wifi privacy

Discussion in 'privacy problems' started by wifiprivateeye, Feb 26, 2006.

Thread Status:
Not open for further replies.
  1. wifiprivateeye

    wifiprivateeye Registered Member

    Joined:
    Feb 26, 2006
    Posts:
    2
    I share a wifi internet connection in a small community. The administrator of the system receives a log of all traffic and is able(and does) view websites visited by us.

    I have installed Tor, Privoxy, Proximotron with information gathered here. I also have JAP and Ipig.

    None of these are totally reliable as far as usage goes but I'm sure they do their job well as far as hiding where I surf, email, and interact in forums like this.

    Do I really need to go to this extreme to hide my surfing from the administrator's prying eyes?

    Would Proximotron or Privoxy be enough on their own to bugger his log on where I go?

    Are there other solutions?

    Thanks for any pointers.
     
  2. WSFuser

    WSFuser Registered Member

    Joined:
    Oct 7, 2004
    Posts:
    10,632
    proxomitron would filter web sites not necessarily cover ur tracks. i have no experience with Privoxy, ive only used it in conjunction with tor. also i think its a bit much to use both JAP and tor/privoxy. id choose one of them and stick to it.
     
  3. wifiprivateeye

    wifiprivateeye Registered Member

    Joined:
    Feb 26, 2006
    Posts:
    2
    Thanks for the reply.

    I don't use Jap, Tor, and Ipig at the same time. One or two of them are usally down or too slow. Having all three enables me to have privacy at most times. Having to use them at all is a royal pain.
    Tor would not respond earlier so I switched to JAP and its been working remarkably well for the last hour or so.
    Ipig is a last resort for it is so slow.
     
  4. topcat139

    topcat139 Registered Member

    Joined:
    Mar 14, 2006
    Posts:
    5
    For your surfing anonymously, you should add tordns to yourmix, this will stop the dns lookups from giving away what it is you're surfing too. Also tor and jap share their networks, If you watch the tor log you'll note the jap servers are used to help relay. You also need to shut down the dns cache in windows, under services.msc, and then shut down and clear your browser cache as well. If your firewall or other software handles dns caching, you need to kill those as well. You would need to run at least tor and privoxy to hide your surfing info, but with these and no dns lookups you should be safe. Privoxy has the ability to 'scrub' the headers and other info that may give you away, so go throught he config file and set it up depending on your systems config. You may also think about using other than the default ports, if your network will allow forthis.
    You might consider adding i2p to your mix and using it with tor as a second secure network. This way the web access can go over either tor or i2p. i2p has much more bandwidth than tor and so it's quicker. Also i2p now has some outproxies so you can access the normal internet through it as well as through tor. I use this combo myself, and also use p2p over this setup, I have fine speeds on my downloads, not as quick as a clear connect, but you give up some for the added privacy. i2p also has a bit torrent capable clients, btut only for trackers on the i2p network. These are a bit flaky yet, or you could give azureus a try, it now has a plug in for i2p, and trackerless setting too.
    I use normal p2p over this setup, but I still cannot manage to get incoming connects, only 'local' so it's a bit slow sometimes.
    I also run a comunity wifi service that I resell web access through, and will be adding the ability to surf over these networks to the wifi network as well, so all the users will have to do is enter the correct url and get there. (that's in the future though).

    Hope This was of somehelp to you.

    luck,
    topcat139
     
  5. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    This is not necessary if Privoxy is being used since it will stop such DNS leaks (the Tor client will warn if these leaks occur also).
    The current JAP client can access the Tor network so would seem a good choice for someone using both networks.
    Why? When you use Tor your PC would not be doing any DNS lookups itself, these would be done by the Tor exit server. The only possible issue I can see is of your firewall doing reverse-DNS lookups on the Tor nodes you connect to (for logging purposes) and I can't see any security problem with that.
    In terms of providing anonymity from the network admin, Tor/JAP on their own would suffice since they encrypt all traffic as it leaves the PC. Privoxy/Proxomitron come into play with the websites you visit, giving you control over what information they see about your system as well as what content gets displayed on your system. Ideally both would be used since Privoxy provides the "glue" for connecting to Tor and Proxomitron provides the most powerful (albeit complex) web filtering and is one of very few filters that can handle HTTPS traffic (see here for why this can matter).
     
  6. topcat139

    topcat139 Registered Member

    Joined:
    Mar 14, 2006
    Posts:
    5
    I do agree with most of what you've added but on one thing I do disagree. TORDNS is required. If you watch your network activity you'll note the dns lookups going out in the clear. Tordns is needed to force the lookups out over tor. If you don't do this then you will be giving away alot. The lookups will go to the secondary dns server if you have one listed. Privoxy will not scrubb the lookups and yes tor will complain about being given dns addresses instead of a lookup. The tordns app needs to be the ONLY dns server setup for windows.
    9try gfilanguard or perhaps netlimiter, which I like alot, it'll show you the lookups going out in the clear.) Clearing the cache forces the lookups to go over tor. Just want people to be aware that this is an issue yet. Privoxy (don't know proxomitron) will not scrub dns, it'll c;lean alot up, but not that. DNS has to happen somehow, and tordns is the only app I know of tyhat will force them to be secure. Even with i2p, those lookups obviuosly go to i2p as they are base 64 adresses, but the normal web addresses will not.

    As for bandwidth, I have been streaming web radio and video over tor and it works great, I have gotten 64 kb streams to run with very little interruption, but i2p does have more bandwidth. I'll be trying to socksify and pass the connectsa thru i2p next.
    For those that may be interested, (I haven't been able to get a copy of sockcap from primeo) there is a copy of sockscap included in the 'torkit' distribution for the old amphex group. There are other apps in there but it is an OLD release so I wouldn't bet on them being compat or even really functional. But the sockscap is there with a couple of .bat files to help begginers.

    that's all!

    luck,

    top:cool: cat139
     
  7. Paranoid2000

    Paranoid2000 Registered Member

    Joined:
    May 2, 2004
    Posts:
    2,839
    Location:
    North West, United Kingdom
    I've never had this happen with web traffic going via Privoxy (confirmed both by the lack of warnings in the Tor client and firewall logs) though other non-web protocols (e.g. ftp) are not covered by Privoxy so could trigger a DNS lookup. You do also mention using other applications (which would not run via Privoxy presumably) so could your DNS traffic be due to these?
     
  8. Smorg

    Smorg Registered Member

    Joined:
    Jul 1, 2006
    Posts:
    10
    Sorry to bump such an old thread, I ran into this from google.

    I can attest to topcat's observations. After Installing Tor with privoxy, Simply looking at my remote connections through Port Explorer showed svchost connected on port 53 (which i assume is the dns client service), with all other connections going through Tor. No FTP connections were open.

    The Tordns instructions explicitly state that the dns cache service must be disabled. Configuring windows to direct all of its dns lookups to Tordns seemed to work.
     
Loading...
Thread Status:
Not open for further replies.