On 07/15/2014 06:29 AM, Red Sonja wrote: <SNIP>
>>> But when most people ask the answers are like this. How's >>> «properly configured»? How do I know it is properly >>> configured? >> >> Ultimately, you know that when it works, and it doesn't leak, no >> matter how you try to break it. Sorry :( > > No matter? Like using a credit card or just your real address? When you're testing, you don't reveal anything that matters. >> Actually, the "properly configured" part is easy: >> >> SocksPort 127.0.0.1:9050 DnsPort 127.0.0.1:53 >> >> The hard part is the iptables rules. I'll post something useful >> ASAP. > > Thank you. OK, I have a basic set of iptables rules for Debian that block everything except Tor. But they are undoubtedly not elegant, because my iptables skills are iffy :( I also have instructions for leak testing. However, the whole thing is far too long and involved to post on the list. So, please see http://tor.stackexchange.com/questions/3578/how-do-i-setup-tor-on-debian-for-secure-use-as-a-socksproxy. >>> The wiki is quite messy. And you have old stuff and new stuff. >>> None is dated so the new stuff can be old as well. >> >> I agree. It's confusing. > > As all the info in this area is only on a temporary basis, see > Heartbleed and the rest, there should be a large banner with tall > bold red letters with the year: 2010 this is how you do IRC over > Tor, 2012 this is how you do IRC... > >>> I fully agree with you: complex apps are simply complex. I want >>> basic tools and for that I am ready to pass the GUI and go for >>> the shell. But how do I test for leaks? >> >> You install Wireshark, and then capture on eth0. You should see >> no non-local traffic except with your entry guards. > > Does it work with Wifi? Yes, it should, but I'm not set up to test that. <SNIP> -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
