| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061 | 
    Part one: Overview and explanationBecause tor is an application-level proxy, it needs client-side supportfrom every client program that wants to use it. (This is different fromsystems like Freedom, which used a single client-side program to captureall packets and redirect them to the Freedom network.) Client applicationsneed two general classes of modifications to be compatible with tor:1) Whenever they call connect(), they instead should connect() to thelocal onion proxy and tell it "address and port". The onion proxy willitself make a connection to "address and port", and then the clientapplication can talk through that socket as if it's directly connected. Tosupport as many applications as possible, tor uses the common "socks"protocol which does exactly the above. So applications with socks supportwill support tor without needing any modifications.2) Applications must not call gethostbyname() to resolve an addressthey intend to later connect() to via onion routing. gethostbyname()contacts the dns server of the target machine -- thus giving away thefact that you intend to make an anonymous connection to it.To clarify, I need to explain more about the socks protocol. Sockscomes in three flavors: 4, 4a, and 5. The socks4 protocol basicallyuses IP and port -- so it is unsuitable because of the gethostbyname()issue above. Socks4a is a slight modification to the socks4 protocol,whereby you can specify an IP of 0.0.0.x to signal the socks serverthat you will instead be sending a hostname (fqdn). So applications withsocks4a support are all set. Socks5, on the other hand, allows the clientto specify "address type" and then an address -- so some applicationschoose to supply an IP and others choose to supply a hostname. If theapplication uses socks5 you must investigate further to decide whetherit's leaking anonymity.    Part two: using tsocks to transparently replace library callstsocks (available from http://tsocks.sourceforge.net/ or from yourfavorite apt-get equivalent) allows you to run a program as normal,but it replaces the system calls for connect() to connect to the socksserver first and then pass it your destination info. In our case thesocks server is a tor process (running either locally or elsewhere).In general this works quite well for command-line processes like finger,ssh, etc. But there are a couple of catches: A) tsocks doesn't interceptcalls to gethostbyname. So unless you specify an IP rather than hostname,you'll be giving yourself away. B) Programs which are suid don't let youintercept the system calls -- ssh falls into this category. But you canmake a local copy of ssh and use that. C) Probably tsocks doesn't behavewell for behemoths like Mozilla.    Part three: applications which support tor correctlyhttp: Mozilla: set your socks4 proxy to be the onion proxy (but see above)      privoxy: set your socks4a proxy to be the onion proxyssh: tsocks ssh arma@18.244.0.188ftp: tsocks wget ftp://18.244.0.188/quux.tar --passive     Mozilla: set your socks4 proxy to be the onion proxy
 |