"PROXO-TOR NETWORK"

[JakBeNymble]

Hi "Guyz",
"Kye-U" Good observation! I could see what gifs that I was draggin' through the Network all the way to the Browser, . .but I hadn't missed My requests not being logged. Thankx

"no13", . .I'm kinda at a lost, , , not sure what is happening there. When it stops, have You popped up the TOR dialog box to see if TOR failed to connect to the next "Node"? Everything would come to a screeching halt if the TOR program failed to connect to the TOR NetWork and of course "PRivoxy" would pop up that wonderful "Can't Connect Page". I'm going to go back and look at Your Privoxy list very carefully.
More Questions:
What happens when You use another browser?
what kind of connection do You have, . .broadband, cable, dial-up?
Also what listening port is PROXO listening on?
And have You did an audit for spyware?
Also how come You don't use a Fire-wall(soft-ware)?
But don't worry we'll work it out, . .

"Damwill" if You use the $USEPROXY(True or False boolean value) command then the Proxy that You wish to use must be in listed and chosen as the one to use in the PRoxo Remote PRoxy list.
When You use the $SETPROXY(address:port) command You don't have to have the Proxy Chosen to be used in the PRoxo Remote Proxy list, but but You MUST have it listed in Proxo's Remote Proxy list, . .and it over-rides any other PRoxy setting that You have in PRoxo! It's a more powerful command.

Be Back Later,
"JaK" [smoke]

"edited" for correctness" by JakBeNymble after reading Damwill's post below.

[WMP]

Jak, I think you still have to have the proxy in proxo's list.

$SETPROXY(proxyname:port) when used, can auto-select a particular proxy for that URL (Note: the proxy must also be in your external proxy list!).

I didn't have it in the external proxy list and it was not running through TOR even though the proxo log said it was. I had to use a test page. I think the use of $SETPROXY does allow for greater flexibility.

[JakBeNymble]

Yikes!!!! , , , , You are right "Damwill"! :o

I have several different URL filters and one is $USEPROXY, . . .and the rest are $SETPROXY with their own lists. Sorry didn't mean to drop the ball on that one. As You noticed, . .I kinda like Proxies, proxy programs, articles about Proxies, , ,I even got the idea for JAkxPack from chaining the "Mulit-proxy" program to "Proxo". Thankx for clearing that up , . .wouldn't want to miss inform someone, . .especially about Net Privacy & Security.
Best Wishes,
A Red-Faced "JaK"

[WMP]

NP Jak , just took me a few minutes to figure it out. I aslo changed the filter to the following:

Code:

[HTTP headers]
In = FALSE
Out = TRUE
Key = "URL:Tor-Proxy Access (Out)" {Kye-U, Jak, wmp}"
URL = "*&(^$LST(Tor_Proxo))"
Replace = "$SETPROXY(127.0.0.1:8118)&$SET(Tor=1)"

[Patterns]
Name = "<title>: Add TOR - Fix Tag - Snip Excess      4.11.24 (multi) [jd sd wmp] (d.1)"
Active = TRUE
Multi = TRUE
URL = "$TYPE(htm)"
Bounds = "<title*((</title >|(<title|</tilte|/title|title) >$SET(0=/title-typo))\4|(\s)\4(^(^<(meta|link|/head)))$SET(0=/title-unclosed)|(^(^<!)))"
Limit = 12000
Match = "<title(\s*|)\1>($TST(title=1)$SET(title=)|$SET(title=1))"
"(\#<(/|)(div|span)[^>]+>)+\#"
"&$SET(a=\@)$TST(a=((?+{62})\3?$SET(2=\3...)*|\2)$TST(\4))"
"&"
"("
"$TST((\0)=*)$SET(eFixedT=$GET(eFixedT)\0 )"
"($TST(volat=*.log:2.*)$ADDLST(Log-Main,[$DTM(d T)]\tWEB Fixed_Tag\t\0 \t\u)|)"
"|)"
"&"
"($TST(Tor=1)$SET(Tor=.:Tor:.)|$SET(Tor=*** Tor Bypassed ***))"
Replace = "<title\1>\2 $GET(TOR)</title>$SET(a=)$SET(TOR=)$STOP()"

I removed $LOG command since it displays in the title. There is only one header filter required now by using the $SET and $TST commands. The title now displays .:Tor:. when running through Tor, and *** Tor Bypassed *** when not.
I also removed *login* from the Tor_Proxo list since it matched too many url's.

[no13]

umm...
Privoxy CAN'T find TOR most of the time [don't ask me why... it just happens]
It chooses "when" to stop and when to start working.

Leader.Ru AND proxydetect show me IP... what's wrong?

Should I use the "force proxy for all sites filter"?

Also.... you show that you don't use TOR for some sites... is it becaues TOR network is not to be trusted with passwords? or that a fixed ip should be maintained for these sites?

Also, shouldn't PROXOMITRON be able to take care of the X-FORWARDED_FOR headers

[no13]

JakBeNymble Wrote:1>>  When it stops, have You popped up the TOR dialog box to see if TOR failed to connect to the next "Node"? Everything would come to a screeching halt if the TOR program failed to connect to the TOR NetWork and of course "PRivoxy" would pop up that wonderful "Can't Connect Page". I'm going to go back and look at Your Privoxy list very carefully.
2>> What happens when You use another browser?
what kind of connection do You have, . .broadband, cable, dial-up?
3>> Also what listening port is PROXO listening on?
4>> And have You did an audit for spyware?
5>> Also how come You don't use a Fire-wall(soft-ware)?

1. Haven't noticed yet... I'll check that and report.
2. another browser? only IE = exactly same results... except that a couple of times, in Firefox, the Proxo "can't find website" page shows up, even as IE opens up that site [using proxo+privoxy+tor]
3. proxo>>8080 privoxy>>8118
4. Yes. Clean system [what kind of spyware did you have in mind?]
5. well... I'm reinstalling this entire system, so it'll be a couple of days before I install TPF... till then, the router has to suffice.

[WMP]

I added a few more lines to the main configuration file:

activity-animation 0
log-messages 0

I keep the icon hidden so no use animating it.
Has anyone been able to get the hide-console command to work in Privoxy?

[JakBeNymble]

Hi "Guyz",
"No13" I think that it might be a good to do a complete reinstall of Your system. There's some peculiar processes that I don't really don't know about and couldn't advise about without looking at the system. Sorry, I wish I could be more help. But every now and then it's good to just reformat, wipe everything out and starting out new with a clean install of Your O/S.

Quote:Leader.Ru AND proxydetect show me IP... what's wrong?

Your browser maybe leaking some info via java, javascript, it could be just bypassing Your Privoxy/TOR setup completely and connecting directly to the sites.

Quote:Should I use the "force proxy for all sites filter"?

No, Not at this point, I think that reloading Your system will take care of many of these problems You are experiencing.

Quote:Also.... you show that you don't use TOR for some sites... is it becaues TOR network is not to be trusted with passwords? or that a fixed ip should be maintained for these sites?

I am more concerned with putting passwords and other personal info through the network at this point.

Quote:Also, shouldn't PROXOMITRON be able to take care of the X-FORWARDED_FOR headers

Yes Proxomitron can but You have to manually disable the filters in PRoxo to stop the Spoofin' filters. Now here's the thing, , ,for the sites that I DO NOT route through the TOR network, , ,I want the X-forwarded-for headers to be forwarded to the site. It's fools the "Nosey Sites", . . .But when You are surfin to sites through the Network, . .You Do Not want PRoxo to send the X-forwarded for headers. Here's why, , ,I discovered that when surfing through the Network TOR actually adds another X-FORWARDED FOR Header right along with the Fake ones sent by PRoxo, , ,that means, , ,You have Two possibly Three "Different IPs' claiming to be the real You. Now this looks very very obvious that some "Trickery" is afoot! It tells many of the "Test Page sites" that PROXOMITRON is being used! Now that's exactly the thing You really don't want. You want to look just like everybody else "surfin' around the Net, and not stick out like a sore thumb. But that's what will happen if You are forwarding two or three fake X-Forwarded-for headers. Not to cool.

Now I think that we have two solutions, first we can stop what we are doing, , ,manually "untick" some of the Spoofer Filters in Proxo and go back to surfin' and then when we want to go to a site that we are not using the TOR network for, stop and manually "Tick" the filters in Proxo and go on to the sites.
Or, , ,we can just leave everything in Proxo all "ticked", and set "Privoxy" to filter the X-forwarded-for header out for us "automatically" when we surf to sites routed through the TOR network. And never have to stop and make adjustments to our setup. That's the ticket for Me.

Quote:what kind of spyware did you have in mind?

I wasn't for sure, , ,but if You have some processes that are launching themselves through Your Browser out to the Net all on their own, , ,then there is again, . . . some "Wicked Trickery" afoot. Spyware, trogans, , ,browser HiJackers, , ,etc.

Quote:... till then, the router has to suffice

You might want to check to see if that router has TPF already running on it. Most routers have fire-walls running on them, and TPF is the one that is used most often.

Having a router with a Fire-wall running on it is very much safer than just having a "Software Fire-wall" and directly connected to the net. See by the time that a software fire-wall stops an attacker, , , they are already IN YOUR MACHINE, , , but with a Fire-walled Router,, , the attack is stopped at the "ADAPTOR LEVEL" before it's gets to Your machine.

Take Care and Best Wishes,
"JaK" [smoke]

PS: I haven't been able to get the hide console feature to work either "WMP"???? And there are a couple of other things that I couldn't get Privoxy to do, but it could be I'm just not as familar as I need to be with the "Proggie". Question: How are You Hiding the icon? ~JaK~

[WMP]

Jak, under WinXP I chose to customize "hide inactive icons" and set Privoxy to "always hide". Not really hidden since you can click "<" to see all the hidden icons.

[JakBeNymble]

Hi "Guyz",
You can make "Privoxy" use a remote proxy, http or socks instead of the TOR network. Just put the proxy and port number in the configuration file.
example:

Code:

forward / xxx.xxx.xxx.xx:port number
#forward-socks4a / 127.0.0.1:9050 .
#forward-socks4a :443 127.0.0.1:9050 .
#forward-socks4a :53 127.0.0.1:9095 .

Just besure to put # (pound signs) in front of the settings You wish PRivoxy to ignore. And also Notice that there is NO PERIOD after the Remote Proxy number/port.

If for some reason that PROXO was not around, , ,I think that Privoxy would be a great substitute. I like the fact that You can forward Http, https, and Socks protocols

Take Care and Have a Great & Wonderful Day,
"JaK" [smoke]

[Magician]

My turn to contribute to this excellent thread.

http://www.duodata.de/ntwrapper/ <-- the lite version is free and allows for 1 win32 app to be run as a NT/2000/XP service. I would normally recommend firedaemon but they seem to have removed their lite version so now it is pay versions only on that site.

I have only just started mucking around with using TOR as a service, my primary aim was to remove the dos window that is always open with TOR and whether or not NTWrapper can do this (i dont think so), regardless of that running TOR as a Windows services seems like quite a nice, elegant way of running TOR

In fact running Proxo, Privoxy and TOR all as services would be even better, that way ensuring the proxy programs are in place and running BEFORE any thing (including windows itself) trys to connect to the internet, but that involves paying for the full version which allows unlimited apps to run as services, the lite version is constrained to 1 app.

And on that note, is there any other way to remove the dos window and leave TOR running?

PS thanks to Jak et al for the effort put into this particular thread :-) I am glad to report at all systems are running and everything is happily using TOR (including irc). I have however managed to configure privoxy to display nothing at all in its log window, wierd.

[Magician]

Ok. Now I have played with NTWrapper for a little while and I think it will do prefectly.

Whilst the lite version only allows for 1 service to run, within that one service you can have multiple (unlimited) applications running ie the service is a wrapper for multiple applications.

So I now have one service running called InternetSVC and that contains Proxomitron, Privoxy and TOR, and it allows me to hide, maximise or minimise each of the programs on start up. so I have Proxo and Privoxy minimised when the service starts, and TOR hidden so it never appears BUT it is working in the back ground. Joy.

For anyone who downloads the program (see my post above) you can cut and paste the below text into a file called InternetSVC.ini, save that file into the NTWrapper directory and then choose File -> Open Existing Service Definitions from within NTWrapper to load up the definitions file that will allow you to run Proxo, Privoxy and TOR as a service.

You will of course need to change the program paths, as I doubt I have saved the programs in the same places as everyone else

Code:

[APPLICATION_1]
Executable=E:\Internet Programs\Tor\tor.exe
Params=
WorkingDir=E:\Internet Programs\Tor
IsConsoleApp=0
ShutDownTimeout=5000
RestartApp=0
LaunchDelay=0
ShowWindow=Hide
Priority=Normal
AffinityMask=1
RedirectStdOut=0
RedirectStdErr=0
StdOutFile=
StdErrFile=
OwnLogFile=
ExecutionTime=0
ProcUser=
ProcDomain=
RunProcAsUser=0
LogonImpersonateUser=0
ProcPassword=
[APPLICATION_2]
Executable=E:\Internet Programs\Privoxy\privoxy.exe
Params=
WorkingDir=E:\Internet Programs\Privoxy
IsConsoleApp=0
ShutDownTimeout=5000
RestartApp=1
LaunchDelay=0
ShowWindow=Normal
Priority=Normal
AffinityMask=1
RedirectStdOut=0
RedirectStdErr=0
StdOutFile=
StdErrFile=
OwnLogFile=
ExecutionTime=0
ProcUser=
ProcDomain=
RunProcAsUser=0
LogonImpersonateUser=0
ProcPassword=
[SERVICE_OPTIONS]
OnAllAppsExit=1
LogToDisc=0
LogToEventLog=0
MainLogFile=
[SERVICE_INSTALL]
ServiceName=InternetSVC
DisplayName=NT Wrapper:
Description=
Interactive=1
Account=LocalSystem
Password=
LoadOrderGroup=
StartType=Manual
[APPLICATION_3]
Executable=C:\Program Files\Proxomitron\Proxomitron.exe
Params=
WorkingDir=C:\Program Files\Proxomitron
IsConsoleApp=0
ShutDownTimeout=5000
RestartApp=0
LaunchDelay=0
ShowWindow=Normal
Priority=Normal
AffinityMask=1
RedirectStdOut=0
RedirectStdErr=0
StdOutFile=
StdErrFile=
OwnLogFile=
ExecutionTime=0
ProcUser=
ProcDomain=
RunProcAsUser=0
LogonImpersonateUser=0
ProcPassword=

I hope other people find this useful

[JakBeNymble]

Hi "Magician",
Good work! I haven't tried the NtWrapper out yet, but I will as soon as I get the chance to. It sounds good though.
Thankx for sharing! "The more we share, the more we know, and the more we know, the better we all are for it".

Best Wishes,
"JaK" [smoke]

[no13]

Great work Magician.... I guess magic ain't dead yet...

jak.... I solved my problems (in firefox atleast)... just selected the radio button that said Socks 4 instead of Socks 5... as simple as that.

Woohoo.
Thx guyz.

[no13]

i added a service to windows by hand!!!!!
BUT.... it won't let 3 exe's run at the same time.
should I try using a batch file?
or a custom made DOS program?

you guys want all the registry keys I used?