Setting up Tor/Proxomitron+SocksCap

[AJohn]

Hope this helps some of you

You can download the SSL files here:

http://www.proxomitron.info/files/index.html

[AJohn]

If you want to use Privoxy instead of Proxomitron+SocksCap you can add this to the top of the Privoxy Main Configuration:

forward / localhost:9050
forward :443 .

(Make sure to include the DOT)

If you want to filter SSL it will look like this:

forward / localhost:9050
forward :443 localhost:9050

By default Privoxy listens on port 8118 so you will need to use that instead of 8080.

Listen to address should look like this:

listen-address 127.0.0.1:8118

[Paranoid2000]

Good instructions there AJohn - thanks for putting this together.

One point worth mentioning is firewall setup - Tor requires outgoing access on the following ports: 80, 443, 9001-9004, 9030-9033 and 9100 (it is possible to restrict these via Tor's configuration file, see How do I run a Tor client from behind a firewall? from the Tor FAQ for details). It connects to a large number of servers in different countries so setting address restrictions is probably not a good idea. Depending on the firewall and configuration used, it may be necessary to create rules allowing traffic between Proxomitron and Tor also.

[AJohn]

Good thinking

[AJohn]

Here is an example of how you could setup L 'n' S (very basic)
http://www.doubledaze.com/lns.jpg

[GlobalForce]

Hey AJohn, nice job buddy! P2k's input and thumb's up a nice compliment...
Excellent post!!! Bit slow getting around to these things, but great incentive. Again terrific stuff guy's.....MAX KUDO'S!

GF

[A884126]

Great job. Very instructive. Bravo!

But what about Outpost and Tor? Could not find my way comparing to L'N'S

[Paranoid2000]

Taken from the Outpost forum How should I configure proxy application along outpost? thread and my own setup:

Tor Ruleset:
Tor Network Access: Protocol TCP, Outbound, Remote Host 127.0.0.1, Remote Port 80, 443, 9001-9004, 9030-9033, 9100, Allow
Incoming Tor Request: Protocol TCP, Inbound, Remote Host 127.0.0.1, Local Port 9050, Allow

Proxomitron Ruleset:
Proxomitron Tor Access: Protocol TCP, Outbound, Remote Host 127.0.0.1, Remote Port 9050, Allow
Incoming Proxomitron Request: Protocol TCP, Inbound, Remote Host 127.0.0.1, Local Port 8080, Allow

Browser Ruleset:
Browser Proxomitron Access: Protocol TCP, Outbound, Remote Host 127.0.0.1, Remote Port 8080, Allow

Quote:

Originally Posted by AJohn

Hope this helps some of you

Reading the sockscap help file shows that sockscap can only support 254 different hostname lookups from an application. After that you have to close the application down and restart. Will probably mean that you have to restart proxomitron at various times.

Perhaps it would be better to have proxomitron connect through privoxy to eliminate the need for sockscap and it's limits?

[A884126]

Paranoid, always at hte right place with the right answer!

Thanks and Merry Christmas!

[AJohn]

Quote:

Originally Posted by asfopiffff

Reading the sockscap help file shows that sockscap can only support 254 different hostname lookups from an application. After that you have to close the application down and restart. Will probably mean that you have to restart proxomitron at various times.

Perhaps it would be better to have proxomitron connect through privoxy to eliminate the need for sockscap and it's limits?

Are you sure? I have used single instance of SocksCap>Proxomitron for weeks without restarting it. Could it mean that it only supports so many at once?

[Paranoid2000]

A small addendum to post #2 above regarding Privoxy configuration - I have found it necessary only to include the following line in Privoxy's config.txt file using Notepad or another text editor:

forward-socks4a / 127.0.0.1:9050 .

As previously noted, you need to have the dot at the end. This ensures that all traffic (including DNS requests) is routed via Tor.

Given the choice between Privoxy and SocksCap/FreeCap, which is better? For web access only, I would suggest Privoxy since SocksCap has an annoying splash screen and FreeCap seems to have problems running with some other software. If it is necessary to anonymize other network applications, then SocksCap/FreeCap should be used.

[Paranoid2000]

If using Privoxy, Proxomitron and Tor together with Outpost firewall, I would recommend the following Outpost application rules (they should be applicable to other rules-based firewalls also):

Tor Ruleset:

• Incoming Tor Request: Protocol TCP, Inbound, Remote Host 127.0.0.1, Local Port 9050, Allow
• Tor Network Access: Protocol TCP, Outbound, Remote Port 80, 443, 9001-9004, 9030-9033, 9100, Allow
• Block Other Tor Traffic: Protocol TCP, Outbound, Block

Privoxy Ruleset:

• Incoming Privoxy Request: Protocol TCP, Inbound, Remote Host 127.0.0.1, Local Port 8118, Allow
• Privoxy Tor Access: Protocol TCP, Outbound, Remote Host 127.0.0.1, Remote Port 9050, Allow
• Block Other Privoxy Traffic: Protocol TCP, Outbound, Block

Proxomitron Ruleset:

• Incoming Proxomitron Request: Protocol TCP, Inbound, Remote Host 127.0.0.1, Local Port 8080, Allow
• Proxomitron Privoxy Access: Protocol TCP, Outbound, Remote Host 127.0.0.1, Remote Port 8118, Allow
• Proxomitron Block Direct Web Access: Protocol TCP, Outbound, Remote Port HTTP, HTTPS, Block
• Block Other Proxomitron Traffic: Protocol TCP, Outbound, Block

Browser Ruleset:

• Browser Proxomitron Access: Protocol TCP, Outbound, Remote Host 127.0.0.1, Remote Port 8080, Allow
• Browser Blocked Hosts: Protocol TCP, Outbound, Remote Host 127.0.0.1, Remote Port HTTP, HTTPS, Block *see note below*
• Browser Allow Direct Web Access: Protocol TCP, Outbound, Remote Port HTTP, HTTPS, Allow *this rule should be disabled, see below*
• Browser Block Direct Web Access: Protocol TCP, Outbound, Remote Port HTTP, HTTPS, Block

These rules prevent browser, Proxomitron or Privoxy from accessing the Internet directly (ensuring that any browser exploit causing a direct connection is blocked). This, in conjunction with the appropriate Proxomitron filters, will prevent any website from using Java or Javascript to discover your real address.

The Browser Blocked Hosts rule is for those people using a Hosts file to block access to untrusted domains - this file maps them onto the 127.0.0.1 address (going back to the PC) so direct access should be allowed in this case. With some browsers (e.g. Opera), it may also be necessary to list such domains as being excluded from proxy access, to ensure that requests are not send out via Tor.

For convenience, consider creating a browser rule for direct web access but leaving it disabled (clearing the checkbox beside it in Outpost). If problems occur when connecting to Tor, this rule can then be easily activated, allowing web access until the problem is resolved (remember to de-activate it again).

I followed the suggestions above about the rules (applicable ones since I don't have Proximitron) in Outpost, but is there anything I need to do with Tor's config file? I read on Tor's FAQ that I should add "FascistFirewall 1" to the torrc configuration, but when I actually opened the config file with notepad, I don't know where exactly I'm supposed put that line. I tried to search around their site, but I couldn't find any detailed instructions. Sorry I'm completely new at this. Ever since I installed Outpost, Tor hasn't been working (it was before). Everytime I try to use Tor (via Firefox w/the switchproxy extension), it starts downloading from "xxx/tor/dir.z". Please help. Thanks so much in advance.

[Paranoid2000]

Tor should require no configuration if you have followed the instructions given above. If it is not working and you believe Outpost to be the cause, check the Outpost Blocked logs to find out why traffic is being blocked and adjust your rules accordingly (in particular note that the incoming rule for Tor must specify a local port, not a remote one). You may see some entries for Tor using different port numbers like 20001 being blocked but occasional entries like this should not affect its function.

I checked the Outpost block list and didn't see anything for Tor. Even when I disabled Outpost, the same thing happens. Once I even open the Tor program, it automatically starts downloading. It also happens everytime I click on a link.



It will always be from http://xxx.xxx.xx.xx:9030/tor/dir.z and here is what it says on the Tor dialog:



I've followed the instructions above for Privoxy (rules & the config file), the Tor & browser rules for Outpost. Here are the ones I have for Tor:





I even tried uninstalling Outpost, but the problem with Tor remains. The reason I thought the problem was with Outpost because everything worked fine until I installed Outpost. But now the program is uninstalled and Tor is still not working. What do you think is wrong here?

Another question, I had cfosspeed running, and even after I added it to my application trust list, Outpost still blocked it. I didn't set any rules for cfosspeed because it didn't have the protocol that cfosspeed was using (whatever the block list said was the protocol, IRDP or something). Is there anyway to work around it or am I doing something wrong? Sorry for such a long post. Thanks again!

Sorry, I just checked and Outpost's block list lists that spd.exe (cFosSpeed) is out refused with protocol ICMP, Remote Port: Echo Reply/0, Reason: ICMP Traffic. So what does that mean?

[Paranoid2000]

The "Tor Network Access" rule is the problem - remove the 127.0.0.1 remote address (this limits it to connecting with your PC only). This is an error in the ruleset I posted above so it should be:

Tor Ruleset:

• Incoming Tor Request: Protocol TCP, Inbound, Remote Host 127.0.0.1, Local Port 9050, Allow
• Tor Network Access: Protocol TCP, Outbound, Remote Port 80, 443, 9001-9004, 9030-9033, 9100, Allow
• Block Other Tor Traffic: Protocol TCP, Outbound, Block

Apologies for any confusion, I'll try to get the above post corrected. For other Outpost issues, I'd suggest opening a thread either in the "Other Firewalls" forum here, or the Outpost forum.

I changed the setting you specified, but Tor is still not working. Once I open Tor, it starts downloading this file I talked about before. I also tried adding Privoxy, Tor, and Firefox to the trusted application list, but nothing helps. The problem persisted even after I uninstalled Outpost, so is it even a problem w/Outpost then (I thought it was Outpost because the problem w/Tor happened right after I installed Outpost)? I considered posting on the Outpost forum too, but then I'd have to describe everything over again =(.

[Paranoid2000]

Tor will try to obtain a list of servers on startup but this should not result in a popup window. Is that a download manager that you are running? If so, try disabling it.

[no13]

There's a dedicated thread to this little gem over here... Kye-U's site

[Paranoid2000]

Since the link above is now dead (even worse, it's been taken by a domain parker), those interested in more details can instead find Kye-U's FAQ at Setting up Tor with Privoxy and Proxomitron.

[notageek]

Link don't work Paranoid.

Anyone know why after a few minutes of using Privoxy, Proxomitron and tor, it stops working. I have to keep loading config file got it to work.

[Paranoid2000]

Quote:

Originally Posted by notageek

Link don't work Paranoid.

Kye-U's forum has moved to http://kyeu.info/proxo/forums/index.php so the Setting up Tor with Privoxy and Proxomitron FAQ is available there (I can't edit my previous post to update its link).

Quote:

Originally Posted by notageek

Anyone know why after a few minutes of using Privoxy, Proxomitron and tor, it stops working. I have to keep loading config file got it to work.

What (if any) errors are being reported by Tor, Privoxy or Proxomitron? Have you configured your firewall to allow all necessary traffic? (for Tor especially, since this uses a range of ports). Did you mistakenly disable Proxomitron's "Remote Proxy" setting?

[notageek]

Thanks for reposting the links.

No error messages. I have remote proxy checked. He's the problem I'm having. After about an hour, if I check my IP address with any ip address webpage it shows my real IP address, even though Proxo, Privacy and TOR is still running and setup the same way before they stopped hiding (or changing) my IP address. So for me to have the setup change my IP address I have to uncheck and re-check the box for use remote proxy in proxo to get the setup to work again.