Dotpets for Tor 0.2.0.34 and Privoxy 3.0.11

Antivirus, forensics, intrusion detection, cryptography, etc.
Post Reply
Message
Author
valpy
Posts: 67
Joined: Wed 18 Apr 2007, 20:38
Location: Looking at the tapestry

Dotpets for Tor 0.2.0.34 and Privoxy 3.0.11

#1 Post by valpy »

I recently noticed that Tor 0.2.0.31 is now giving warnings that it is obsolete.

http://www.torproject.org/ indicates that significant security holes have recently been fixed, and strongly recommends that people should upgrade to the latest stable version (0.2.0.34).

Note that the 0.1.2.* versions of Tor are now designated as 'end-of-life'.

For those who wish to upgrade, here are dotpets for Tor 0.2.0.34 and Privoxy 3.0.11.

I have rebuilt them from the previous dotpets for Tor and Privoxy (the Privoxy dotpet uses the latest Privoxy from Debian Sid); the Tor dotpet uses the latest Tor from Slackware 12.

Please note, these are as far as possible direct clones of GuestToo's original dotpups, so they install into /root/my-roxapps, /root/my-applications and subdirectories: this is to avoid having to modify the existing (working) scripts!

Additional libraries (e.g. libevent-1.4.so.2) install into subdirectories of /root/my-applications). The scripts ensure that these will be found when running Privoxy and Tor - however, PETGET will nevertheless probably give warnings that there are missing dependencies when you install the packages. This is because directories like /root/my-applications/tor/lib aren't on the standard search path.


Link to thread with previous dotpets:
http://murga-linux.com/puppy/viewtopic. ... 71&t=28608

md5sums for the dotpets:
14427f673e00ce9088a39daae56e346f privoxy-3.0.11-d.pet
f350307d8ce45caa19c85fdfa30d9f98 tor-2.0.34-s.pet

valpy
Last edited by valpy on Wed 28 Apr 2010, 18:41, edited 5 times in total.

hayagix
Posts: 131
Joined: Sat 07 Jun 2008, 15:41

#2 Post by hayagix »

Thankyou!

Working perfectly in Muppy.

valpy
Posts: 67
Joined: Wed 18 Apr 2007, 20:38
Location: Looking at the tapestry

#3 Post by valpy »

dotpet for Tor 0.2.0.35, derived from Slackware

md5sum
a82cc0f85bef6b703daa1e1715c15c12 tor-2.0.35-s.pet

valpy
Posts: 67
Joined: Wed 18 Apr 2007, 20:38
Location: Looking at the tapestry

#4 Post by valpy »

Updated dotpet for Privoxy 3.0.13, derived from Debian Sid

md5sum
c13670cd65374dd4cbb45121992a9f99 privoxy-3.0.13-d.pet

User avatar
Anniekin
Posts: 246
Joined: Wed 25 Feb 2009, 00:15

#5 Post by Anniekin »

Please what is the difference between these 2 apps if you don't mind the noob question?

valpy
Posts: 67
Joined: Wed 18 Apr 2007, 20:38
Location: Looking at the tapestry

#6 Post by valpy »

Sorry, haven't been around much recently.

Tor is software that allows connection to an anonymizing network of servers. While it's possible to configure a browser to connect directly to the Tor network, it's more secure to route traffic through a proxy first.

Privoxy provides such a locally-based proxy. It also provides significant benefits in terms of filtering unwanted cookies and general internet 'crud' that browsers are often fed by websites - you control exactly what it filters by modifying its config files.

HTH

valpy
Posts: 67
Joined: Wed 18 Apr 2007, 20:38
Location: Looking at the tapestry

#7 Post by valpy »

Updated dotpet for tor 0.2.1.19 based on slackware 12

md5sum is ef375a0ac55df32ec45f9ddfa31273db

toowoombalinux
Posts: 95
Joined: Tue 16 Feb 2010, 00:22

#8 Post by toowoombalinux »

G'day,
Default port for Https is 443 - this is not a good port to be opened as credit card info goes through this - so it is highly monitored and therefore vulnerable to attacks.

Wondering how to change the config file to change the port to say 80; which is the port for http.
Cheers
Martin
Toowoomba Linux Community
[url]http://groups.google.com/group/toowoombalinux[/url]
Puppy Linux 301 - KDE 3.5.8

valpy
Posts: 67
Joined: Wed 18 Apr 2007, 20:38
Location: Looking at the tapestry

#9 Post by valpy »

Hi Martin
Sorry, I'm not sure how to change default port.

A few thoughts, however:
1. https is encrypted, http is not, - so http would probably not benefit from an additional layer of security (as for https) if used.
2. Tor traffic is internally encrypted anyway.
3. Tor is anonymity software, not security software. It makes it hard for anyone to trace what you're doing, but there is nothing to stop the bad guys setting up rogue exit nodes and redirecting you to somewhere other than the place you thought you were going to. In that case, you'd end up with a connection to a server that can quite happily log your details - Tor makes 'man-in-the-middle' attacks much easier. So I would never send my credit card details over Tor, or any other information that could personally identify me.

valpy
Posts: 67
Joined: Wed 18 Apr 2007, 20:38
Location: Looking at the tapestry

#10 Post by valpy »

Updated dotpet for tor 0.2.1.25 based on slackware 13.
md5sum is 97cdb1ecf435beff0d29fb0f149e0a6e

valpy
Posts: 67
Joined: Wed 18 Apr 2007, 20:38
Location: Looking at the tapestry

#11 Post by valpy »

Updated dotpet for Privoxy 3.0.16, privoxy executable has been compiled from source.

md5sum is 8e8c0f95fa573e789a5b052abb26e707

(Thanks to Nym1 for advice on how to validate the source tarball using GnuPG).

fanfare
Posts: 9
Joined: Sat 05 Mar 2011, 16:50

#12 Post by fanfare »

I downloaded and installed privoxy-3.0.16-src.pet and tor-2.1.25-s.pet

I even rebooted.

So, I run Privoxy and I click on the ''Privoxy-Tor'' button, which only starts Tor: ''Tor is running''. ''Privoxy-Tor is NOT running'' as well ass ''Privoxy is NOT running'' are also displayed.

After adjusting my clock and calendar ahead by almost 12 hours... TOR does work, but...

Firefox only works if I tell it to use socks at port 9050, but not as regular proxy at 8118.

So, looks like Privoxy is not really working and only TOR is working, for internet sites, not for TOR sites.
... ... ...
Separate issue, maybe:
Also, I can't browse ''.onion'' addresses.

Can anyone help?

Post Reply