of 1) Your Traffic CAN Be Eavesdropped! Why all those messages? Because only TCP port 23 is open? I just booted my PC from the Icognito LiveCD and hoped to be be protected :-( Thank's a lot for any additional informations! John |
You can use torify
Code:
torify pidgin Quote:
|
There's a bit of confusion here. I'll cover them one by one:
Quote:
It should be noted that on most networks, outgoing connections are allowed on all ports. Unless you're on a locked-down corporate network or have locked it down yourself you're unlikely to get problems with Tor this way. Quote:
Quote:
Quote:
|
Quote:
Thank's a lot for the clarifications :-) But now I do have an addtional question: On TorStatus the ORPorts and DirPorts of the different Tor routers are shown. Does that mean, if my server circuit does consist on abc-server(ORPort 443/DirPort9030) and def-server(ORPort 9001/DirPort9030)and ghi-server(ORPort 442/DirPort9030), my firewall/gateway should allow outgoing tcp connections to at least these 6 tcp ports? Thank's a lot for any additional clarification! John PS I do understand, that it would be better to allow outgoing connections to/on all tcp-ports :-) |
Quote:
The way I see it, outbound port filtering is basically useless and certainly shouldn't be considered as a security measure. So unless you don't have control over your firewall (i.e. if you're on a locked-down coproprate network or something) I recommend you do allow all outbound traffic. |
All times are GMT -5. The time now is 03:27 PM. |