Recommend webproxy service

Discussion in 'Computer Security' started by MiLi, Oct 27, 2004.

  1. MiLi

    MiLi Guest

    Just wondering if anyone knows for sure of a web proxy service,
    preferably encrypted, that is genuinely secure; i.e. not a front for
    security services/ TIA
     
    MiLi, Oct 27, 2004
    #1
    1. Advertising

  2. MiLi

    nemo outis Guest

    In article <>, MiLi wrote:
    >Just wondering if anyone knows for sure of a web proxy service,
    >preferably encrypted, that is genuinely secure; i.e. not a front for
    >security services/ TIA



    Your best shot is Tor (a revised onion router system). Uses a
    cascade of proxies (somewhat like mixmaster does for email).
    Fully encrypted. And Tor is free and open-source! (runs on quite
    a few platforms too.)

    About 40 servers running worldwide.
    (Who knows how many are compromised? Few or none, I think - but
    you may be more paranoid than I.)

    Nip on over to:

    http://www.freehaven.net/tor/

    and decide for yourself.

    Regards,
     
    nemo outis, Oct 28, 2004
    #2
    1. Advertising

  3. MiLi

    MiLi Guest

    nemo outis wrote:
    >
    > In article <>, MiLi wrote:
    > >Just wondering if anyone knows for sure of a web proxy service,
    > >preferably encrypted, that is genuinely secure; i.e. not a front for
    > >security services/ TIA

    >
    > Your best shot is Tor (a revised onion router system). Uses a
    > cascade of proxies (somewhat like mixmaster does for email).
    > Fully encrypted. And Tor is free and open-source! (runs on quite
    > a few platforms too.)
    >
    > About 40 servers running worldwide.
    > (Who knows how many are compromised? Few or none, I think - but
    > you may be more paranoid than I.)
    >
    > Nip on over to:
    >
    > http://www.freehaven.net/tor/
    >
    > and decide for yourself.
    >
    > Regards,


    Many thanks!
     
    MiLi, Oct 28, 2004
    #3
  4. MiLi

    MiLi Guest

    MiLi wrote:
    >
    > nemo outis wrote:
    > >
    > > In article <>, MiLi wrote:
    > > >Just wondering if anyone knows for sure of a web proxy service,
    > > >preferably encrypted, that is genuinely secure; i.e. not a front for
    > > >security services/ TIA

    > >
    > > Your best shot is Tor (a revised onion router system). Uses a
    > > cascade of proxies (somewhat like mixmaster does for email).
    > > Fully encrypted. And Tor is free and open-source! (runs on quite
    > > a few platforms too.)
    > >
    > > About 40 servers running worldwide.
    > > (Who knows how many are compromised? Few or none, I think - but
    > > you may be more paranoid than I.)
    > >
    > > Nip on over to:
    > >
    > > http://www.freehaven.net/tor/
    > >
    > > and decide for yourself.
    > >
    > > Regards,

    >
    > Many thanks!


    PROBLEM :-(

    I installed "Openssc 0.9.7" and have also obtained ssleay32.dll. But
    when I double-click on TOR-0081.exe, which i placed in a new directory
    along with ssleay32.dll, i get error message:

    "The TOR-081 exefile is linked to missing export LIBEAy32.dll:3212"

    If I remove ssleay32 i get error message saying it can't be found!

    Help appreciated. Using win98se.//
     
    MiLi, Oct 28, 2004
    #4
  5. MiLi

    nemo outis Guest

    In article <>, MiLi wrote:
    >
    >
    >MiLi wrote:
    >>
    >> nemo outis wrote:
    >> >
    >> > In article <>, MiLi wrote:
    >> > >Just wondering if anyone knows for sure of a web proxy service,
    >> > >preferably encrypted, that is genuinely secure; i.e. not a front for
    >> > >security services/ TIA
    >> >
    >> > Your best shot is Tor (a revised onion router system). Uses a
    >> > cascade of proxies (somewhat like mixmaster does for email).
    >> > Fully encrypted. And Tor is free and open-source! (runs on quite
    >> > a few platforms too.)
    >> >
    >> > About 40 servers running worldwide.
    >> > (Who knows how many are compromised? Few or none, I think - but
    >> > you may be more paranoid than I.)
    >> >
    >> > Nip on over to:
    >> >
    >> > http://www.freehaven.net/tor/
    >> >
    >> > and decide for yourself.
    >> >
    >> > Regards,

    >>
    >> Many thanks!

    >
    >PROBLEM :-(
    >
    >I installed "Openssc 0.9.7" and have also obtained ssleay32.dll. But
    >when I double-click on TOR-0081.exe, which i placed in a new directory
    >along with ssleay32.dll, i get error message:
    >
    >"The TOR-081 exefile is linked to missing export LIBEAy32.dll:3212"
    >
    >If I remove ssleay32 i get error message saying it can't be found!
    >
    >Help appreciated. Using win98se.//



    Ok, here's the story:

    First, there's been quite a bit of discussion about Tor
    (including setup) on alt.privacy lately - it's been the hot topic
    the last few weeks (you may want to do some googling of the
    newsgroups)

    I also recommend you use version 0.94 of Tor rather than 0.81.

    But on to your problem...

    You say you're using Win98 - I'm using WinXPro but I don't see
    why that should be a source of problems.

    Here's the drill on openssl for Windows:

    First of all you want version version 0.9.7d (or later); versions
    0.9.7c and earlier had a security vulnerability (buffer overflow)
    that made them susceptible to DoS attacks (although it's not
    really that big a deal). BTW 0.9.7e just came out (Oct 25) but,
    to my knowlege, no one has made a Windows binary available yet.
    So we're talking about version 0.9.7d for now.

    There are two sources I know about for openssl Windows binaries
    (0.9.7d):

    http://vmware-svca.www.conxion.com/secured/gsx/openssl-0.9.7d.zip

    (a rather odd place to look, but what the heck)

    and the Win32openssl version:

    http://www.slproweb.com/download/Win32OpenSSL-v0.9.7e.exe
    [whoops, I'm a liar - win32openssl is now subversion e BTW site
    is slow!]

    I prefer the vmware version over the Win32openssl version
    (although both work fine). With the zip version you just extract
    the files (openssl.exe is optional) to either your Tor program
    directory (my preference) or to the Windows\system32 directory.
    Win32openssl does a muc h bigger "install" and puts the two dlls
    in system32 by default - if you want them elsewhere you must move
    them (although they'll work fine from the system32 directory)
    That was your problem (as near as I can tell) - you need BOTH
    ssleay32.dll and libeay32.dll on a reachable directory when Tor
    is invoked. It appears from your error message that Tor/ssleay32
    couldn't find libeay32.dll.

    Once you get Tor working with ssleay32 and libeay32 you must
    configure your browser to use a SOCKS proxy (version 4, 4a, or 5)
    NOT an HTTP or HTPS proxy (that is, if you don't use privoxy
    between your browser and Tor and have them talk to each other
    directly).

    If you use privoxy as well (as you should when surfing to prevent
    information leakage with DNS lookups) then you configure your
    browser to talk to Privoxy as an HTTP proxy (127.0.0.1:8118 is
    the default) and Privoxy talks to Tor as a socks4a channel
    (127.0.0.1:9050). Note that to accomplish this with Privoxy you
    must add the line

    forward-socks4a / localhost:9050 . [including the ending
    "dot"]

    to Privoxy's config file.

    Let me know if this gets you any further along.

    Regards,

    PS Incidentally Tor can proxy any TCP protocol (ftp, SSH,
    etc.). However with most protocols (other than http, https) you
    don't use privoxy but address Tor directly so those other
    applications must either support socks directly or you must
    "socksify" them (using sockscap or freecap). To prevent DNS
    "info leakage" be sure that the socks is (effectively) 4a (not an
    easy thing for non-geeks to check BTW).
     
    nemo outis, Oct 28, 2004
    #5
  6. MiLi

    H2 Guest

    wdcsun18.usdoj.gov /modules.php?....Karl Rove's White House " Murder,Inc."

    Karl Rove's White House " Murder, Inc."

    By Wayne Madsen .
    Online Journal Contributing Writer .

    OCT, 2004- On September 15, 2001, just four days after the 9-11 attacks,
    CIA Director George Tenet provided President [sic] Bush with a Top Secret
    "Worldwide Attack Matrix"-a virtual license to kill targets deemed to be a
    threat to the United States in some 80 countries around the world. The Tenet
    plan, which was subsequently approved by Bush, essentially reversed the
    executive orders of four previous U.S. administrations that expressly
    prohibited political assassinations.

    According to high level European intelligence officials, Bush's counselor,
    Karl Rove, used the new presidential authority to silence a popular Lebanese
    Christian politician who was planning to offer irrefutable evidence that
    Israeli Prime Minister Ariel Sharon authorized the massacre of hundreds of
    Palestinian men, women, and children in the Beirut refugee camps of Sabra
    and Shatilla in 1982. In addition, Sharon provided the Lebanese forces who
    carried out the grisly task. At the time of the massacres, Elie Hobeika was
    intelligence chief of Lebanese Christian forces in Lebanon who were battling
    Palestinians and other Muslim groups in a bloody civil war. He was also the
    chief liaison to Israeli Defense Force (IDF) personnel in Lebanon. An
    official Israeli inquiry into the massacre at the camps, the Kahan
    Commission, merely found Sharon "indirectly" responsible for the slaughter
    and fingered Hobeika as the chief instigator.

    The Kahan Commission never called on Hobeika to offer testimony in his
    defense. However, in response to charges brought against Sharon before a
    special war crimes court in Belgium, Hobeika was urged to testify against
    Sharon, according to well-informed Lebanese sources. Hobeika was prepared to
    offer a different version of events than what was contained in the Kahan
    report. A 1993 Belgian law permitting human rights prosecutions was unusual
    in that non-Belgians could be tried for violations against other
    non-Belgians in a Belgian court. Under pressure from the Bush
    administration, the law was severely amended and the extra territoriality
    provisions were curtailed.

    Hobeika headed the Lebanese forces intelligence agency since the mid- 1970s
    and he soon developed close ties to the CIA. He was a frequent visitor to
    the CIA's headquarters at Langley, Virginia. After the Syrian invasion of
    Lebanon in 1990, Hobeika held a number of cabinet positions in the Lebanese
    government, a proxy for the Syrian occupation authorities. He also served in
    the parliament. In July 2001, Hobeika called a press conference and
    announced he was prepared to testify against Sharon in Belgium and revealed
    that he had evidence of what actually occurred in Sabra and Shatilla.
    Hobeika also indicated that Israel had flown members of the South Lebanon
    Army (SLA) into Beirut International Airport in an Israeli Air Force C130
    transport plane. In full view of dozens of witnesses, including members of
    the Lebanese army and others, SLA troops under the command of Major Saad
    Haddad were slipped into the camps to commit the massacres. The SLA troops
    were under the direct command of Ariel Sharon and an Israeli Mossad agent
    provocateur named Rafi Eitan. Hobeika offered evidence that a former U.S.
    ambassador to Lebanon was aware of the Israeli plot. In addition, the IDF
    had placed a camera in a strategic position to film the Sabra and Shatilla
    massacres. Hobeika was going to ask that the footage be released as part of
    the investigation of Sharon.

    After announcing he was willing to testify against Sharon, Hobeika became
    fearful for his safety and began moves to leave Lebanon. Hobeika was not
    aware that his threats to testify against Sharon had triggered a series of
    fateful events that reached well into the White House and Sharon's office.

    On January 24, 2002, Hobeika's car was blown up by a remote controlled bomb
    placed in a parked Mercedes along a street in the Hazmieh section of Beirut.
    The bomb exploded when Hobeika and his three associates, Fares Souweidan,
    Mitri Ajram, and Waleed Zein, were driving their Range Rover past the
    TNT-laden Mercedes at 9:40 am Beirut time. The Range Rover's four passengers
    were killed in the explosion. In case Hobeika's car had taken another route

    through the neighborhood, two additional parked cars, located at two other
    choke points, were also rigged with TNT. The powerful bomb wounded a number
    of other people on the street. Other parked cars were destroyed and
    buildings and homes were damaged. The Lebanese president, prime minister,
    and interior minister all claimed that Israeli agents were behind the
    attack.

    It is noteworthy that the State Department's list of global terrorist
    incidents for 2002 worldwide failed to list the car bombing attack on
    Hobeika and his party. The White House wanted to ensure the attack was
    censored from the report. The reason was simple: the attack ultimately had
    Washington's fingerprints on it.

    High level European intelligence sources now report that Karl Rove
    personally coordinated Hobeika's assassination. The hit on Hobeika employed
    Syrian intelligence agents. Syrian President Bashar Assad was trying to
    curry favor with the Bush administration in the aftermath of 9-11 and was
    more than willing to help the White House. In addition, Assad's father,
    Hafez Assad, had been an ally of Bush's father during Desert Storm, a period
    that saw Washington give a "wink and a nod" to Syria's occupation of
    Lebanon. Rove wanted to help Sharon avoid any political embarrassment from
    an in absentia trial in Brussels where Hobeika would be a star witness. Rove
    and Sharon agreed on the plan to use Syrian Military Intelligence agents to
    assassinate Hobeika. Rove saw Sharon as an indispensable ally of Bush in
    ensuring the loyalty of the Christian evangelical and Jewish voting blocs in
    the United States. Sharon saw the plan to have the United States coordinate
    the hit as a way to mask all connections to Jerusalem.

    The Syrian hit team was ordered by Assef Shawkat, the number two man in
    Syrian military intelligence and a good friend and brother in law of Syrian
    President Bashar Assad. Assad's intelligence services had already cooperated
    with U.S. intelligence in resorting to unconventional methods to extract
    information from al Qaeda detainees deported to Syria from the United States
    and other countries in the wake of 9-11. The order to take out Hobeika was
    transmitted by Shawkat to Roustom Ghazali, the head of Syrian military
    intelligence in Beirut. Ghazali arranged for the three remote controlled
    cars to be parked along Hobeika's route in Hazmieh; only few hundred yards
    from the Barracks of Syrian Special Forces which are stationed in the area
    near the Presidential palace , the ministry of Defense and various
    Government and officers quarters . This particular area is covered 24/7 by a
    very sophisticated USA multi-agency surveillance system to monitor Syrian
    and Lebanese security activities and is a " Choice " area to live in for its
    perceived high security .... [Courtesy of the Special Collections Services.]
    .... SCS... ; CIA & NSA & DIA....


    The plan to kill Hobeika had all the necessary caveats and built-in denial
    mechanisms. If the Syrians were discovered beforehand or afterwards, Karl
    Rove and his associates in the Pentagon's Office of Special Plans would be
    ensured plausible deniability.

    Hobeika's CIA intermediary in Beirut, a man only referred to as "Jason" by
    Hobeika, was a frequent companion of the Lebanese politician during official
    and off-duty hours. During Hobeika's election campaigns for his
    parliamentary seat, Jason was often in Hobeika's office offering support and
    advice. After Hobeika's assassination, Jason became despondent over the
    death of his colleague. Eventually, Jason disappeared abruptly from Lebanon
    and reportedly later emerged in Pakistan.

    Karl Rove's involvement in the assassination of Hobeika may not have been
    the last "hit" he ordered to help out Sharon. In March 2002, a few months
    after Hobeika's assassination, another Lebanese Christian with knowledge of
    Sharon's involvement in the Sabra and Shatilla massacres was gunned down
    along with his wife in Sao Paulo, Brazil. A bullet fired at Michael Nassar's
    car flattened one of his tires. Nassar pulled into a gasoline station for
    repairs. A professional assassin, firing a gun with a silencer, shot Nassar
    and his wife in the head, killing them both instantly. The assailant fled
    and was never captured. Nassar was also involved with the Phalange militia
    at Sabra and Shatilla. Nassar was also reportedly willing to testify against
    Sharon in Belgium and, as a nephew of SLA Commander General Antoine Lahd,
    may have had important evidence to bolster Hobeika's charge that Sharon
    ordered SLA forces into the camps to wipe out the Palestinians.

    Based on what European intelligence claims is concrete intelligence on
    Rove's involvement in the assassination of Hobeika, the Bush administration
    can now add political assassination to its laundry list of other misdeeds,
    from lying about the reasons to go to war to the torture tactics in
    violation of the Geneva Conventions that have been employed by the Pentagon
    and "third country" nationals at prisons in Iraq and Guantanamo Bay.

    Wayne Madsen is a Washington, DC-based investigative journalist and
    columnist. He served in the National Security Agency (NSA) during the Reagan
    administration and wrote the introduction to Forbidden Truth. He is the
    co-author, with John Stanton, of "America's Nightmare: The Presidency of
    George Bush II." His forthcoming book is titled: "Jaded Tasks: Big Oil,
    Black Ops, and Brass Plates." Madsen can be reached at:


    This is some of the evidence for you and for the World ....
    *********************************************


    ~~~encrypted/logs/access ~~~

    Not to mention hundreds of private companies and governments. Anyway...
    *********************************************************

    Lines 10-36
    of my logfiles show a lot of interest in this article:

    # grep sid=1052 /encrypted/logs/access_log|awk '{print $1,$7}'|sed -n
    '10,36p'

    spb-213-33-248-190.sovintel.ru /modules.php?name=News&file=article&sid=1052
    ext1.shape.nato.int /modules.php?name=News&file=article&sid=1052
    server1.namsa.nato.int /modules.php?name=News&file=article&sid=1052
    ns1.saclantc.nato.int /modules.php?name=News&file=article&sid=1052
    bxlproxyb.europarl.eu.int /modules.php?name=News&file=article&sid=1052
    wdcsun18.usdoj.gov /modules.php?name=News&file=article&sid=1052
    wdcsun21.usdoj.gov /modules.php?name=News&file=article&sid=1052
    tcs-gateway11.treas.gov /modules.php?name=News&file=article&sid=1052
    tcs-gateway13.treas.gov /modules.php?name=News&file=article&sid=1052
    relay1.ucia.gov /modules.php?name=News&file=article&sid=1052
    relay2.cia.gov /modules.php?name=News&file=article&sid=1052
    relay2.ucia.gov /modules.php?name=News&file=article&sid=1052
    n021.dhs.gov /modules.php?name=News&file=article&sid=1052
    legion.dera.gov.uk /modules.php?name=News&file=article&sid=1052
    gateway-fincen.uscg.mil /modules.php?name=News&file=article&sid=1052
    crawler2.googlebot.com /modules.php?name=News&file=article&sid=1052
    crawler1.googlebot.com /modules.php?name=News&file=article&sid=1052
    gateway101.gsi.gov.uk /modules.php?name=News&file=article&sid=1052
    gate11-quantico.nmci.usmc.mil /modules.php?name=News&file=article&sid=1052
    gate13-quantico.nmci.usmc.mil /modules.php?name=News&file=article&sid=1052
    fw1-a.osis.gov /modules.php?name=News&file=article&sid=1052
    crawler13.googlebot.com /modules.php?name=News&file=article&sid=1052
    fw1-b.osis.gov /modules.php?name=News&file=article&sid=1052
    bouncer.nics.gov.uk /modules.php?name=News&file=article&sid=1052
    beluha.ssu.gov.ua /modules.php?name=News&file=article&sid=1052
    zukprxpro02.zreo.compaq.com
    /modules.php?name=News&file=article&sid=1052....
     
    H2, Oct 29, 2004
    #6
  7. MiLi

    MiLi Guest

    nemo outis wrote:
    >
    > In article <>, MiLi wrote:
    > >
    > >
    > >MiLi wrote:
    > >>
    > >> nemo outis wrote:
    > >> >
    > >> > In article <>, MiLi wrote:
    > >> > >Just wondering if anyone knows for sure of a web proxy service,
    > >> > >preferably encrypted, that is genuinely secure; i.e. not a front for
    > >> > >security services/ TIA
    > >> >
    > >> > Your best shot is Tor (a revised onion router system). Uses a
    > >> > cascade of proxies (somewhat like mixmaster does for email).
    > >> > Fully encrypted. And Tor is free and open-source! (runs on quite
    > >> > a few platforms too.)
    > >> >
    > >> > About 40 servers running worldwide.
    > >> > (Who knows how many are compromised? Few or none, I think - but
    > >> > you may be more paranoid than I.)
    > >> >
    > >> > Nip on over to:
    > >> >
    > >> > http://www.freehaven.net/tor/
    > >> >
    > >> > and decide for yourself.
    > >> >
    > >> > Regards,
    > >>
    > >> Many thanks!

    > >
    > >PROBLEM :-(
    > >
    > >I installed "Openssc 0.9.7" and have also obtained ssleay32.dll. But
    > >when I double-click on TOR-0081.exe, which i placed in a new directory
    > >along with ssleay32.dll, i get error message:
    > >
    > >"The TOR-081 exefile is linked to missing export LIBEAy32.dll:3212"
    > >
    > >If I remove ssleay32 i get error message saying it can't be found!
    > >
    > >Help appreciated. Using win98se.//

    >
    > Ok, here's the story:
    >
    > First, there's been quite a bit of discussion about Tor
    > (including setup) on alt.privacy lately - it's been the hot topic
    > the last few weeks (you may want to do some googling of the
    > newsgroups)
    >
    > I also recommend you use version 0.94 of Tor rather than 0.81.
    >
    > But on to your problem...
    >
    > You say you're using Win98 - I'm using WinXPro but I don't see
    > why that should be a source of problems.
    >
    > Here's the drill on openssl for Windows:
    >
    > First of all you want version version 0.9.7d (or later); versions
    > 0.9.7c and earlier had a security vulnerability (buffer overflow)
    > that made them susceptible to DoS attacks (although it's not
    > really that big a deal). BTW 0.9.7e just came out (Oct 25) but,
    > to my knowlege, no one has made a Windows binary available yet.
    > So we're talking about version 0.9.7d for now.
    >
    > There are two sources I know about for openssl Windows binaries
    > (0.9.7d):
    >
    > http://vmware-svca.www.conxion.com/secured/gsx/openssl-0.9.7d.zip
    >
    > (a rather odd place to look, but what the heck)
    >
    > and the Win32openssl version:
    >
    > http://www.slproweb.com/download/Win32OpenSSL-v0.9.7e.exe
    > [whoops, I'm a liar - win32openssl is now subversion e BTW site
    > is slow!]
    >
    > I prefer the vmware version over the Win32openssl version
    > (although both work fine). With the zip version you just extract
    > the files (openssl.exe is optional) to either your Tor program
    > directory (my preference) or to the Windows\system32 directory.
    > Win32openssl does a muc h bigger "install" and puts the two dlls
    > in system32 by default - if you want them elsewhere you must move
    > them (although they'll work fine from the system32 directory)
    > That was your problem (as near as I can tell) - you need BOTH
    > ssleay32.dll and libeay32.dll on a reachable directory when Tor
    > is invoked. It appears from your error message that Tor/ssleay32
    > couldn't find libeay32.dll.
    >
    > Once you get Tor working with ssleay32 and libeay32 you must
    > configure your browser to use a SOCKS proxy (version 4, 4a, or 5)
    > NOT an HTTP or HTPS proxy (that is, if you don't use privoxy
    > between your browser and Tor and have them talk to each other
    > directly).
    >
    > If you use privoxy as well (as you should when surfing to prevent
    > information leakage with DNS lookups) then you configure your
    > browser to talk to Privoxy as an HTTP proxy (127.0.0.1:8118 is
    > the default) and Privoxy talks to Tor as a socks4a channel
    > (127.0.0.1:9050). Note that to accomplish this with Privoxy you
    > must add the line
    >
    > forward-socks4a / localhost:9050 . [including the ending
    > "dot"]
    >
    > to Privoxy's config file.
    >
    > Let me know if this gets you any further along.
    >
    > Regards,
    >
    > PS Incidentally Tor can proxy any TCP protocol (ftp, SSH,
    > etc.). However with most protocols (other than http, https) you
    > don't use privoxy but address Tor directly so those other
    > applications must either support socks directly or you must
    > "socksify" them (using sockscap or freecap). To prevent DNS
    > "info leakage" be sure that the socks is (effectively) 4a (not an
    > easy thing for non-geeks to check BTW).


    Thanks for the information -- I think I'll start on over with a later
    version of openssl. Will post back.
     
    MiLi, Oct 29, 2004
    #7
  8. MiLi

    MiLi Guest

    nemo outis wrote:
    >
    > In article <>, MiLi wrote:
    > >
    > >
    > >MiLi wrote:
    > >>
    > >> nemo outis wrote:
    > >> >
    > >> > In article <>, MiLi wrote:
    > >> > >Just wondering if anyone knows for sure of a web proxy service,
    > >> > >preferably encrypted, that is genuinely secure; i.e. not a front for
    > >> > >security services/ TIA
    > >> >
    > >> > Your best shot is Tor (a revised onion router system). Uses a
    > >> > cascade of proxies (somewhat like mixmaster does for email).
    > >> > Fully encrypted. And Tor is free and open-source! (runs on quite
    > >> > a few platforms too.)
    > >> >
    > >> > About 40 servers running worldwide.
    > >> > (Who knows how many are compromised? Few or none, I think - but
    > >> > you may be more paranoid than I.)
    > >> >
    > >> > Nip on over to:
    > >> >
    > >> > http://www.freehaven.net/tor/
    > >> >
    > >> > and decide for yourself.
    > >> >
    > >> > Regards,
    > >>
    > >> Many thanks!

    > >
    > >PROBLEM :-(
    > >
    > >I installed "Openssc 0.9.7" and have also obtained ssleay32.dll. But
    > >when I double-click on TOR-0081.exe, which i placed in a new directory
    > >along with ssleay32.dll, i get error message:
    > >
    > >"The TOR-081 exefile is linked to missing export LIBEAy32.dll:3212"
    > >
    > >If I remove ssleay32 i get error message saying it can't be found!
    > >
    > >Help appreciated. Using win98se.//

    >
    > Ok, here's the story:
    >
    > First, there's been quite a bit of discussion about Tor
    > (including setup) on alt.privacy lately - it's been the hot topic
    > the last few weeks (you may want to do some googling of the
    > newsgroups)
    >
    > I also recommend you use version 0.94 of Tor rather than 0.81.
    >
    > But on to your problem...
    >
    > You say you're using Win98 - I'm using WinXPro but I don't see
    > why that should be a source of problems.
    >
    > Here's the drill on openssl for Windows:
    >
    > First of all you want version version 0.9.7d (or later); versions
    > 0.9.7c and earlier had a security vulnerability (buffer overflow)
    > that made them susceptible to DoS attacks (although it's not
    > really that big a deal). BTW 0.9.7e just came out (Oct 25) but,
    > to my knowlege, no one has made a Windows binary available yet.
    > So we're talking about version 0.9.7d for now.
    >
    > There are two sources I know about for openssl Windows binaries
    > (0.9.7d):
    >
    > http://vmware-svca.www.conxion.com/secured/gsx/openssl-0.9.7d.zip
    >
    > (a rather odd place to look, but what the heck)
    >
    > and the Win32openssl version:
    >
    > http://www.slproweb.com/download/Win32OpenSSL-v0.9.7e.exe
    > [whoops, I'm a liar - win32openssl is now subversion e BTW site
    > is slow!]
    >
    > I prefer the vmware version over the Win32openssl version
    > (although both work fine). With the zip version you just extract
    > the files (openssl.exe is optional) to either your Tor program
    > directory (my preference) or to the Windows\system32 directory.
    > Win32openssl does a muc h bigger "install" and puts the two dlls
    > in system32 by default - if you want them elsewhere you must move
    > them (although they'll work fine from the system32 directory)
    > That was your problem (as near as I can tell) - you need BOTH
    > ssleay32.dll and libeay32.dll on a reachable directory when Tor
    > is invoked. It appears from your error message that Tor/ssleay32
    > couldn't find libeay32.dll.


    OK: I uninstalled openssl and installed the latest e version. Rebooted.
    I tried to run TOR in a directory with libeay32.dll and ssleay32.dll. No
    luck - same as before. By the way, these two files were also installed
    in windows\system folder, not system32 folder.


    BUT I HAVE GOT IT TO WORK this way; but i don't understnad what's going
    on:

    1. in the openssl (version e) folder, there's a sub-folder containing
    these two files:

    ssleay32.exp
    libeay32.exp

    I guess the .exp means experimental. Copying TOR to there works. Now to
    figure the rest out....

    <snip>
     
    MiLi, Oct 29, 2004
    #8
  9. MiLi

    MiLi Guest

    MiLi wrote:
    >
    > nemo outis wrote:
    > >
    > > In article <>, MiLi wrote:
    > > >
    > > >
    > > >MiLi wrote:
    > > >>
    > > >> nemo outis wrote:
    > > >> >
    > > >> > In article <>, MiLi wrote:
    > > >> > >Just wondering if anyone knows for sure of a web proxy service,
    > > >> > >preferably encrypted, that is genuinely secure; i.e. not a front for
    > > >> > >security services/ TIA
    > > >> >
    > > >> > Your best shot is Tor (a revised onion router system). Uses a
    > > >> > cascade of proxies (somewhat like mixmaster does for email).
    > > >> > Fully encrypted. And Tor is free and open-source! (runs on quite
    > > >> > a few platforms too.)
    > > >> >
    > > >> > About 40 servers running worldwide.
    > > >> > (Who knows how many are compromised? Few or none, I think - but
    > > >> > you may be more paranoid than I.)
    > > >> >
    > > >> > Nip on over to:
    > > >> >
    > > >> > http://www.freehaven.net/tor/
    > > >> >
    > > >> > and decide for yourself.
    > > >> >
    > > >> > Regards,
    > > >>
    > > >> Many thanks!
    > > >
    > > >PROBLEM :-(
    > > >
    > > >I installed "Openssc 0.9.7" and have also obtained ssleay32.dll. But
    > > >when I double-click on TOR-0081.exe, which i placed in a new directory
    > > >along with ssleay32.dll, i get error message:
    > > >
    > > >"The TOR-081 exefile is linked to missing export LIBEAy32.dll:3212"
    > > >
    > > >If I remove ssleay32 i get error message saying it can't be found!
    > > >
    > > >Help appreciated. Using win98se.//

    > >
    > > Ok, here's the story:
    > >
    > > First, there's been quite a bit of discussion about Tor
    > > (including setup) on alt.privacy lately - it's been the hot topic
    > > the last few weeks (you may want to do some googling of the
    > > newsgroups)
    > >
    > > I also recommend you use version 0.94 of Tor rather than 0.81.
    > >
    > > But on to your problem...
    > >
    > > You say you're using Win98 - I'm using WinXPro but I don't see
    > > why that should be a source of problems.
    > >
    > > Here's the drill on openssl for Windows:
    > >
    > > First of all you want version version 0.9.7d (or later); versions
    > > 0.9.7c and earlier had a security vulnerability (buffer overflow)
    > > that made them susceptible to DoS attacks (although it's not
    > > really that big a deal). BTW 0.9.7e just came out (Oct 25) but,
    > > to my knowlege, no one has made a Windows binary available yet.
    > > So we're talking about version 0.9.7d for now.
    > >
    > > There are two sources I know about for openssl Windows binaries
    > > (0.9.7d):
    > >
    > > http://vmware-svca.www.conxion.com/secured/gsx/openssl-0.9.7d.zip
    > >
    > > (a rather odd place to look, but what the heck)
    > >
    > > and the Win32openssl version:
    > >
    > > http://www.slproweb.com/download/Win32OpenSSL-v0.9.7e.exe
    > > [whoops, I'm a liar - win32openssl is now subversion e BTW site
    > > is slow!]
    > >
    > > I prefer the vmware version over the Win32openssl version
    > > (although both work fine). With the zip version you just extract
    > > the files (openssl.exe is optional) to either your Tor program
    > > directory (my preference) or to the Windows\system32 directory.
    > > Win32openssl does a muc h bigger "install" and puts the two dlls
    > > in system32 by default - if you want them elsewhere you must move
    > > them (although they'll work fine from the system32 directory)
    > > That was your problem (as near as I can tell) - you need BOTH
    > > ssleay32.dll and libeay32.dll on a reachable directory when Tor
    > > is invoked. It appears from your error message that Tor/ssleay32
    > > couldn't find libeay32.dll.

    >
    > OK: I uninstalled openssl and installed the latest e version. Rebooted.
    > I tried to run TOR in a directory with libeay32.dll and ssleay32.dll. No
    > luck - same as before. By the way, these two files were also installed
    > in windows\system folder, not system32 folder.
    >
    > BUT I HAVE GOT IT TO WORK this way; but i don't understnad what's going
    > on:
    >
    > 1. in the openssl (version e) folder, there's a sub-folder containing
    > these two files:
    >
    > ssleay32.exp
    > libeay32.exp
    >
    > I guess the .exp means experimental. Copying TOR to there works. Now to
    > figure the rest out....
    >
    > <snip>



    Hi again: I'm making progress but could you help me out on the Proxy
    setting please.

    I looked at the TOR documentation and understand to configure Proxy for
    port 9050. But what do I place in the address field? (Using latest
    releae of mozilla). I did a netstat -a and put in one of the TOR
    servers --- but that didn't work. I also put in localhost i.e.
    127.0.0.1 but that didn't seem to work either. Got a message in TOR
    window: "[Warn] Socks version 71 not recognised. (Tor is not an http
    proxy)"
     
    MiLi, Oct 29, 2004
    #9
  10. MiLi

    nemo outis Guest

    In article <>, MiLi wrote:
    ...snip...

    >Hi again: I'm making progress but could you help me out on the Proxy
    >setting please.
    >
    >I looked at the TOR documentation and understand to configure Proxy for
    >port 9050. But what do I place in the address field? (Using latest
    >releae of mozilla). I did a netstat -a and put in one of the TOR
    >servers --- but that didn't work. I also put in localhost i.e.
    >127.0.0.1 but that didn't seem to work either. Got a message in TOR
    >window: "[Warn] Socks version 71 not recognised. (Tor is not an http
    >proxy)"



    Tor (by *default* - but it's configurable) speaks & listens using
    socks on localhost (127.0.0.1) port 9050. You don't have to do
    anything here. Just fire Tor up before you browse.

    If you put privoxy in between your browser and Tor (as you should
    to avoid DNS info leakage) then privoxy "speaks & listens" to
    your browser on localhost (127.0.0.1) on http (and https) port
    8118 (this is the *default* in Privoxy - but it's configurable).
    You don't have to do anything here. Just fire Privoxy up before
    you browse.

    Privoxy "speaks & listens" to Tor on socks using localhost
    (127.0.0.1) port 9050. This is NOT configured in Privoxy by
    default - you MUST ADD the line:

    forward-socks4a / localhost:9050 .
    [including the "dot"]

    to config.txt in Privoxy's directory.

    Finally, you must configure your browser to "speak & listen" to
    Privoxy using socks on localhost (127.0.0.1) port 8118.

    Put 127.0.0.1 9050 as the two fields regarding socks proxy
    (leaving the rest of the entries, especially http and https,
    blank!) in either Firefox (Tools-Options-Connection
    Settings-Manual Proxy Configuration) or Internt Explorer
    (Tools-Internet Options-Connections-LAN Settings-Use a proxy
    server...-Advanced) and all will be well.

    Regards,
     
    nemo outis, Oct 30, 2004
    #10
  11. MiLi

    nemo outis Guest

    In article , nemo (nemo outis) wrote:
    ...snip...
    >Put 127.0.0.1 9050 as the two fields regarding socks proxy
    >(leaving the rest of the entries, especially http and https,
    >blank!) in either Firefox (Tools-Options-Connection
    >Settings-Manual Proxy Configuration) or Internt Explorer
    >(Tools-Internet Options-Connections-LAN Settings-Use a proxy
    >server...-Advanced) and all will be well.
    >
    >Regards,



    Whoops! That'll teach me to read before I cut & paste. The
    last paragraph is what you do if you want your browser to talk
    DIRECTLY to Tor BYPASSING Privoxy. (Everything above the last
    paragraph is OK)

    For your browser to speak to Privoxy (which in turn speaks to
    Tor) you put 127.0.0.1 8118 in both the http and https fields
    under the connection settings in your browser (leaving the
    socks-related fields blank).

    Regards,
     
    nemo outis, Oct 30, 2004
    #11
  12. MiLi

    MiLi Guest

    nemo outis wrote:
    >
    > In article , nemo (nemo outis) wrote:
    > ..snip...
    > >Put 127.0.0.1 9050 as the two fields regarding socks proxy
    > >(leaving the rest of the entries, especially http and https,
    > >blank!) in either Firefox (Tools-Options-Connection
    > >Settings-Manual Proxy Configuration) or Internt Explorer
    > >(Tools-Internet Options-Connections-LAN Settings-Use a proxy
    > >server...-Advanced) and all will be well.
    > >
    > >Regards,

    >
    > Whoops! That'll teach me to read before I cut & paste. The
    > last paragraph is what you do if you want your browser to talk
    > DIRECTLY to Tor BYPASSING Privoxy. (Everything above the last
    > paragraph is OK)
    >
    > For your browser to speak to Privoxy (which in turn speaks to
    > Tor) you put 127.0.0.1 8118 in both the http and https fields
    > under the connection settings in your browser (leaving the
    > socks-related fields blank).
    >
    > Regards,


    Hi nemo, many thanks. Yep it's now working :) I've not tried Privoxy
    yet, though. That's next on the list. It's quite something to see
    websites saying my ip address is what it is not :)

    I have the TOR site bokmarked. Is there any other site or newsgroup I
    can subscribe to, to keep up to date with Tor developments?

    Again, many thanks. I really appreciate the time and trouble you have
    gone to to explain the ins-and-outs to a windows user. (Anyone else
    reading this thread, why not give it a go!)

    regards

    Mili
     
    MiLi, Oct 30, 2004
    #12
  13. MiLi

    nemo outis Guest

    In article <>, MiLi wrote:
    >
    >Hi nemo, many thanks. Yep it's now working :) I've not tried Privoxy
    >yet, though. That's next on the list. It's quite something to see
    >websites saying my ip address is what it is not :)


    One of the things to notice is that your apparent IP address
    (i.e., your exit point from the Tor network) will change
    frequently. Tor dynamically builds and tears down "circuits"
    (paths through the Tor network) during a session.

    But you DO need privoxy. Without it your actual surfing will be
    airtight but your DNS lookups won't be! DNS is a complementary
    service that goes out to the net to "translate" strings like
    www.someurl.com into numbers like 77.88.225.33. DNS lookups
    (at least from Mozilla) *bypass* Tor when being resolved unless
    you use Privoxy (or an equivalent). The problem (and it's an
    application problem, not a Tor problem) is discussed here:

    http://freehaven.net/tor/cvs/doc/CLIENTS

    That's where privoxy comes in. Privoxy does 2 things, the first
    essential, the second convenient.

    The first - and most important - thing privoxy does (if you
    configure it to stand betweeen your browser and Tor as a socks4a
    intermediary) is *force* your browser to do its DNS lookups
    through Tor, therby protecting you from any information "leakage"
    in your DNS lookups.

    The second thing privoxy does is very convenient but not
    essential (and can be turned on or off at will). Privoxy acts as
    an ad and popup blocker (oversimplifying a bit, but close).


    >I have the TOR site bokmarked. Is there any other site or newsgroup I
    >can subscribe to, to keep up to date with Tor developments?


    I don't know of any. There was a flurry of discussion about Tor
    on alt.privacy but it has died down somewhat lately.


    >Again, many thanks. I really appreciate the time and trouble you have
    >gone to to explain the ins-and-outs to a windows user. (Anyone else
    >reading this thread, why not give it a go!)


    Glad to be of help. Besides, Osama and I are always trying to
    promote increased cover traffic on the networks we use :)

    Regards

    PS Tor can be used for other protocols besides surfing
    (e.g., ftp). You will have to sort out the intricacies,
    particularly the DNS info leakage one, for each. FWIW I use
    flashfxp direct to Tor (no Privoxy) since flashfxp directly
    supports socks4a proxy use.
     
    nemo outis, Oct 30, 2004
    #13
  14. MiLi

    MiLi Guest

    nemo outis wrote:
    >
    > In article <>, MiLi wrote:
    > >
    > >Hi nemo, many thanks. Yep it's now working :) I've not tried Privoxy
    > >yet, though. That's next on the list. It's quite something to see
    > >websites saying my ip address is what it is not :)

    >
    > One of the things to notice is that your apparent IP address
    > (i.e., your exit point from the Tor network) will change
    > frequently. Tor dynamically builds and tears down "circuits"
    > (paths through the Tor network) during a session.
    >
    > But you DO need privoxy. Without it your actual surfing will be
    > airtight but your DNS lookups won't be! DNS is a complementary
    > service that goes out to the net to "translate" strings like
    > www.someurl.com into numbers like 77.88.225.33. DNS lookups
    > (at least from Mozilla) *bypass* Tor when being resolved unless
    > you use Privoxy (or an equivalent). The problem (and it's an
    > application problem, not a Tor problem) is discussed here:
    >
    > http://freehaven.net/tor/cvs/doc/CLIENTS
    >
    > That's where privoxy comes in. Privoxy does 2 things, the first
    > essential, the second convenient.
    >
    > The first - and most important - thing privoxy does (if you
    > configure it to stand betweeen your browser and Tor as a socks4a
    > intermediary) is *force* your browser to do its DNS lookups
    > through Tor, therby protecting you from any information "leakage"
    > in your DNS lookups.
    >
    > The second thing privoxy does is very convenient but not
    > essential (and can be turned on or off at will). Privoxy acts as
    > an ad and popup blocker (oversimplifying a bit, but close).
    >
    > >I have the TOR site bokmarked. Is there any other site or newsgroup I
    > >can subscribe to, to keep up to date with Tor developments?

    >
    > I don't know of any. There was a flurry of discussion about Tor
    > on alt.privacy but it has died down somewhat lately.
    >
    > >Again, many thanks. I really appreciate the time and trouble you have
    > >gone to to explain the ins-and-outs to a windows user. (Anyone else
    > >reading this thread, why not give it a go!)

    >
    > Glad to be of help. Besides, Osama and I are always trying to
    > promote increased cover traffic on the networks we use :)
    >
    > Regards
    >
    > PS Tor can be used for other protocols besides surfing
    > (e.g., ftp). You will have to sort out the intricacies,
    > particularly the DNS info leakage one, for each. FWIW I use
    > flashfxp direct to Tor (no Privoxy) since flashfxp directly
    > supports socks4a proxy use.



    Yep, I had figured out a couple of things already, thanks to your recent
    posts. Got Privoxy working ok :)

    Also, have you see wiki wiki (guess so) -- I'm still trying to wrap my
    mind around editing remote web pages.
     
    MiLi, Oct 30, 2004
    #14
  15. MiLi

    MiLi Guest

    > Glad to be of help. Besides, <snip> are always trying to
    > promote increased cover traffic on the networks we use :)
    >
    > Regards
    >
    > PS Tor can be used for other protocols besides surfing
    > (e.g., ftp). You will have to sort out the intricacies,
    > particularly the DNS info leakage one, for each. FWIW I use
    > flashfxp direct to Tor (no Privoxy) since flashfxp directly
    > supports socks4a proxy use.


    Good point. Maybe (or especially) to newsgroup postings! :)
     
    MiLi, Oct 30, 2004
    #15
  16. MiLi

    nemo outis Guest

    In article <>, MiLi wrote:
    >> Glad to be of help. Besides, <snip> are always trying to
    >> promote increased cover traffic on the networks we use :)
    >>
    >> Regards
    >>
    >> PS Tor can be used for other protocols besides surfing
    >> (e.g., ftp). You will have to sort out the intricacies,
    >> particularly the DNS info leakage one, for each. FWIW I use
    >> flashfxp direct to Tor (no Privoxy) since flashfxp directly
    >> supports socks4a proxy use.

    >
    >Good point. Maybe (or especially) to newsgroup postings! :)



    Yep, there has been a fair amount posted on nntp posting through
    Tor on alt.privacy. You'll need a non-ISP newsserver, of course
    (easynews seems to be popular).

    Regards,
     
    nemo outis, Oct 30, 2004
    #16
  17. Re: Recommend webproxy

    DON wrote:
    >
    > nemo outis wrote:
    >
    > http://globalfire.tv/nj/04en/politics/rove.htm
    >
    > > In article <>, MiLi wrote:
    > >
    > >>>Glad to be of help. Besides, <snip> are always trying to
    > >>>promote increased cover traffic on the networks we use :)
    > >>>
    > >>>Regards
    > >>>
    > >>>PS Tor can be used for other protocols besides surfing
    > >>>(e.g., ftp). You will have to sort out the intricacies,
    > >>>particularly the DNS info leakage one, for each. FWIW I use
    > >>>flashfxp direct to Tor (no Privoxy) since flashfxp directly
    > >>>supports socks4a proxy use.
    > >>
    > >>Good point. Maybe (or especially) to newsgroup postings! :)

    > >
    > >
    > >
    > > Yep, there has been a fair amount posted on nntp posting through
    > > Tor on alt.privacy. You'll need a non-ISP newsserver, of course
    > > (easynews seems to be popular).
    > >
    > > Regards,
    > >

    I guess that all that is necessary is for the Newsreader to support a
    manual proxy configuration (i.e. 127.0.0.1 :9050)? Then it connects
    straight to TOR, right?

    One other tihng is for the user to set up the newsreader with the
    Newserver's IP address, rather than its DNS address, so as to prevent
    leakage. For, if I understand correctly, you cannot use Privoxy for NG
    client applications.
     
    Terry Gramchunsudffg, Oct 31, 2004
    #17
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. AM
    Replies:
    1
    Views:
    379
    Walter Roberson
    Mar 7, 2005
  2. jim
    Replies:
    1
    Views:
    347
  3. charles cheng
    Replies:
    0
    Views:
    503
    charles cheng
    Nov 19, 2003
  4. Adrian
    Replies:
    6
    Views:
    1,239
    Herman
    Aug 20, 2007
  5. Lawrence D'Oliveiro

    When Is A Visaster Service Pack Not A Service Pack?

    Lawrence D'Oliveiro, Jun 26, 2008, in forum: NZ Computing
    Replies:
    5
    Views:
    480
Loading...

Share This Page