Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,870 --> 00:00:07,200
If you want to turn all the traffic from any other application through Tor such as maybe your email
2
00:00:07,200 --> 00:00:09,080
client you won't have to go through Tor.
3
00:00:09,210 --> 00:00:11,940
You have to be very careful how you set it up.
4
00:00:11,940 --> 00:00:19,200
The Tor browser is built not to leak protocols but all the applications may not be.
5
00:00:19,260 --> 00:00:24,700
For example your email client may send all the emails to.
6
00:00:24,840 --> 00:00:30,690
And then not do DNS through Tor instead doing it normally ignoring its proxy settings.
7
00:00:30,690 --> 00:00:33,090
This does happen it has happened.
8
00:00:33,300 --> 00:00:35,620
So you have to be very careful.
9
00:00:35,640 --> 00:00:41,010
That is the big worry with using older applications with Tor.
10
00:00:41,160 --> 00:00:50,580
Hey we're in the talk default file which shows we are running the socket port on 9 1 5 0 and the control
11
00:00:50,580 --> 00:00:53,600
port on 9 1 5 1.
12
00:00:53,700 --> 00:01:00,890
So it's a socket port that we care about for setting up all the applications 9 1 5 0.
13
00:01:00,900 --> 00:01:10,030
In this case if we run a net stat currently Tor is not running.
14
00:01:10,080 --> 00:01:12,050
So the socket port is not there.
15
00:01:12,060 --> 00:01:14,070
Let's start Tor
16
00:01:19,350 --> 00:01:20,390
and there we go.
17
00:01:20,400 --> 00:01:24,560
We can see it's established here and listening.
18
00:01:24,560 --> 00:01:32,220
Here is our control port and there's a socket port that we care about 9 1 5 0.
19
00:01:32,430 --> 00:01:41,790
Applications such as any browser that supports Sock's proxies can be configured to connect to this port
20
00:01:42,090 --> 00:01:49,250
or whatever port you choose to assign it as an eternal traffic through the Tor socks proxy.
21
00:01:49,440 --> 00:01:52,640
So let me show you how you do that in ice weasel.
22
00:01:53,520 --> 00:02:04,380
So here we are in ice weazel which is essentially Firefox on Debian Meteo to preferences advanced network
23
00:02:04,860 --> 00:02:10,770
settings and here we need to enter what is already entered in here.
24
00:02:10,800 --> 00:02:15,200
The local host and then whichever port we've got it set to.
25
00:02:15,980 --> 00:02:16,770
OK
26
00:02:21,830 --> 00:02:26,330
and that done the search through Tor and we can check we're on tour.
27
00:02:26,430 --> 00:02:27,040
I can see.
28
00:02:27,060 --> 00:02:30,130
Congratulations his browser is configured to use Tor.
29
00:02:30,330 --> 00:02:33,430
However it does not appear to be that or browser.
30
00:02:33,450 --> 00:02:37,320
Of course it does not have all the hardening and security.
31
00:02:37,410 --> 00:02:42,020
And of course we cannot see the circuit and all the other things.
32
00:02:42,030 --> 00:02:53,580
Now here we are in the Tor browser and if we do exactly the same thing on surprisingly we will also
33
00:02:53,580 --> 00:03:00,340
see that this is set up to use Isaak's proxy 9 1 5 0.
34
00:03:01,440 --> 00:03:04,260
We can change the socket proxy port if we wanted to
35
00:03:07,680 --> 00:03:10,210
save that.
36
00:03:11,330 --> 00:03:17,550
Then let's restart Tor.
37
00:03:22,230 --> 00:03:30,930
So here we can see the port was changed to 6 6 6 6 and we would need to configure this to work on the
38
00:03:30,930 --> 00:03:31,860
new port
39
00:03:47,520 --> 00:03:56,570
and there we are going to the 6 6 6 6 port that we've just set up in the toc file.
40
00:03:57,180 --> 00:04:02,670
Pretty straightforward with Isaak's proxies each application.
41
00:04:02,670 --> 00:04:10,140
So here for example ice weazel and that all browser uses a different tour circuit.
42
00:04:10,140 --> 00:04:19,050
This protects against identity co-relation through Tor Serkis sharing for optimal separation between
43
00:04:19,050 --> 00:04:20,940
contextual identities.
44
00:04:20,940 --> 00:04:26,000
I recommend you use separate workstations or machines per identity.
45
00:04:26,040 --> 00:04:32,880
You would not want to be even sharing the same socket port even though you have separate circuits
46
00:04:42,580 --> 00:04:48,720
and just to demonstrate I've changed I'd always go back to 6 6 6 6 and we can see at the same time see
47
00:04:48,760 --> 00:04:56,760
the same socks port we are using different circuits we have different exit node IP addresses but there's
48
00:04:56,800 --> 00:05:04,120
no guarantee that ice weazel or any application will send all traffic through the Tor proxy.
49
00:05:04,120 --> 00:05:05,930
This is the problem.
50
00:05:05,950 --> 00:05:10,090
It could and classically DNS is a problem send.
51
00:05:10,090 --> 00:05:12,430
DNS is on proxied.
52
00:05:12,430 --> 00:05:20,260
You can't guarantee that whatever application you are using will abide by the proxy setting if you're
53
00:05:20,260 --> 00:05:26,380
going to be setting up other applications then you need to check for leaks and Tor has some functionality
54
00:05:26,710 --> 00:05:34,330
that allows for that if you set test socks worn in the toc file and then watch the logs as you use your
55
00:05:34,330 --> 00:05:43,690
applications or will then log for each socket connection whether is using a good variant or a bad variant
56
00:05:43,810 --> 00:05:47,570
if you want to automatically disable all bad variants.
57
00:05:47,590 --> 00:05:57,780
Then you need to also set that in the talks file a save and restart the browser.
58
00:05:58,990 --> 00:06:07,780
But really the absolute best way is to look at the traffic using a protocol analyzer such as wireshark
59
00:06:08,170 --> 00:06:16,090
on your router or firewall or on the workstation that the Tor browser is on to see if there are any
60
00:06:16,090 --> 00:06:20,200
leaks and you might want to run it for a little while as well.
61
00:06:20,200 --> 00:06:26,290
Personally I prefer to have it on the route and or firewall as all traffic goes through that if it's
62
00:06:26,290 --> 00:06:32,820
going to the Internet on a workstation maybe something will be missed in the section on detection and
63
00:06:32,830 --> 00:06:35,350
monitoring network security.
64
00:06:35,350 --> 00:06:38,840
Why are we covered this very thing.
65
00:06:39,190 --> 00:06:41,550
Well let me just give you a quick example here.
66
00:06:41,560 --> 00:06:47,680
So I'm as is aging into the router and pulling off the network traffic.
67
00:06:47,680 --> 00:06:56,620
Live with TZP dump and piping it into Wireshark.
68
00:07:03,550 --> 00:07:06,030
And there he wants doing it now.
69
00:07:06,040 --> 00:07:07,960
So it is run some traffic
70
00:07:11,290 --> 00:07:13,990
.
71
00:07:15,700 --> 00:07:18,910
There we can see the traffic
72
00:07:21,400 --> 00:07:23,900
DNS query.
73
00:07:25,220 --> 00:07:31,660
So I was concerned that there was a DNS request here that was actually being sent out of two or so.
74
00:07:31,680 --> 00:07:40,500
Yes so what that is is that's wireshark itself resolving IP addresses which is a good example of how
75
00:07:40,500 --> 00:07:44,640
other applications that you're using Don't go over the Tor network.
76
00:07:44,710 --> 00:07:55,880
So it's clear that the rest of the traffic that we see is all Tor traffic as is expected.
77
00:07:57,670 --> 00:08:04,180
As I said we cover this in it's own section monitoring and checking for traffic.
78
00:08:05,440 --> 00:08:13,150
You should also consider preventing the leaks by firewalling the traffic set a deny all rule for everything
79
00:08:13,180 --> 00:08:14,780
apart from Tor.
80
00:08:14,830 --> 00:08:20,650
See the firewall section for recommendations on firewalls and how to do that with the various operating
81
00:08:20,650 --> 00:08:25,620
systems in the example we've just gone through with eyes weazel.
82
00:08:25,720 --> 00:08:32,770
It was easy to send the application through Tor because it's supported Sock's proxies but not all applications
83
00:08:33,070 --> 00:08:39,850
have some sort of configurable way of sending its traffic through a socks proxy.
84
00:08:39,850 --> 00:08:47,470
If it doesn't the Tor Project suggest to install Privoxy which is here but you need to spend some time
85
00:08:47,530 --> 00:08:51,560
understanding Privoxy as it's for advanced users.
86
00:08:51,700 --> 00:08:58,470
If you're using an open source router you could configure Privoxy there and it's easier.
87
00:08:58,510 --> 00:09:09,400
DD w r t for example has Privoxy set up and there is somewhat of a gooey for it and Privoxy has an example
88
00:09:09,400 --> 00:09:13,770
configuration for tool with Privoxy.
89
00:09:14,760 --> 00:09:21,010
Well then Privoxy if you're unable to use the applications native proxy settings you might be able to
90
00:09:21,010 --> 00:09:26,190
force the application to use a proxy using something called a proxy fi.
91
00:09:26,350 --> 00:09:34,780
And here in front of view or a whole bunch of them proxy chains that you can see here I demo proxy chains
92
00:09:34,780 --> 00:09:38,540
and how to use that in the area on proxies.
93
00:09:38,620 --> 00:09:44,090
But again just a word of warning you do also have to trust these proxy fires.
94
00:09:44,440 --> 00:09:52,510
And units can be used to run other applications through toll even if they don't have proxy functionality
95
00:09:52,510 --> 00:09:52,660
.
96
00:09:52,660 --> 00:09:56,600
Let me remind you about how Unix does this.
97
00:09:56,830 --> 00:10:04,960
Well you can see here is a representation of the UNIX workstation here the Unix gateway here and then
98
00:10:04,960 --> 00:10:13,810
the three hop circuit of the Tor network first node second node third node and then the destination
99
00:10:14,700 --> 00:10:26,610
the Houdini's gateway here acts as both a transparent Tor proxy and a socks proxy.
100
00:10:26,740 --> 00:10:35,200
Transparent means that even if downloaded applications aren't configured to use Tor they will still
101
00:10:35,260 --> 00:10:43,750
go through the Whoniverse gateway and be transparent the Tor find transparent as in transparent or proxy
102
00:10:43,750 --> 00:10:44,050
.
103
00:10:44,050 --> 00:10:45,520
This is a good feature.
104
00:10:45,520 --> 00:10:48,970
It means you can download and install things that you need.
105
00:10:49,030 --> 00:10:53,390
And they don't need to be specifically configured to use Tor.
106
00:10:53,500 --> 00:11:03,190
They can go through the transparent proxy but no it all trans proxied apps use the same Tor circuit
107
00:11:03,900 --> 00:11:05,830
as you can see illustrated here.
108
00:11:05,980 --> 00:11:14,290
They go through the same nodes they'll have the same exit IP address and be seen as the same to the
109
00:11:14,290 --> 00:11:21,850
destination and Sox proxies on the other hand is used when an application is specifically configured
110
00:11:21,850 --> 00:11:24,010
to use Tor as a proxy.
111
00:11:24,010 --> 00:11:28,630
So for example the proxy settings within the browser.
112
00:11:29,050 --> 00:11:37,630
My personal recommendation and the safest way to run other applications over Tor is to use Unix and
113
00:11:37,630 --> 00:11:40,660
use it with cubes if you can.
114
00:11:40,660 --> 00:11:47,260
One of the main goals of Unix is to greatly reduce the risk of any additional software not exclusively
115
00:11:47,260 --> 00:11:54,970
designed to use Tor or indeed proxies to still use Tor if you install an application on the Unix workstation
116
00:11:54,970 --> 00:11:55,240
.
117
00:11:55,240 --> 00:11:59,260
You're good to go without the need to worry about protocol leaks.
118
00:11:59,290 --> 00:12:04,130
You don't get a stream in isolation but that's better than not going over Tor.
119
00:12:04,630 --> 00:12:08,680
You can use a tool hardware router with a transparent proxy.
120
00:12:08,740 --> 00:12:16,480
If your application doesn't have proxy settings or a socks proxy or with a socks proxy if your application
121
00:12:16,480 --> 00:12:23,680
does have proxy settings or you can use a router that forwards Tor traffic you can build on these yourself
122
00:12:23,680 --> 00:12:30,760
such as the one here or you can buy a commercial version then all traffic routed to the router it will
123
00:12:30,760 --> 00:12:34,450
be too refined no matter what application is.
124
00:12:34,450 --> 00:12:41,380
There are pros and cons to this and we have a separate section on toll and VPN routers.
125
00:12:41,380 --> 00:12:46,300
There are some applications that have been developed for blocking non Tor traffic.
126
00:12:46,300 --> 00:12:47,880
Here is a tall tale too.
127
00:12:48,010 --> 00:12:53,320
There is a free open source solution for Windows that transparently.
128
00:12:53,440 --> 00:12:56,970
All TZP and DNS traffic through Tor.
129
00:12:56,980 --> 00:13:01,780
You might consider this if you want to use Windows and it leaks worry you.
130
00:13:01,990 --> 00:13:04,640
I would not recommend Windows though.
131
00:13:04,660 --> 00:13:11,050
Boy you still could use this as a gateway by some sort of virtual machine and you wouldn't have to be
132
00:13:11,050 --> 00:13:14,680
using Windows as your main workstation.
133
00:13:14,710 --> 00:13:18,630
This is current or this is a tall traffic whitelist listing gateway.
134
00:13:18,630 --> 00:13:26,140
This allows only connections to all relays to pass through so no clear text leaks but client computers
135
00:13:26,140 --> 00:13:30,960
are themselves responsible for Tor firing their own traffic.
136
00:13:30,970 --> 00:13:36,390
In other words it is a filtering gateway not a proxy find gateway.
137
00:13:36,440 --> 00:13:39,210
Again set up to prevent leaks.
138
00:13:39,220 --> 00:13:42,370
You could also use this in a VM as well.
139
00:13:42,370 --> 00:13:45,890
As I said you have Unix pre-built anyway.
140
00:13:46,150 --> 00:13:52,510
So those are the various options for getting any sort of application to go through Tor making it as
141
00:13:52,600 --> 00:13:54,660
safe as possible.
15289
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.