Dotpets for Tor 0.2.0.34 and Privoxy 3.0.11
Dotpets for Tor 0.2.0.34 and Privoxy 3.0.11
I recently noticed that Tor 0.2.0.31 is now giving warnings that it is obsolete.
http://www.torproject.org/ indicates that significant security holes have recently been fixed, and strongly recommends that people should upgrade to the latest stable version (0.2.0.34).
Note that the 0.1.2.* versions of Tor are now designated as 'end-of-life'.
For those who wish to upgrade, here are dotpets for Tor 0.2.0.34 and Privoxy 3.0.11.
I have rebuilt them from the previous dotpets for Tor and Privoxy (the Privoxy dotpet uses the latest Privoxy from Debian Sid); the Tor dotpet uses the latest Tor from Slackware 12.
Please note, these are as far as possible direct clones of GuestToo's original dotpups, so they install into /root/my-roxapps, /root/my-applications and subdirectories: this is to avoid having to modify the existing (working) scripts!
Additional libraries (e.g. libevent-1.4.so.2) install into subdirectories of /root/my-applications). The scripts ensure that these will be found when running Privoxy and Tor - however, PETGET will nevertheless probably give warnings that there are missing dependencies when you install the packages. This is because directories like /root/my-applications/tor/lib aren't on the standard search path.
Link to thread with previous dotpets:
http://murga-linux.com/puppy/viewtopic. ... 71&t=28608
md5sums for the dotpets:
14427f673e00ce9088a39daae56e346f privoxy-3.0.11-d.pet
f350307d8ce45caa19c85fdfa30d9f98 tor-2.0.34-s.pet
valpy
http://www.torproject.org/ indicates that significant security holes have recently been fixed, and strongly recommends that people should upgrade to the latest stable version (0.2.0.34).
Note that the 0.1.2.* versions of Tor are now designated as 'end-of-life'.
For those who wish to upgrade, here are dotpets for Tor 0.2.0.34 and Privoxy 3.0.11.
I have rebuilt them from the previous dotpets for Tor and Privoxy (the Privoxy dotpet uses the latest Privoxy from Debian Sid); the Tor dotpet uses the latest Tor from Slackware 12.
Please note, these are as far as possible direct clones of GuestToo's original dotpups, so they install into /root/my-roxapps, /root/my-applications and subdirectories: this is to avoid having to modify the existing (working) scripts!
Additional libraries (e.g. libevent-1.4.so.2) install into subdirectories of /root/my-applications). The scripts ensure that these will be found when running Privoxy and Tor - however, PETGET will nevertheless probably give warnings that there are missing dependencies when you install the packages. This is because directories like /root/my-applications/tor/lib aren't on the standard search path.
Link to thread with previous dotpets:
http://murga-linux.com/puppy/viewtopic. ... 71&t=28608
md5sums for the dotpets:
14427f673e00ce9088a39daae56e346f privoxy-3.0.11-d.pet
f350307d8ce45caa19c85fdfa30d9f98 tor-2.0.34-s.pet
valpy
Last edited by valpy on Wed 28 Apr 2010, 18:41, edited 5 times in total.
Sorry, haven't been around much recently.
Tor is software that allows connection to an anonymizing network of servers. While it's possible to configure a browser to connect directly to the Tor network, it's more secure to route traffic through a proxy first.
Privoxy provides such a locally-based proxy. It also provides significant benefits in terms of filtering unwanted cookies and general internet 'crud' that browsers are often fed by websites - you control exactly what it filters by modifying its config files.
HTH
Tor is software that allows connection to an anonymizing network of servers. While it's possible to configure a browser to connect directly to the Tor network, it's more secure to route traffic through a proxy first.
Privoxy provides such a locally-based proxy. It also provides significant benefits in terms of filtering unwanted cookies and general internet 'crud' that browsers are often fed by websites - you control exactly what it filters by modifying its config files.
HTH
-
- Posts: 95
- Joined: Tue 16 Feb 2010, 00:22
G'day,
Default port for Https is 443 - this is not a good port to be opened as credit card info goes through this - so it is highly monitored and therefore vulnerable to attacks.
Wondering how to change the config file to change the port to say 80; which is the port for http.
Cheers
Martin
Default port for Https is 443 - this is not a good port to be opened as credit card info goes through this - so it is highly monitored and therefore vulnerable to attacks.
Wondering how to change the config file to change the port to say 80; which is the port for http.
Cheers
Martin
Toowoomba Linux Community
[url]http://groups.google.com/group/toowoombalinux[/url]
Puppy Linux 301 - KDE 3.5.8
[url]http://groups.google.com/group/toowoombalinux[/url]
Puppy Linux 301 - KDE 3.5.8
Hi Martin
Sorry, I'm not sure how to change default port.
A few thoughts, however:
1. https is encrypted, http is not, - so http would probably not benefit from an additional layer of security (as for https) if used.
2. Tor traffic is internally encrypted anyway.
3. Tor is anonymity software, not security software. It makes it hard for anyone to trace what you're doing, but there is nothing to stop the bad guys setting up rogue exit nodes and redirecting you to somewhere other than the place you thought you were going to. In that case, you'd end up with a connection to a server that can quite happily log your details - Tor makes 'man-in-the-middle' attacks much easier. So I would never send my credit card details over Tor, or any other information that could personally identify me.
Sorry, I'm not sure how to change default port.
A few thoughts, however:
1. https is encrypted, http is not, - so http would probably not benefit from an additional layer of security (as for https) if used.
2. Tor traffic is internally encrypted anyway.
3. Tor is anonymity software, not security software. It makes it hard for anyone to trace what you're doing, but there is nothing to stop the bad guys setting up rogue exit nodes and redirecting you to somewhere other than the place you thought you were going to. In that case, you'd end up with a connection to a server that can quite happily log your details - Tor makes 'man-in-the-middle' attacks much easier. So I would never send my credit card details over Tor, or any other information that could personally identify me.
I downloaded and installed privoxy-3.0.16-src.pet and tor-2.1.25-s.pet
I even rebooted.
So, I run Privoxy and I click on the ''Privoxy-Tor'' button, which only starts Tor: ''Tor is running''. ''Privoxy-Tor is NOT running'' as well ass ''Privoxy is NOT running'' are also displayed.
After adjusting my clock and calendar ahead by almost 12 hours... TOR does work, but...
Firefox only works if I tell it to use socks at port 9050, but not as regular proxy at 8118.
So, looks like Privoxy is not really working and only TOR is working, for internet sites, not for TOR sites.
... ... ...
Separate issue, maybe:
Also, I can't browse ''.onion'' addresses.
Can anyone help?
I even rebooted.
So, I run Privoxy and I click on the ''Privoxy-Tor'' button, which only starts Tor: ''Tor is running''. ''Privoxy-Tor is NOT running'' as well ass ''Privoxy is NOT running'' are also displayed.
After adjusting my clock and calendar ahead by almost 12 hours... TOR does work, but...
Firefox only works if I tell it to use socks at port 9050, but not as regular proxy at 8118.
So, looks like Privoxy is not really working and only TOR is working, for internet sites, not for TOR sites.
... ... ...
Separate issue, maybe:
Also, I can't browse ''.onion'' addresses.
Can anyone help?