Hi -------- Original Message -------- From: Matthew Kaufman <mkfmn...@gmail.com> Apparently from: tor-talk-boun...@lists.torproject.org To: "tor-talk@lists.torproject.org" <tor-talk@lists.torproject.org> Subject: Re: [tor-talk] wget - secure? Date: Sat, 26 May 2012 19:14:51 -0400
> Hello, > > Thanks for these config settings, Does it also leak if I use: > > torify wget http://example.com > > ? > > Is this what torify does? I dont understand what you're asking. Does _what_ also leak? In my http tests [1] DNS and Headers didn't leaked (SOCKS4a and SOCKS5), but, I couldn't test the IP issue with FTP PORT Robert Randsom wrote about (I'm ignorant of testing methods). I cant write about torify as I didn't test. But yes, I believe it can be used to 'force' wget through Tor. Whether that would help with the FTP IP Robert Randsom wrote about, I have no clue, I don't know if torify does FTP. [1] https://lists.torproject.org/pipermail/tor-talk/2012-May/024390.html > > On Saturday, May 26, 2012, wrote: > > > Hi, > > > > -------- Original Message -------- > > From: helpfuln...@safe-mail.net > > Apparently from: tor-talk-boun...@lists.torproject.org <javascript:;> > > To: tor-talk@lists.torproject.org <javascript:;> > > Subject: [tor-talk] wget - secure? > > Date: Sat, 26 May 2012 18:39:04 -0400 > > > > > Hi again :) > > > > > > >On Fri, Apr 20, 2012 at 17:15, Robert Ransom <rransom.8774 at gmail.com> > > wrote: > > > > > > > >>On 2012-04-18, Joseph Lorenzo Hall <joehall at gmail.com> wrote: > > > >> > > > >>The underlying point is that it would be neat if > > > >>you've done a comprehensive analysis of a specific version of Tor, > > > >>etc., etc. > > > > > > >No, the underlying point is that I have personally seen wget send my > > > >computer's IP address over Tor in an FTP PORT command. wget is not > > > >‘100% safe’. > > > > > > > >The code to send a PORT command is still present in wget 1.13.4. wget > > > >1.13.4 is not ‘100% safe’; anyone who wants to recommend it needs to > > > >specify a particular configuration of wget which is safe. (Don't > > > >count on a ‘default configuration’; Linux distributors might have > > > >messed with it, or failed to update it to the version shipped in > > > >recent wget source distributions.) > > > > > > Hi there Robert Randsom, thanks for such good info. Can you please point > > me to documents, or directions, to test FTP PORT command with my setup: > > Wget 1.13.4 (openssl 1.0.0g), Privoxy v3.0.19, , and Wireshark 1.6.8, on > > Windows 7 x64 Home Premium SP1? > > > > > > I want to test what you write, and so far I tried 'host IPadress' [1], > > at a FreeBSD FTP server [2], but I didn't know what to look for; am I on > > the right track? For now, I close port 21 on my computer, when using Wget; > > is that good enough for now? > > > > > > I look to see if there's a way to disable FTP, but nope, and that's > > probally showing my noobiesness, ha. Anyway, if I can help I'm happy to be > > helpful, so, drop me a line! :) > > > > > > Here's how I started Wget: > > > > > > wget -c --no-parent ftp://ftp.freebsd.org/pub/FreeBSD/ > > > > > > I forgot to add the settings for Wget, but they're big, and they're in > > another message I sent the list, the Tor specific settings for Wget are in > > wgetrc.txt and are: > > use_proxy = on > > http_proxy = http://127.0.0.1:8118/ > > > > However, I added other settings to my wgetrc, they'll be in the other > > message. Sorry! > > _______________________________________________ > > tor-talk mailing list > > tor-talk@lists.torproject.org <javascript:;> > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > > _______________________________________________ > tor-talk mailing list > tor-talk@lists.torproject.org > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk _______________________________________________ tor-talk mailing list tor-talk@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
