Tor-Firefox-Proxomitron

[Liquidslam]

Hi,

I have the above three (latest versions of Tor and Firefox) and would like to know how to integrate them. The only threads I have been able to find on this subject relate to using Tor with Proxomitron and either Privoxy or SocksCap. But nothing on this or any other site relating to all three. Hopefully somebody can point me in the right direction.
Originally I toyed with the idea of using Jap instead of Tor which would have made things easier but I was put off by the infamous backdoor scandel of a few years back. Other than that is there much difference between the two as far as security is concerned?

Many thanks for your help.

[WSFuser]

check this thread from teh The Un-Official Proxomitron Forum

[Liquidslam]

I'm in your debt.
Thanks to the info on that site I was able to put the whole thing together and it actually works, though I'm not too sure how to check whether the Tor part is pulling it's weight. It also cleared up a misconception. Because I'd read that you did not need a proxy like Privoxy when using Firefox with Tor I had assumed that the threads relating to Tor-Proxomitron-Privoxy\SocksCap integration only applied when using IE. In otherwords I hadn't done my homework.

thanks for this thread. Question: Do I have to allow each one of these pop ups?
There's a lot.

http://img380.imageshack.us/img380/7468/tor5xq.png

[tony62]

thnx,
see post #13 of this thread here,

Quote:

Liquidslam Hi,

I have the above three (latest versions of Tor and Firefox) and would like to know how to integrate them.

I have used this method here, after trying almost all. I have found that this approach is faster, and i can confirm that it does not leak DNS requests Providing you don't use any extensions that perform IP lookups.

[WSFuser]

Quote:

Originally Posted by thnx

thanks for this thread. Question: Do I have to allow each one of these pop ups?
There's a lot.

http://img380.imageshack.us/img380/7468/tor5xq.png

i do not know of any rules for tor in outpost, until u find rules, either allow each one or allow all.

Quote:

Originally Posted by tony62

thnx,
see post #13 of this thread here,

thanks for that. Some of the ports were different when setting them for privoxy after following this setup

I have a quick question. Following this set up:

Quote:

'Torifying' Select Sites

For those of you who have some sites you would like to be anonymous on, this filter I wrote will be handy.

It consists of one header filter, and a Lists file. Sites included in the List file will be routed through Tor (and Privoxy). This makes it so that you do not have to turn on Proxomitron's "Remote Proxy" feature!

Simply download it, extract the Lists folder and "Torify.mergeme" to the same folder "Proxomitron.exe" is located and merge "Torify.mergeme" with your config file.

If I turn off remote proxy in proximitron, my real IP shows at: http://www.whatismyip.com/ - is there something wrong with set up?

[Paranoid2000]

Quote:

Originally Posted by tony62

I have used this method here, after trying almost all. I have found that this approach is faster, and i can confirm that it does not leak DNS requests

It's worth noting that using Firefox's SOCKS proxy settings to connect to Tor directly will bypass Proxomitron. To use Proxomitron's filtering, Firefox has to connect to it (using HTTP proxy settings) and Proxomitron then has to connect to Tor - either via Privoxy or by being launched using SOCKScap/Freecap.

Quote:

Originally Posted by thnks

If I turn off remote proxy in proximitron, my real IP shows at: http://www.whatismyip.com/ - is there something wrong with set up?

If you disable Remote Proxy in Proxomitron, it will connect directly, not using Tor, so there is nothing wrong with your setup. You need to keep the Remote Proxy setting enabled if you wish to have online anonymity.

Quote:

Originally Posted by Paranoid2000

If you disable Remote Proxy in Proxomitron, it will connect directly, not using Tor, so there is nothing wrong with your setup. You need to keep the Remote Proxy setting enabled if you wish to have online anonymity.

perhaps you did not read my quoted post but I appreciate your reply - also does tor need to be running in taskbar? It can't go to tray?:

Quote:

'Torifying' Select Sites

For those of you who have some sites you would like to be anonymous on, this filter I wrote will be handy.

It consists of one header filter, and a Lists file. Sites included in the List file will be routed through Tor (and Privoxy). This makes it so that you do not have to turn on Proxomitron's "Remote Proxy" feature!

* - * I sure get a lot of "404" using this

looks like I need to edit the tor file

[Paranoid2000]

Quote:

Originally Posted by thks

perhaps you did not read my quoted post but I appreciate your reply

I'll plead insanity (though it is also past my bedtime here in Blighty...). If you are using a filter to control proxy access to specific sites then you would need to add the likes of WhatIsMyIP to it to see the result of Tor.

Quote:

Originally Posted by thks

- also does tor need to be running in taskbar? It can't go to tray?:

Tor itself can only be minimised to the Taskbar. However you could try Tor Control Panel if you want something "system trayable".

[toploader]

i'm getting confused about all this, it's complicated and i don't really fully understand SOCKS and SOCKSCAPS etc

why do you need proxomitron if you are using tor and privoxy? presumably it's for reasons other than anonimity?

i thought p2000 answered the question as to why anonimity was lost when turning remote proxy off? didn't he

can someone sum up in simple language where we have got to and what works and what doesn't?

confused of tunbridge wells

[Paranoid2000]

Quote:

Originally Posted by toploader

why do you need proxomitron if you are using tor and privoxy? presumably it's for reasons other than anonimity?

Some form of web filtering is essential for full anonymity. Tor can disguise your real IP address and conceal your traffic from your ISP but certain features of browsers and web pages (e.g. cookies, web bugs, referers) can still be used to build a profile on you or track your online activities. A web filter can take care of these and Proxomitron is one of the most powerful.

Quote:

i'm getting confused about all this, it's complicated and i don't really fully understand SOCKS and SOCKSCAPS etc

why do you need proxomitron if you are using tor and privoxy? presumably it's for reasons other than anonimity?

Here's what i gather.

1) Tor is a socks proxy, if your application supports socks directly you don't need anything else.

2) Firefox, IE, Opera most browsers *do* support socks directly, so you can connect to Tor directly if you wish except for a little snag.

3) Prior to 1.5, firefox has some technical problem due to DNS leaks (basically DNS lookups are not sent through TOR) not too bad a problem, but it can possibly tell whoever is monitoring DNS lookups (your ISP!) which site you are going to.

4) To solve 3), people chain Firefox with privoxy which supports Socks.

5) But some people prefer proxomitron which is more popular and has a lot of excellent filter packs around but there's a snag,.Proxomitron unlike privoxy does not support Socks. This led to two possible solutions.

6) One solution is to 'sockify' proxomitron. Once you sockify any application it can now work with socks. So people sockified Proxomitron with either freecap or sockscap. So you get the solution Firefox + Proxomitron (sockified) + Tor

This is the method mentioned on one of the posts here on wilders forum

7) Second solution is to chain proxomitron and Privoxy. This is the method advocated by Kyle - a big proxomitron fan. In effect you have Firefox + Proxomitron + Privoxy + Tor

It seems based on the information given now, problem 3) no longer applies with firefox 1.5, so there is no reason why you can't run Firefox directly with Tor.

9)Unless you want the filtering that Proxomitron provides of course. But if you have other ways of handling that (say you turn off javascript, java 100%, you set firefox or use extensions to change your user agent, referrer)
or you don't care at all about anything but showing a different ip on server logs (assuming no javascript,java tricks), You can now dispense with either of the two methods above.

Is this an accurate summary Paranoid2000?

Small addition

9a) To solve the problem with firefox and DNS, you need to follow the instructions here

PS I haven't tried this method, unlike the other two methods.

[tony62]

Quote:

Originally Posted by Paranoid2000

It's worth noting that using Firefox's SOCKS proxy settings to connect to Tor directly will bypass Proxomitron. To use Proxomitron's filtering, Firefox has to connect to it (using HTTP proxy settings) and Proxomitron then has to connect to Tor - either via Privoxy or by being launched using SOCKScap/Freecap.If you disable Remote Proxy in Proxomitron, it will connect directly, not using Tor, so there is nothing wrong with your setup. You need to keep the Remote Proxy setting enabled if you wish to have online anonymity.

Yes this is true P2K, as i have used all of the various setups.
What i have now found though, is what i believe to be a better setup:

1, Firefox 1.5 with this setup here
2,Selective extensions from this guide here

Works flawlessly, easy to control, and only requires two process running to do the job.

Thank you all the same, for all the hard work that you and all the others have put into the terrific guides, that also works very well

Quote:

Deviladovcate Small addition

9a) To solve the problem with firefox and DNS, you need to follow the instructions here

PS I haven't tried this method, unlike the other two methods.

I have already mentioned this in post #5

Quote:

Originally Posted by tony62

I have already mentioned this in post #5

Yes, on the behalf of the whole Wilders Security Forum, neigh the whole security community of the internet I thank you for bringing this to my attention.

But my comment holds, I haven't tried it yet and verified if it worked.

I like some of your links particularly this one

Quote:

2,Selective extensions from this guide here

But, as Paranoid2k will tell you soon, as good as these extensions are (I alluded to them in my post #15 point 9 in general ), proxomitron and so on, are probably more flexible if you need it. Greasemonkey might perhaps match it to some degree.

[Paranoid2000]

Quote:

Originally Posted by Deviladvocate

Is this an accurate summary Paranoid2000?

Both accurate and very comprehensive. Congratulations.

There are also two benefits to using Privoxy rather than a SOCKSified Proxomitron. First, with Privoxy it is possible for Proxomitron to control whether Tor is used or not - with a SOCKSified Proxomitron, everything goes via Tor, regardless of Proxomitron's settings (exceptions have to be set in SocksCap/FreeCap but this requires a restart of Proxomitron).

Second, Proxomitron adds an extra "Forwarded by" header to HTTP requests. This means that web sites could detect Proxomitron being used (Leader Network Tools does this - see the "PROXO-TOR NETWORK" thread for more details). Privoxy can strip out this extra header if configured following the recommendations in Kye-U's FAQ (which includes a Privoxy configuration file which disables all other filtering and logging to boost performance).

Yes. Very cool Paranoid2k.

Exactly the reasons why I do Proxomitron + Privoxy.

Knowing your concern about 'the dangers of HTTPS' I thought it might also be interesting to consider what happened if you went a https page like GRC's
in the following cases.

1) Direct connection via bare firefox + Tor as favoured by Tony

2) Firefox + Privoxy + Tor

3) Firefox + Proxomitron +freecap/sockcap + Tor

4) Firefox + Proxomitron + Privoxy + Tor

[tony62]

Quote:

Originally Posted by deviladvocate.

Yes, on the behalf of the whole Wilders Security Forum, neigh the whole security community of the internet I thank you for bringing this to my attention.

But my comment holds, I haven't tried it yet and verified if it worked.

If you had read my post correctly, you would have noticed that i had already gave that particular link and verifyed that the setup worked...NO DNS LEAK.

Quote:

Originally Posted by deviladvocate.

But, as Paranoid2k will tell you soon, as good as these extensions are (I alluded to them in my post #15 point 9 in general ), proxomitron and so on, are probably more flexible if you need it. Greasemonkey might perhaps match it to some degree.

This isn't the first time that P2K and myself have discussed a topic in a thread you know, so don't try and hide behind him.

Let's get a few things straight:

1, Privoxy, in most cases, is used simply to connect Proxomitron - Tor, since as you have mentioned, Proxo can not handle Socks. Most people who understand Firewalls will only use Privoxy for this reason, NOT to filter additional traffic.(in other words you SHOULD have Privoxy disabled).

2, Firefox now supports sending of SOCKS5 requests with DNS names, using this setup

Quote:

Now, type “about:config” into the address bar, as if it were a URL and hit enter. The resulting page has a text entry at the top labeled “Filter”. In it, type “socks_remote_dns” (don't hit enter).

As you type the list of settings should shrink until there's only one. Double click it and it should go bold and its value should be “true”.

hence NO NEED FOR PRIVOXY.

3, Proxomitron over Firefox extensions, hmm......for the more experienced, then Proxomitron. It's all very well using a filterset created by another person, when in truth, does that individual understand how to debug the probmatic webpage, when in trouble?

What i propose, is an alternative to the complexities of Proxomitron/Privoxy.

P2k has always been a motovation of mine, both here and over at the Outpost Forum, however, there are sometimes ideas brought by other users, which may be at least worth testing.

Have you tested it? I guess not!

Edit: Besides, post #13 explains to P2K that i have found an alternative, since he knows that i WAS a Proxo user, and is probably somewhat baffled by my earlier post.

Quote:

Originally Posted by tony62

If you had read my post correctly, you would have noticed that i had already gave that particular link and verifyed that the setup worked...NO DNS LEAK.

Sigh, I know you tested it. But my statement was about ME. And at the time I posted, I haven't tested it.

No offense, but you seem eager to claim credit afraid people didn't see your post, and when I said innocently *I* haven't tested it, you jump all over me. I didn't say it didn't work, I didn't say other people haven't tried it, I said only *I* haven't tried it.

Sheesh, get over yourself will you?

Quote:

This isn't the first time that P2K and myself have discussed a topic in a thread you know, so don't try and hide behind him.

I hide behind NO ONE. I'm insulted you think so. You must be new here.

Quote:

1, Privoxy, in most cases, is used simply to connect Proxomitron - Tor, since as you have mentioned, Proxo can not handle Socks. Most people who understand Firewalls will only use Privoxy for this reason, NOT to filter additional traffic.(in other words you SHOULD have Privoxy disabled).

LOL, yes only you understand firewalls.

Quote:

2, Firefox now supports sending of SOCKS5 requests with DNS names, using this setup

hence NO NEED FOR PRIVOXY.

I already said THAT!!!!

See I'm also eager for credit. Just kidding.

Quote:

P2k has always been a motovation of mine, both here and over at the Outpost Forum, however, there are sometimes ideas brought by other users, which may be at least worth testing.

Did I say 'your' idea is not worth testing? What gave you that idea?
And BTW I don't always agree with Paranoid2k either.

Quote:

Have you tested it? I guess not!

Are you blind? Remember the parts where I said I haven't tested it yet? And you insist there is no leak? The parts you object to?

But I have tested it now, and it works yes.

Happy? You are the greatest.. Rah Rah...

[tony62]

In all honesty i had missed your post #15(large enough, as it is) , when browsing late last night, and jumped straight to post #16. So maybe i owe you some sort of appology.
Like i was saying though, i don't doubt for any minute that P2K's approach is very, very secure. That said mine is (i've found) faster and very easy to configure 'on the fly'.

[Paranoid2000]

Both approaches (Firefox with extensions or Proxomitron + Privoxy) should theoretically give the same level of security since both can handle https: content and filter out potentially compromising web content.

The Firefox approach should have the advantage of ease-of-use (less setup and configuration necessary, fewer warning prompts when accessing https sites, no need to debug Proxomitron filtersets).

The advantages of Proxomitron/Privoxy are multi-browser support (anything able to connect to a proxy) and more powerful filtering with several filtersets available - Firefox's Greasemonkey extension looks to be the closest competitor to Proxomitron but, being script-based, it looks unlikely to offer the same level of performance and does not seem to cover HTTP headers (though other extensions can handle this - including those mentioned in Tony62's link, a very interesting post about client-side-script abuse BTW).

At this point the differences are probably small enough to come down to personal preference so all informed debate about the alternatives should be welcomed. I'd really miss the absolute control that Proxomitron gives, but I'd also be the among the first to admit that writing filters for it can be hellishly difficult (and I salute those that do, and make them available for others).

[toploader]

test your privacy