Would you like to inspect the original subtitles? These are the user uploaded subtitles that are being translated:
1
00:00:00,750 --> 00:00:03,990
There are two main ways to configure toll.
2
00:00:04,020 --> 00:00:08,840
One is through the guily in the main browser as you can see here.
3
00:00:08,970 --> 00:00:12,510
And the other is through configuration files.
4
00:00:12,510 --> 00:00:22,380
The main configuration file is the toc file that's spelled t r r c and making changes in the Dewey edits
5
00:00:22,440 --> 00:00:27,060
this file edits the talk file and sometimes other files as well.
6
00:00:27,120 --> 00:00:34,560
But the default configuration should work in most cases and I don't recommend you make any changes until
7
00:00:34,560 --> 00:00:37,500
you really understand what you're doing.
8
00:00:37,560 --> 00:00:40,490
And I've read through the tour documentation.
9
00:00:41,100 --> 00:00:48,420
Here we are in Windows and you'll find the toc file in the Tor browser browser.
10
00:00:48,750 --> 00:00:55,620
Tor browser data Tor folder and there is the toc file.
11
00:00:56,490 --> 00:00:59,450
And in Windows that's what it looks like.
12
00:00:59,730 --> 00:01:06,460
But in tale's For example this is what it looks like.
13
00:01:06,540 --> 00:01:12,200
What's more information in on OSX.
14
00:01:12,240 --> 00:01:19,910
If you want to find the toc file you need to go to your Applications folder then find your browser icon
15
00:01:19,990 --> 00:01:20,100
.
16
00:01:20,190 --> 00:01:31,230
They need to right click or control click Show package contents and then navigate through to Tor browser
17
00:01:31,560 --> 00:01:34,790
data Tor and then talk.
18
00:01:34,860 --> 00:01:38,730
So that's the full path there to it.
19
00:01:38,730 --> 00:01:40,590
And that's the file.
20
00:01:41,430 --> 00:01:45,290
And it looks like that pretty similar to the one in Windows.
21
00:01:45,330 --> 00:01:53,820
If you can find it on any of the operating systems just do a search for the toc file TiVo or see here
22
00:01:53,820 --> 00:02:01,770
on Linux you'll find the toc file where you installed it and then browse a browser data tool.
23
00:02:02,130 --> 00:02:04,470
And then there's the toc file.
24
00:02:04,830 --> 00:02:14,220
And if you have a look at the file we can see it looks like the windows and the Mac toc file also puts
25
00:02:14,220 --> 00:02:18,460
the toc file in user local ATC tool.
26
00:02:18,480 --> 00:02:31,410
If you compiled all from source and ATC Tor or ATC if you installed a prebuilt package to get familiar
27
00:02:31,410 --> 00:02:33,320
with the toc file and how to use it.
28
00:02:33,540 --> 00:02:43,110
There is a manual here and if you go down you can see the command line options here and a bit further
29
00:02:43,110 --> 00:02:43,470
down.
30
00:02:43,470 --> 00:02:46,500
You can also find the general options.
31
00:02:46,500 --> 00:02:50,980
These are the options used within the toc file.
32
00:02:51,750 --> 00:03:00,840
You can also man tall and there's a lot of information in there as well which is quite useful to also
33
00:03:00,840 --> 00:03:09,140
provides a sample Tor configuration file for common configurations which is quite useful.
34
00:03:09,200 --> 00:03:16,740
So if you're struggling maybe you have examples in here and it's got some good commentary as well.
35
00:03:17,370 --> 00:03:21,240
So I'll give you an example of editing the talk fine.
36
00:03:21,270 --> 00:03:29,850
One of the common changes that people make is to alter the geographic location of their entry or exit
37
00:03:29,850 --> 00:03:30,470
node.
38
00:03:30,630 --> 00:03:33,910
And here we are on the FAA queue.
39
00:03:34,350 --> 00:03:41,410
And we can see the entries that are required in order to change them so its entry nodes exit nodes.
40
00:03:41,670 --> 00:03:49,560
And if we go down here we actually need to put in the country code and as it says here is the ISO standard
41
00:03:49,560 --> 00:03:50,900
for country code.
42
00:03:51,190 --> 00:03:53,090
And so it's these the.
43
00:03:53,100 --> 00:03:54,860
For Germany for example.
44
00:03:55,050 --> 00:04:00,330
So that's going to Debian is it the top file
45
00:04:03,690 --> 00:04:11,070
that's going to force the Tor browser to go via a German node German entry node.
46
00:04:13,350 --> 00:04:19,680
And that's going to force it to go through the United Kingdom or Great Britain G-B to save them
47
00:04:23,350 --> 00:04:30,240
.
48
00:04:39,780 --> 00:04:41,180
And there we are.
49
00:04:41,310 --> 00:04:45,540
So we've gone through Germany exit and the United Kingdom.
50
00:04:45,930 --> 00:04:53,040
You may have noticed here you can also specify the actual relays that you want to use on or different
51
00:04:53,040 --> 00:04:57,290
relays that you want to use by putting in their fingerprint here.
52
00:04:58,440 --> 00:05:07,560
If we have a look at the consensus here let's pick a relay at random kittens on tour and we're going
53
00:05:07,560 --> 00:05:15,660
to go to Atlas here which is Atlas dot Torv project dot all place that in
54
00:05:18,810 --> 00:05:25,290
and here we can see the relay and its ports some flags and when it does it's a fast one.
55
00:05:25,290 --> 00:05:32,010
Click on here and there's a fingerprint there so we could select that
56
00:05:37,690 --> 00:05:42,200
and thereby that relay instead.
57
00:05:42,310 --> 00:05:47,190
Now if you pick a relay it has to be the sort of relay that you're after.
58
00:05:47,190 --> 00:05:53,340
So it would have to work or function as a guard if you're going to have it as a guard.
59
00:05:53,400 --> 00:06:02,420
There may or may not be a benefit to changing the country or relay of the entry and or exit node.
60
00:06:02,500 --> 00:06:05,970
It all depends on the type of attack you're trying to mitigate.
61
00:06:06,090 --> 00:06:14,640
If your adversary is using secret deals with telcos to enable man on the side attacks then using relays
62
00:06:15,030 --> 00:06:21,840
out of their sphere of influence because they maybe can't get to that particular telco will definitely
63
00:06:21,840 --> 00:06:29,620
help you if on the other hand your adversary is performing some sort of simple attack in combination
64
00:06:29,620 --> 00:06:36,210
with a correlation attack where he can run his own relays is not going to help you.
65
00:06:36,420 --> 00:06:41,530
I'll talk more about Sibylle attacks and co-relation attacks in their own section.
66
00:06:41,620 --> 00:06:45,610
Tor chooses Sirk is based on net work load.
67
00:06:45,690 --> 00:06:51,950
If you make manual changes to the search kit this could make you stand out.
68
00:06:52,000 --> 00:06:58,320
I don't recommend you make manual changes to the suitcase unless you really know what you're doing.
69
00:06:58,710 --> 00:07:05,430
In order for the configuration within the TOC file to take effect you need to restart the Tor browser
70
00:07:06,420 --> 00:07:08,150
or alternative.
71
00:07:08,160 --> 00:07:15,700
You can also issue a kill minus sign up Tor which will have the same effect but usually it's better
72
00:07:15,690 --> 00:07:20,130
to just restart the Tor browser to finish off.
73
00:07:20,130 --> 00:07:27,870
I'm going to go through the example talk fire with you so you can get a better idea of the syntax and
74
00:07:27,880 --> 00:07:30,940
what it is you can do with the TOC file.
75
00:07:31,000 --> 00:07:35,350
So let's go down here we can see here these hashes.
76
00:07:35,430 --> 00:07:41,940
All of these hashes need to be removed for a command such as this to take effect.
77
00:07:41,940 --> 00:07:45,900
Hashes are just comments as they are in most documents.
78
00:07:45,900 --> 00:07:47,510
So here line 18.
79
00:07:47,580 --> 00:07:56,420
This tells tall to open a socks proxy on this post 1950 which is for all applications to use to send
80
00:07:56,460 --> 00:07:58,840
traffic via Tor.
81
00:07:59,380 --> 00:08:08,430
And here we are brining it to a specific IP address and port said it sucks port 0 if you're only running
82
00:08:08,460 --> 00:08:13,130
a relay and not sending traffic through the relay yourself.
83
00:08:13,170 --> 00:08:14,830
That might be a rare occasion.
84
00:08:14,820 --> 00:08:20,460
We're going to talk more about the socks port shortly and how you put other applications through it
85
00:08:20,460 --> 00:08:21,940
.
86
00:08:22,000 --> 00:08:30,250
These are the entry policies to allow or deny Sock's requests based on their IP address.
87
00:08:30,250 --> 00:08:38,070
And I think the syntax is pretty obvious that an X set and that is for this network with a slash 16
88
00:08:38,080 --> 00:08:42,360
subnet mask go down a little bit you can see here.
89
00:08:42,370 --> 00:08:51,880
This enables logging and enables notice level logging to this file and then we have a similar one here
90
00:08:51,880 --> 00:08:59,320
where we've got debug level logging to this file and then we can also send to CIS log as well.
91
00:08:59,380 --> 00:09:04,290
But warning you don't want to be doing logging if you're concerned about local forensics.
92
00:09:04,290 --> 00:09:13,450
This would only be for testing or if you don't care about local forensics 49 this is to run Tor as a
93
00:09:13,750 --> 00:09:16,060
demon process in the background.
94
00:09:16,120 --> 00:09:22,030
For example if you don't want the Tor browser running at the same time this does not work in Windows
95
00:09:22,050 --> 00:09:24,910
as it says here.
96
00:09:25,050 --> 00:09:35,070
This is the control port set it 90 50 warm applications can remotely controlled Tor by issuing commands
97
00:09:35,080 --> 00:09:43,150
to this port and you can establish authentication with these and as default is set up for authentication
98
00:09:43,230 --> 00:09:45,090
using cookee authentication.
99
00:09:45,100 --> 00:09:48,120
At least it is on the ones I've seen.
100
00:09:48,120 --> 00:09:50,060
Move down a little bit.
101
00:09:50,790 --> 00:09:58,240
If you're wanting to run a hidden service that means a service that is on the dark web or a dot on your
102
00:09:58,250 --> 00:10:03,090
own server this is part of how you would start to enable it.
103
00:10:03,220 --> 00:10:09,640
So here this is how you set the directory for what people will connect to.
104
00:10:10,290 --> 00:10:16,290
And this is how you set the port to redirect to local host and then port 80.
105
00:10:16,330 --> 00:10:19,240
And here we have other examples.
106
00:10:19,650 --> 00:10:27,700
As I've said I recommend Debian and or nix for setting up hidden services or relays or bridges and for
107
00:10:27,690 --> 00:10:32,760
setting or relays we have the options here for how you do that.
108
00:10:32,790 --> 00:10:36,460
The Allport here set at nine thousand one.
109
00:10:36,480 --> 00:10:41,290
This is the poor use to advertise for incoming Tor connections.
110
00:10:41,320 --> 00:10:48,690
If you are a relay if you're wondering what ports are used to connect to by default install or what
111
00:10:48,690 --> 00:10:51,130
port you might need to open on a firewall.
112
00:10:51,150 --> 00:10:59,030
Well two attempts to connect on any port that is advertised in the directory as an or port for making
113
00:10:59,040 --> 00:11:04,510
toll connections or a D R port for fetching updates to the directory.
114
00:11:04,530 --> 00:11:07,300
There are a variety of these ports.
115
00:11:07,380 --> 00:11:15,660
Many of them are running on port 80 for 4:03 9000 wan and nine thousand thirty but many other ports
116
00:11:15,660 --> 00:11:16,310
are used.
117
00:11:16,420 --> 00:11:22,490
And as you can see here you can configure this to be whatever port it is that you want.
118
00:11:22,600 --> 00:11:33,850
You can here set up the DNS name for your relay and here you can set up the nickname for your relay
119
00:11:33,860 --> 00:11:34,610
.
120
00:11:35,380 --> 00:11:41,410
Then you've got a whole bunch of bandwidth options for limiting bandwidth throttling traffic allowing
121
00:11:41,400 --> 00:11:44,500
bursty traffic.
122
00:11:44,730 --> 00:11:52,210
This is what port advertised for directory connections which we mentioned just a second ago and here
123
00:11:52,210 --> 00:11:54,980
are your exit policy rules.
124
00:11:55,380 --> 00:12:00,340
So here for example as it says here is allowing I.R.S. ports.
125
00:12:00,340 --> 00:12:04,440
These are the IOC ports on IPV for an IP V-6
126
00:12:07,340 --> 00:12:10,140
here accepting and a.p pause.
127
00:12:10,150 --> 00:12:22,620
News groups here accepting and reports that on IPV for only and this is IP V-6 only an exit is allowed
128
00:12:22,750 --> 00:12:23,000
.
129
00:12:23,080 --> 00:12:25,830
You get an idea of the kind of syntax.
130
00:12:26,010 --> 00:12:34,690
Now if you want to set up your relay as a bridge with this command here and if you want to run a private
131
00:12:34,680 --> 00:12:45,920
bridge and this command here the TOC dash defaults file contains the default settings for Tor.
132
00:12:45,930 --> 00:12:49,370
This is a file not intended to be edited.
133
00:12:49,380 --> 00:12:56,420
The TOC file is what should be edited but this shows you what TOR is essentially set up to do.
134
00:12:56,520 --> 00:13:03,870
And here we can see we have our SoCs port open on 9 1 5 show allowing IPV 6 traffic etc..
135
00:13:03,930 --> 00:13:11,700
Our control port here there is the cookie authentication for the control pool and these are the pluggable
136
00:13:11,700 --> 00:13:17,130
transports that are available for this Tor configuration.
137
00:13:17,220 --> 00:13:21,210
As I said you do not edit that file you know edit this file.
138
00:13:21,210 --> 00:13:22,650
You would add it.
139
00:13:22,650 --> 00:13:29,000
The TOC file which is this one and that would override the default file.
140
00:13:29,040 --> 00:13:30,700
So that's the TOC file.
141
00:13:30,690 --> 00:13:32,440
Hope that has helped.
15110
Can't find what you're looking for?
Get subtitles in any language from opensubtitles.com, and translate them here.