On Fri, Mar 28, 2014 at 5:34 PM, Mike Perry wrote:
> Here's a set of rules to try both --ctstate and --state invalid, as well
> as log which ones get hit, for testing purposes. Note the use of -A in
> this case, for readability wrt ordering. These rules should come before
> any other rule in the O
Velope on IRC suggested a better workaround. It turns out these
connections actually end up in state INVALID when the transproxy side
dies. I tested this with my repro case and confirmed that the --ctstate
rule is working by itself.
Additional iptables rules inline below. Preserving full original
grarpamp wrote (28 Mar 2014 21:02:35 GMT) :
> [...] what happens with entire vm IP transproxy (perhaps like
> Tails)?
Tails only uses a transproxy for the automapped .onion addresses:
https://tails.boum.org/contribute/design/Tor_enforcement/
Cheers,
--
intrigeri
| GnuPG key @ https://gaffer.p
On Fri, Mar 28, 2014 at 3:43 PM, Mike Perry wrote:
> I've discovered that the Linux kernel appears to have a leak in how it
> applies transproxy rules to the TCP CLOSE_WAIT shutdown condition under
> certain circumstances.
> ...
> At this point, you will see a FIN ACK or RST ACK packet appear in y
http://blogs.wsj.com/law/2014/03/27/doj-pushes-to-expand-hacking-abilities-against-cyber-criminals
http://arstechnica.com/tech-policy/2014/03/feds-want-an-expanded-ability-to-hack-criminal-suspects-computers
http://news.slashdot.org/story/14/03/28/0242232/doj-pushes-to-expand-hacking-abilities-agai
Hello all,
I've discovered that the Linux kernel appears to have a leak in how it
applies transproxy rules to the TCP CLOSE_WAIT shutdown condition under
certain circumstances. This applies to both the kernels in use by common
Android devices (Cyanogenmod 10.x and 11-M4), as well as the Linux
kern
--On Thursday, March 27, 2014 10:11 PM +0800 Hongyi Zhao
wrote:
> Yes, I'm from China. And the GFW is a annoying thing ;-(
It protects you from american spying though. Whereas Tor enables it.
>
>
> 2014-03-27 16:55 GMT+08:00 Roger Dingledine :
>
>> On Thu, Mar 27, 2014 at 03:5
version 0.6.2 of the "Beginner Friendly Comprehensive Guide to
Installing and Using a Safer Anonymous Operating System" is now online.
the guide covers the following:
- installing debian on a luks encrypted usb drive, or on a luks
encrypted hd partition to be unlocked with a usb boot key.
- inst
Hello,
My problem is that if I want to host a relaying point, I have to release my
Hamachi adapter, otherwise Tor resolves it's IP as my external, so others
can't join. I tried to change the adapter order but it didn't help. Also,
if I renew my Hamachi IP after Tor set up the relaying and done por
Hey Andrew,
Frankly, I admire Tor Project. I'm writing about censorship, privacy,
surveillance ands similar subjects over a year. If I didn't have Tor or
other anonymity tools, I wouldn't express myself freely. Maybe I
auto-censor or self-censor my thoughts or writings I though. Actually, I
need t
Hi John
interesting. Maybe you want to look at http://firefloo.sf.net , which is as
well a decentral messaging hybrid with XMPP. When you swaped encryption
keys, and set the proxy to Tor, then all friends with the lock-sign in the
friendslist are sent over Tor. All your criteria are given and reali
11 matches
Mail list logo
