Problems with Stunnel, Freecap, and Tor

Discussion in 'Computer Security' started by Ziggi, May 28, 2005.

  1. Ziggi

    Ziggi Guest

    Hi guys! First time poster here, please don't kill me :-D

    Okay. Gist of it is this. I've been trying to set things up so that
    my usenet usage is "anonymized." I picked up a FAQ that gives a
    pretty good how-to on that, using Stunnel, Freecap, and Tor.

    Now, I'm kinda new to network security. I'm an old hat at personal
    computer security, but networks have always left me lost and slightly
    confused. Lets see if I've got this right; I need to set things up
    so that my newsreader communicates through Stunnel, which encrypts my
    data. After that, Stunnel's output goes through Freecap, thus
    preparing it for use with Tor. Tor takes it and routes it through a
    whole bunch of servers and crap, and eventually (so the theory goes)
    the data comes out somewhere way off from where I am, encrypted (with
    Stunnel) and then travels to my news service. If that's right, then I
    guess I learned something :p

    Well, the thing is this. I've been able to set up Stunnel to serve as
    a bridge between my newsreader and my newsservice, and I follow the
    steps in the FAQ exactly for configuring Stunnel to work through
    Freecap and Tor, but whenever I start Stunnel from Freecap, it gives
    me this error

    Error resolving '': Neither nodename nor servname known

    Now, I've got no clue where it's getting from. That address
    isn't in my stunnel.conf file at all, so there's no clues there. For
    the life of me, I just can't figure this out on my own.

    Could anyone possibly give me a hint as to what I'm doing wrong?
    Ziggi, May 28, 2005
    1. Advertisements

  2. Ziggi

    nemo_outis Guest

    I'm shooting from the hip here since I've only given your problem 15
    seconds thought :) However, one possible source of your problem is that
    only a very small subset (at times in the past, the "null set") support the
    exit port (119) to get to a conventional news service (reason: to prevent
    abuse). You must specify and limit the exit nodes to those that do support
    this (in the Tor config file).

    FWIW, I understand that a larger subset of Tor servers do support the port
    for "secure news services" (somewhere in the 500s if I remember correctly).
    But then you must find a news service which supports this (only a few do).

    Anyway, one possibility. Good luck!

    nemo_outis, May 28, 2005
    1. Advertisements

  3. Ziggi

    speeder Guest

    If you double checked everything in the FAQ, try using SocksCap
    instead of FreeCap. I´ve had that same problem in the past and it
    worked for me. I´ve also read that FreeCap has given a hard time to
    other folks.
    speeder, May 28, 2005
  4. Ziggi

    Ziggi Guest

    Well, thank you. I'd considered switching to SocksCap already, but I
    was trying to figure out if it was something I was doing wrong, so I
    was reluctant.

    I downloaded SocksCap and everything works perfectly fine now. Kinda
    dissapointing, since FreeCap has socks4a and SocksCap doesn't appear
    to (looks to me like it's just socks4, and Tor reports that yes, it
    does only use socks4) and I liked the extra bit of coolness that
    little "a" at the end made. Very snazzy. (I have no clue what the
    diff between socks4 and socks4a means, but I assume socks4a is better
    because common naming conventions indicate that the "a" makes it

    I think I'll still mess around with FreeCap some and see what I can
    Ziggi, May 29, 2005
  5. Ziggi

    speeder Guest

    Your welcome, I burned a lot of neurons trying to get FreeCap to work
    before I finally capitulated to SocksCap.
    I am not an expert but from what I´ve read there is some confusion in
    the method for doing DNS resolves through socks proxies. Socks4 will
    NOT do it through your proxy so you might be compromising your privacy
    by doing it locally. Socks4a is an attempt to address this problem by
    doing it remotely. Socks5 is the newer revised standard and is
    supposed to solve the problem. But it is not as widely deployed as
    Socks4 and so some applications might have problems "talking" Socks5.
    If you do find the solution, please post back. I would prefer to use
    an open solution.
    speeder, May 29, 2005
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.