try to use Proxifier, QQ sometimes bypasses your proxy setting.... 2015-01-03 11:09 GMT+08:00 盼盼李 <ilovelipan...@gmail.com>:
> Thanks.virtualbox xp system is host-only,I can use chrome and tor browser > to surf internet,I see the proxy is 127.0.0.1 9150,so I write this into > QQ's proxy settings,but the QQ can not log in,I did not know why,the > virtualbox xp system's firewall is off. > This is the phenomenon,help me,thank you. > > On Sat, Jan 3, 2015 at 10:30 AM, <tor-talk-requ...@lists.torproject.org> > wrote: > > > Send tor-talk mailing list submissions to > > tor-talk@lists.torproject.org > > > > To subscribe or unsubscribe via the World Wide Web, visit > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > or, via email, send a message with subject or body 'help' to > > tor-talk-requ...@lists.torproject.org > > > > You can reach the person managing the list at > > tor-talk-ow...@lists.torproject.org > > > > When replying, please edit your Subject line so it is more specific > > than "Re: Contents of tor-talk digest..." > > > > > > Today's Topics: > > > > 1. Re: Hidden Service Hosting (Free experimental, offer) (Xiaolan.Me) > > 2. problem with qq while toring (???) > > 3. Re: problem with qq while toring (Sadiq Saif) > > 4. Re: problem with qq while toring (Xiaolan.Me) > > 5. Re: Giving Hidden Services some love (Jesse B. Crawford) > > 6. Re: Hidden Service Hosting (Free experimental, offer) > > (Thomas White) > > > > > > ---------------------------------------------------------------------- > > > > Message: 1 > > Date: Sat, 3 Jan 2015 09:43:24 +0800 > > From: "Xiaolan.Me" <xiaolan65...@gmail.com> > > To: tor-talk@lists.torproject.org > > Subject: Re: [tor-talk] Hidden Service Hosting (Free experimental, > > offer) > > Message-ID: > > <CAJaLD9Ko___=_EGaq= > > qsm95_v_n8xleai+orf2vcq1c025e...@mail.gmail.com> > > Content-Type: text/plain; charset=UTF-8 > > > > I am using another way to solve IP leaks problem. > > my host-os is CentOS and only installed VirtualBox > > I have 2 virtual machines running on the host-os > > the first one is a CentOS with 2 network adapter, one is NAT , another is > > Internal(ip: 192.168.222.1). > > it running Tor and ShadowSocks(bypass GFW) , Tor through ShadowSocks and > > listen on 192.168.222.1:9050 (Internal Adapter) > > > > > > Another is also CentOS and running apache, only one network > > adapter(Internal ip:192.168.222.2) > > when this virutal machine wants to access internet , must set socks5 > proxy > > to 192.168.222.1:9050 > > so even this VM gets hacked, the attacker still can't know the real > IP.... > > > > 2015-01-03 6:21 GMT+08:00 Larry Brandt <lbra...@cni.net>: > > > > > I'm interested but a slow mover. Work sometimes gets in my way. I am > > > putting together pages for a hidden site but I don't think I can be > ready > > > to put it on line til month's end. It will be a legal site everywhere. > > > This is a wonderful offer Thomas. Hope someone takes you up on it. > > > Larry Brandt > > > > > > > > > Just wanted to point out that I think it's awesome Thomas is doing > this! > > > Buy him a beer if you see him. > > > > > > Tom > > > > > > > > > > > > Thomas White schreef op 02/01/15 om 09:42: > > > > > > Hey all, > > >> > > >> So following my other mail, I just want to offer people on this > > >> mailing list a chance to test something out before I go into the wider > > >> public with it. > > >> > > >> I have been reviewing some ways in which to offer "hosting" solutions > > >> for hidden services, and although there are ways to do like regular > > >> shared hosting environments by isolating users on an apache server for > > >> example, I feel a little experimental way to give people more freedom > > >> is to assign individual VPS's which are accessed via a separate .onion > > >> over SSH. For example, the HS address would be example1*.onion but to > > >> SSH into it, for security, would use a different address such as > > >> sshaddress*.onion. This ensures no user of the service would know the > > >> true IP of the server it is hosted on and allows for shared > > >> environments without putting others at risk. > > >> > > >> If anyone wants to test this out with me, I am offering the VPS for > > >> free for a few weeks/months so I can get the architecture right and > > >> fine tune the setup. All the traffic on the VPS is automatically > > >> routed through Tor so IP leaks won't be a huge problem, but of course > > >> you still maintain responsibility for the security of your machine and > > >> whatever you install on it. The use cases are unlimited but for > > >> obvious reasons it must be legal under British & Swedish law (feel > > >> free to ask beforehand but if it is legal I will defend it to the best > > >> of my ability). > > >> > > >> If you'd like to take up this offer and try it out please email me > > >> privately (my key is below). I ask that if you wish to request one, > > >> please mention anything specific like RAM/CPU/Hard disk requirements > > >> (no bandwidth limitations) so I can appropriately assign them. For now > > >> unfortunately only debian installs will be available and nothing > > >> except sshd will come preconfigured on the VPS so if you aren't > > >> familiar with the command line on debian you may not find this useful. > > >> Also any custom onion address you want please keep it to 7 characters > > >> or below for now as my GPU is really on it's last limb after > > >> generating over 1.4 million keys. > > >> > > >> I offer no guarantees on the availability of this, nor do I take > > >> responsibility for it, this is an entirely experimental project and I > > >> am hoping any participants take up this offer to perhaps > > >> mirror/reverse proxy their blogs, or of course bring any interesting > > >> ideas to the table. All feedback on it is welcome too > > >> > > >> Time to give these hidden services some lovin' > > >> > > >> Regards, > > >> T > > >> > > > -- > > > tor-talk mailing list - tor-talk@lists.torproject.org > > > To unsubscribe or change other settings go to > > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > > > > > > > > ------------------------------ > > > > Message: 2 > > Date: Sat, 3 Jan 2015 09:49:01 +0800 > > From: ??? <ilovelipan...@gmail.com> > > To: tor-talk@lists.torproject.org > > Subject: [tor-talk] problem with qq while toring > > Message-ID: > > <CAJr25e_77saKJHRE5na=CpgtnmvWVXQoyBSgLtyGbWodbe= > > 2...@mail.gmail.com> > > Content-Type: text/plain; charset=UTF-8 > > > > i start tor on a virtualbox xp system,host-only mode,i start tor > > successfuly,but I have problem when I want to start QQ,anyone can help? > 3x! > > > > > > ------------------------------ > > > > Message: 3 > > Date: Fri, 02 Jan 2015 20:50:50 -0500 > > From: Sadiq Saif <li...@sadiqs.com> > > To: tor-talk@lists.torproject.org > > Subject: Re: [tor-talk] problem with qq while toring > > Message-ID: <54a74afa.2010...@sadiqs.com> > > Content-Type: text/plain; charset=UTF-8 > > > > On 1/2/2015 20:49, ??? wrote: > > > i start tor on a virtualbox xp system,host-only mode,i start tor > > > successfuly,but I have problem when I want to start QQ,anyone can help? > > 3x! > > > > > > > Hi, > > > > Can you be more explicit please? Are you seeing any error messages, if > > so what are them? > > > > -- > > Sadiq Saif > > https://staticsafe.ca > > > > > > ------------------------------ > > > > Message: 4 > > Date: Sat, 3 Jan 2015 09:57:54 +0800 > > From: "Xiaolan.Me" <xiaolan65...@gmail.com> > > To: tor-talk@lists.torproject.org > > Subject: Re: [tor-talk] problem with qq while toring > > Message-ID: > > < > > cajald9+zfvfomt07mj-1emdhstaiscg01spdg38dhda95gd...@mail.gmail.com> > > Content-Type: text/plain; charset=UTF-8 > > > > check host-os' port or firewall > > =================== > > ??????????? ????????? > > > > > > 2015-01-03 9:49 GMT+08:00 ??? <ilovelipan...@gmail.com>: > > > > > i start tor on a virtualbox xp system,host-only mode,i start tor > > > successfuly,but I have problem when I want to start QQ,anyone can help? > > 3x! > > > -- > > > tor-talk mailing list - tor-talk@lists.torproject.org > > > To unsubscribe or change other settings go to > > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > > > > > > > > ------------------------------ > > > > Message: 5 > > Date: Fri, 02 Jan 2015 18:06:53 -0800 > > From: "Jesse B. Crawford" <je...@jbcrawford.us> > > To: tor-talk@lists.torproject.org > > Subject: Re: [tor-talk] Giving Hidden Services some love > > Message-ID: <54a74ebd.5070...@jbcrawford.us> > > Content-Type: text/plain; charset=windows-1252 > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > On 2015-01-02 15:55, s7r wrote: > > > > > > .onion Tor Hidden Services _already provide end to end encryption > > > and authentication_ when used with the default http. They are not > > > vulnerable to man in the middle attacks or hijacks. On top of this > > > primary layer of encryption, there are more crypto layers in the > > > Tor circuits connecting a client to a hidden service. > > > > Respectfully, I think many people are missing the point of why there > > is interest in HTTPS for Tor hidden sites. I think it is generally for > > authentication, not session encryption. > > > > Facebook having a signed SSL certificate for their hidden service > > reliably anchors it to their corporate identity, preventing phishing > > attacks and giving users confidence. > > > > Really, the phishing problem for hidden sites is very bad. Hidden site > > addresses, even "vanity" ones, contain a lot of random hexadecimal > > characters that no one looks at. This makes it very easy to get > > someone to click to the wrong domain. > > > > Using a "vanity" address should be considered a best practice against > > this since it requires attackers to put computational power into > > finding another address with the same first n characters, but it only > > increases the cost of the attack. I suspect that in the whole it is > > still easier than for non-hidden services since users not deceived by > > facebook.com.sketchy.ru will likely still be deceived by > > facebook[differenthexcharacters].onion. > > > > I think this is a smaller risk profile for hidden services than open > > internet websites since 1) users of hidden services will tend to be > > more security conscious (although easy-to-use tools like the browser > > bundle make this less true than it used to be) and 2) users will not > > generally expect to get emails etc. with links to hidden services. But > > of course 2 depends on 1 to some extent. > > > > Obviously this identity authentication is completely irrelevant when > > the hidden site operator intends to remain anonymous, but some hidden > > site operators, like Facebook, do not. They benefit from the strong > > authentication that SSL provides and Tor's built-in encryption does not. > > > > (Well, Tor's built-in encryption does provide reliable tying of a > > hidden service to its address - but so does DNS in most practical > > situations, the whole problem is that users do not check that the > > hostname/hidden service key is exactly correct but will hopefully > > respond better to their browser's SSL indicator) > > > > Yes, the CA infrastructure is not the best solution to the > > authentication problem, but it is the best solution that is > > implemented in user agents right now, so I think it is obvious and > > desirable that hidden service operators that wish to prove their > > identity as a corporation or natural person will use it. > > > > (note: here we are using measures like GPG to prove our identities to > > any list members who care that much - because of the huge risk of > > phishing ALL web users should care that much) > > > > Jesse B. Crawford > > Student, Information Technology > > New Mexico Inst. of Mining & Technology > > > > https://jbcrawford.us // je...@jbcrawford.us > > https://cs.nmt.edu/~jcrawford // jcrawf...@cs.nmt.edu > > -----BEGIN PGP SIGNATURE----- > > Version: GnuPG v2 > > > > iQEcBAEBAgAGBQJUp069AAoJEBPrCUVAhb3Bo60H/026+eUWVs3jlvWQBZ/2Sm1+ > > ITYxiv7w9cxC9yQemJzFlHhOsZzPbzr8KmUzZsGvN3erQM/OHZZnnXlMKfpS/j0u > > YTHq3nM4395OpNsPPghTzWUKijw9mb4MNZi8qyeuXz12ddI1tIWUkb1VmXIWJx7w > > Ibgr0jS7L2Br0ZZg/DDgU4xV8jkQn98H8Jqi31mDZ10ymS4vdLwCi6sVu1lA7wcu > > 7Ho6/AfZ1PHdhFoioQmA+k9ZjGAji7mI9FkM0rGl4uwhDbihRgMu6HOP/VAtu/WC > > lGBt3Gw3CAuhh7pkbD7MF56j1AaWQsSRkPWgaToo+rvFmZrQ8hL+LotnTaiK/5E= > > =pWLV > > -----END PGP SIGNATURE----- > > > > > > ------------------------------ > > > > Message: 6 > > Date: Sat, 03 Jan 2015 02:29:43 +0000 > > From: Thomas White <thomaswh...@riseup.net> > > To: tor-talk@lists.torproject.org > > Subject: Re: [tor-talk] Hidden Service Hosting (Free experimental, > > offer) > > Message-ID: <54a75417.2000...@riseup.net> > > Content-Type: text/plain; charset=windows-1252 > > > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA512 > > > > Very similar to the setup I have in terms of using one virtual machine > > as a Tor gateway for others to connect to via an internal network. My > > concern is how well the model will scale and whether it can hold > > multiple high traffic hidden services. I am looking around the config > > options to see what can be optimised etc. > > > > Question to the tor devs: In the torrc when setting "NumEntryGuards > > NUM", does this specify how many guards may be used simultaneously or > > only how many from a pool may be rotated between? Any input on how to > > speed up the connection (losing a little location anonymity is fine > > right now) for hidden services would also be appreciated :) > > > > T > > > > Xiaolan.Me: > > > I am using another way to solve IP leaks problem. my host-os is > > > CentOS and only installed VirtualBox I have 2 virtual machines > > > running on the host-os the first one is a CentOS with 2 network > > > adapter, one is NAT , another is Internal(ip: 192.168.222.1). it > > > running Tor and ShadowSocks(bypass GFW) , Tor through ShadowSocks > > > and listen on 192.168.222.1:9050 (Internal Adapter) > > > > > > > > > Another is also CentOS and running apache, only one network > > > adapter(Internal ip:192.168.222.2) when this virutal machine wants > > > to access internet , must set socks5 proxy to 192.168.222.1:9050 so > > > even this VM gets hacked, the attacker still can't know the real > > > IP.... > > > > > > 2015-01-03 6:21 GMT+08:00 Larry Brandt <lbra...@cni.net>: > > > > > >> I'm interested but a slow mover. Work sometimes gets in my way. > > >> I am putting together pages for a hidden site but I don't think I > > >> can be ready to put it on line til month's end. It will be a > > >> legal site everywhere. This is a wonderful offer Thomas. Hope > > >> someone takes you up on it. Larry Brandt > > >> > > >> > > >> Just wanted to point out that I think it's awesome Thomas is > > >> doing this! Buy him a beer if you see him. > > >> > > >> Tom > > >> > > >> > > >> > > >> Thomas White schreef op 02/01/15 om 09:42: > > >> > > >> Hey all, > > >>> > > >>> So following my other mail, I just want to offer people on > > >>> this mailing list a chance to test something out before I go > > >>> into the wider public with it. > > >>> > > >>> I have been reviewing some ways in which to offer "hosting" > > >>> solutions for hidden services, and although there are ways to > > >>> do like regular shared hosting environments by isolating users > > >>> on an apache server for example, I feel a little experimental > > >>> way to give people more freedom is to assign individual VPS's > > >>> which are accessed via a separate .onion over SSH. For example, > > >>> the HS address would be example1*.onion but to SSH into it, for > > >>> security, would use a different address such as > > >>> sshaddress*.onion. This ensures no user of the service would > > >>> know the true IP of the server it is hosted on and allows for > > >>> shared environments without putting others at risk. > > >>> > > >>> If anyone wants to test this out with me, I am offering the VPS > > >>> for free for a few weeks/months so I can get the architecture > > >>> right and fine tune the setup. All the traffic on the VPS is > > >>> automatically routed through Tor so IP leaks won't be a huge > > >>> problem, but of course you still maintain responsibility for > > >>> the security of your machine and whatever you install on it. > > >>> The use cases are unlimited but for obvious reasons it must be > > >>> legal under British & Swedish law (feel free to ask beforehand > > >>> but if it is legal I will defend it to the best of my > > >>> ability). > > >>> > > >>> If you'd like to take up this offer and try it out please email > > >>> me privately (my key is below). I ask that if you wish to > > >>> request one, please mention anything specific like RAM/CPU/Hard > > >>> disk requirements (no bandwidth limitations) so I can > > >>> appropriately assign them. For now unfortunately only debian > > >>> installs will be available and nothing except sshd will come > > >>> preconfigured on the VPS so if you aren't familiar with the > > >>> command line on debian you may not find this useful. Also any > > >>> custom onion address you want please keep it to 7 characters or > > >>> below for now as my GPU is really on it's last limb after > > >>> generating over 1.4 million keys. > > >>> > > >>> I offer no guarantees on the availability of this, nor do I > > >>> take responsibility for it, this is an entirely experimental > > >>> project and I am hoping any participants take up this offer to > > >>> perhaps mirror/reverse proxy their blogs, or of course bring > > >>> any interesting ideas to the table. All feedback on it is > > >>> welcome too > > >>> > > >>> Time to give these hidden services some lovin' > > >>> > > >>> Regards, T > > >>> > > >> -- tor-talk mailing list - tor-talk@lists.torproject.org To > > >> unsubscribe or change other settings go to > > >> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > >> > > > > - -- > > Activist, anarchist and a bit of a dreamer. > > > > PGP Keys: key.thecthulhu.com > > Current Fingerprint: E771 BE69 4696 F742 DB94 AA8C 5C2A 8C5A 0CCA 4983 > > Key-ID: 0CCA4983 > > Master Fingerprint: DDEF AB9B 1962 5D09 4264 2558 1F23 39B7 EF10 09F0 > > Key-ID: EF1009F0 > > > > Twitter: @CthulhuSec > > XMPP: thecthulhu at jabber.ccc.de > > XMPP-OTR: 4321B19F A9A3462C FE64BAC7 294C8A7E A53CC966 > > -----BEGIN PGP SIGNATURE----- > > > > iQIcBAEBCgAGBQJUp1QUAAoJEFwqjFoMykmD41UP/1j6Zs07l7dAwW0fcXOe6qci > > 7S2VUEkcXVujm7g2QI+rdoz5FdnoFoXchd4J3Umx5LZ4sLrGwORWW/gAjSnUw59s > > I92akGl7QjEHUKOkbN99+ZtiKFHRF/1rbU7jwt1Cb87Iegi15Vhajog0IWfHH9x8 > > +gNTgIGtPft1JW8jE9XbO1/QXy6TnM2DHHmedn0SJFJ9yyNgLUgbYn/6o+vve4XZ > > UIVU1J2M6xMK8RlTdQA6f9pUVpDYovLTq/leQzjeHnB+koGPphlIc/bsQEbZKv4e > > qAgPwx+7R2kvCO3LQwzhEjbKBO9NDYea8tcb9+aoy9JIfRfuMQtTRHSVOSqRBdPB > > Gkrv+yJSPvE9RyXkaeVOdaXeXHGlVFt263OnL3RiAaPRV/71ZSyFvjOBFk5ddVwQ > > 8avr8X3QXWA7Xu55K0aiNd8qeBvIflFpboomfo4dWEgUam/R6tKfH4Q5l5E7F6xc > > LtRGlY7qSgK78JwxedwWJwqqesJ+4PG8MEzcRu0AI5Xe3/F2KE1g2vt/C/QiDc/M > > wAuPv8A+z+IXPXKbE5amFm7h8nWooPqCNYvJ5ozYRBjZuakQy0QSsP9W+V1Y8u0d > > CfKIiDGKskmlZcW038hekBxcB9iJ64Bfh0PjIfnkKCPr6ycxWBbUQikfCjxEj2wo > > F1mgjD5pNLmPL++jNhFe > > =pdyG > > -----END PGP SIGNATURE----- > > > > > > ------------------------------ > > > > Subject: Digest Footer > > > > _______________________________________________ > > tor-talk mailing list > > tor-talk@lists.torproject.org > > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > > > > > > ------------------------------ > > > > End of tor-talk Digest, Vol 48, Issue 13 > > **************************************** > > > -- > tor-talk mailing list - tor-talk@lists.torproject.org > To unsubscribe or change other settings go to > https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk > -- tor-talk mailing list - tor-talk@lists.torproject.org To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
