Transocks and TOR
It works like this:
- Set up iptables (on Linux) to direct all packages to the transocks port (default 1211) on the computer running transocks.
- Transocks forwards tcp-connections to a TOR-client using Socks.V4
- TOR take it from there
Advantages
- Handles all TCP-connections
- Light weight
- Works for all applications. I.e. they do not need to be torified.
Setup
There are three type of computers involved:
- The computer running the TOR server
- The computer running Transocks
- The computer(s) running the applications.
If these are not alle the same computer, the users will have to trust the other computers and the network connections to these.
Setting up Transocks: /etc/socks.conf
route {
from: 0.0.0.0/0 to: 0.0.0.0/0 via: 127.0.0.1 port = 9050
proxyprotocol: socks_v4
method: none
protocol: tcp
}
Packets
See example at: http://cvs.sourceforge.net/viewcvs.py/transocks/transocks/README?rev=1.2&view=auto
Interesting uses
Transocks+TOR can be used to make a gateway that transparently anonomize all traffic outwards.
The Linksys WRT54G accesspoint can run both TOR and transocks. This allows wireless clients to connect to the the accesspoint and have traffic routed through TOR. This have at least two uses.
- If he wireless clients encrypt their communication to the accesspoint (eg. WPA) and trust the accesspoint (eg. work or family setting) they are anonymouse.
- The owner of the accesspoint can let anyone share his bandwidth without worrying about being embarrassed by their traffic.
Problems
Because no real proxy is involved and all TCP-ports can be used, there is a bigger risk of an application revealing the clients IP-address in the data. However this is not a serious problem when used in an accesspoint because the address of the accesspoint will not be revealed and the client will have a temporary DHCP-address.
Links to software
Transocks:http://sourceforge.net/projects/transocks/
OpenWRT transocks: http://www.agol.dk/ipkg