From owner-freebsd-questions@FreeBSD.ORG Fri Mar 13 20:17:48 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 4D8D8106566B for ; Fri, 13 Mar 2009 20:17:48 +0000 (UTC) (envelope-from freebsd-questions@lists.goldenpath.org) Received: from randymail-a1.g.dreamhost.com (caiajhbdcagg.dreamhost.com [208.97.132.66]) by mx1.freebsd.org (Postfix) with ESMTP id 3004A8FC15 for ; Fri, 13 Mar 2009 20:17:47 +0000 (UTC) (envelope-from freebsd-questions@lists.goldenpath.org) Received: from [127.0.0.1] (shekel.dreamhost.com [208.113.247.228]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by randymail-a1.g.dreamhost.com (Postfix) with ESMTP id 499AC18CE18; Fri, 13 Mar 2009 13:17:47 -0700 (PDT) Message-ID: <49BABF6A.5000703@lists.goldenpath.org> Date: Fri, 13 Mar 2009 16:17:46 -0400 From: "T." User-Agent: Thunderbird 2.0.0.19 (Windows/20081209) MIME-Version: 1.0 To: Gilles References: <36241.2123395645$1236851130@news.gmane.org> <1knhr4hsb6gqmnuru0arpehdj9b3nj4nje@4ax.com> <49B94A9B.3090305@lists.goldenpath.org> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: Anonymizer tool like Tor? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Mar 2009 20:17:48 -0000 Gilles wrote: > On Thu, 12 Mar 2009 13:47:07 -0400, "T." > wrote: > >> You want a transparent tor proxy, which you setup with freebsd and pf. >> > > Thanks much for the help. If my modest Python script used to download > some web pages goes through Tor, is there a way for the remote web > server to somehow trace this connection back to me? no > Can you elaborate? After compiling the Ports, a "_tor" user is > created. I could successfully launch Tor by "su - _tor". > > If you want it to work as I've described, as a transparent proxy, you'll need to follow all the steps I've detailed. Yes, of course you can su - _tor The given start stop method is # /usr/local/etc/rc.d/tor start # /usr/local/etc/rc.d/tor stop The way I've described, the machine becomes a transparent tor proxy for all machines that use it as their default gateway and dns servers. This has a huge advantage in that the client machines are un-trickable. You don't have to figure out how to "proxify" anything. You cannot misconfigure their network / proxy settings. Everything uses the network exactly as it always does. If they have no direct access to the internet, they cannot be forced to reveal your real IP.