Browse code

Fixed a couple typos

Matt Pagan authored on 20/01/2014 17:14:54
Showing 1 changed files
... ...
@@ -92,9 +92,6 @@ tells
92 92
     or SOCKS Proxy</a></li>
93 93
     <li><a href="#CantSetProxy">What should I do if I can't set a proxy 
94 94
     with my application?</a></li>
95
-    <li><a href="#WarningsAboutSOCKSandDNSInformationLeaks">I keep seeing 
96
-    these warnings about SOCKS and DNS information leaks. Should I 
97
-    worry?</a></li>
98 95
     <li><a href="#WhereDidVidaliaGo">Where did the world map (Vidalia) 
99 96
     go?</a></li>
100 97
     <li><a href="#DisableJS">How do I disable JavaScript?</a></li>
... ...
@@ -127,6 +124,9 @@ country)
127 124
     <li><a href="#FirewallPorts">My firewall only allows a few outgoing
128 125
     ports.</a></li>
129 126
     <li><a href="#DefaultExitPorts">Is there a list of default exit ports?</a></li>
127
+    <li><a href="#WarningsAboutSOCKSandDNSInformationLeaks">I keep seeing 
128
+    these warnings about SOCKS and DNS information leaks. Should I 
129
+    worry?</a></li>
130 130
     <li><a href="#SocksAndDNS">How do I check if my application that uses 
131 131
     SOCKS is leaking DNS requests?</a></li>
132 132
     <li><a href="#DifferentComputer">I want to run my Tor client on a 
... ...
@@ -222,7 +222,7 @@ uses.</a></li>
222 222
     </a></li>
223 223
     <li><a href="#RemotePhysicalDeviceFingerprinting">Does Tor resist 
224 224
     "remote physical device fingerprinting"?</a></li>
225
-    <li><a href="#VPN">What's safer, Tor or a VPN?</a></li>
225
+    <li><a href="#VPN">Is Tor like a VPN?</a></li>
226 226
     <li><a href="#Proxychains">Aren't 10 proxies (proxychains) better than 
227 227
     Tor with only 3 hops?</a></li>
228 228
     <li><a href="#AttacksOnOnionRouting">What attacks remain against onion 
... ...
@@ -1482,49 +1482,6 @@ href="http://www.crowdstrike.com/community-tools/index.html#tool-79">proposed
1482 1482
 
1483 1483
 <hr>
1484 1484
 
1485
-<a id="WarningsAboutSOCKSandDNSInformationLeaks"></a>
1486
-<h3><a class="anchor" href="#WarningsAboutSOCKSandDNSInformationLeaks">I 
1487
-keep seeing these warnings about SOCKS and DNS information leaks. 
1488
-Should I worry?</a></h3>
1489
-<p>
1490
-The warning is: 
1491
-</p>
1492
-<p>
1493
-Your application (using socks5 on port %d) is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. Consider using Socks4A (e.g. via Polipo or socat) instead. 
1494
-</p>
1495
-<p>
1496
-If you are running Tor to get anonymity, and you are worried about an attacker who is even slightly clever, then yes, you should worry. Here's why. 
1497
-</p>
1498
-<p>
1499
-<b>The Problem.</b> When your applications connect to servers on the Internet, they need to resolve hostnames that you can read (like www.torproject.org) into IP addresses that the Internet can use (like 209.237.230.66). To do this, your application sends a request to a DNS server, telling it the hostname it wants to resolve. The DNS server replies by telling your application the IP address. 
1500
-</p>
1501
-<p>
1502
-Clearly, this is a bad idea if you plan to connect to the remote host anonymously: when your application sends the request to the DNS server, the DNS server (and anybody else who might be watching) can see what hostname you are asking for. Even if your application then uses Tor to connect to the IP anonymously, it will be pretty obvious that the user making the anonymous connection is probably the same person who made the DNS request. 
1503
-</p>
1504
-<p>
1505
-<b>Where SOCKS comes in.</b> Your application uses the SOCKS protocol to connect to your local Tor client. There are 3 versions of SOCKS you are likely to run into: SOCKS 4 (which only uses IP addresses), SOCKS 5 (which usually uses IP addresses in practice), and SOCKS 4a (which uses hostnames). 
1506
-</p>
1507
-<p>
1508
-When your application uses SOCKS 4 or SOCKS 5 to give Tor an IP address, Tor guesses that it 'probably' got the IP address non-anonymously from a DNS server. That's why it gives you a warning message: you probably aren't as anonymous as you think. 
1509
-</p>
1510
-<p>
1511
-<b>So what can I do?</b> We describe a few solutions below. 
1512
-</p>
1513
-<ul>
1514
-<li>If your application speaks SOCKS 4a, use it. </li>
1515
-<li>If you only need one or two hosts, or you are good at programming, you may be able to get a socks-based port-forwarder like socat to work for you; see <a href="https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO">the Torify HOWTO</a> for examples. </li>
1516
-<li>Tor ships with a program called tor-resolve that can use the Tor network to look up hostnames remotely; if you resolve hostnames to IPs with tor-resolve, then pass the IPs to your applications, you'll be fine. (Tor will still give the warning, but now you know what it means.) </li>
1517
-<!-- I'm not sure if this project is still maintained or not
1518
-
1519
-<li>You can use TorDNS as a local DNS server to rectify the DNS leakage. See the Torify HOWTO for info on how to run particular applications anonymously. </li>
1520
-!-->
1521
-</ul>
1522
-<p>
1523
- If you think that you applied one of the solutions properly but still experience DNS leaks please verify there is no third-party application using DNS independently of Tor. Please see <a href="#AmITotallyAnonymous">the FAQ entry on whether you're really absolutely anonymous using Tor</a> for some examples. 
1524
-</p>
1525
-
1526
-    <hr>
1527
-
1528 1485
     <a id="WhereDidVidaliaGo"></a>
1529 1486
     <h3><a class="anchor" href="#WhereDidVidaliaGo">Where did the world map 
1530 1487
     (Vidalia) go?</a></h3>
... ...
@@ -2263,6 +2220,80 @@ from the source code release tor-0.2.4.16-rc is:
2263 2220
 
2264 2221
     <hr>
2265 2222
 
2223
+    <a id="WarningsAboutSOCKSandDNSInformationLeaks"></a>
2224
+    <h3><a class="anchor" href="#WarningsAboutSOCKSandDNSInformationLeaks">I 
2225
+    keep seeing these warnings about SOCKS and DNS information leaks. 
2226
+    Should I worry?</a></h3>
2227
+    <p>
2228
+    The warning is: 
2229
+    </p>
2230
+    <p>
2231
+    Your application (using socks5 on port %d) is giving Tor only an IP 
2232
+    address. Applications that do DNS resolves themselves may leak 
2233
+    information. Consider using Socks4A (e.g. via Polipo or socat) instead. 
2234
+    </p>
2235
+    <p>
2236
+    If you are running Tor to get anonymity, and you are worried about an 
2237
+    attacker who is even slightly clever, then yes, you should worry. Here's why. 
2238
+    </p>
2239
+    <p>
2240
+    <b>The Problem.</b> When your applications connect to servers on the 
2241
+    Internet, they need to resolve hostnames that you can read (like 
2242
+    www.torproject.org) into IP addresses that the Internet can use (like 
2243
+    209.237.230.66). To do this, your application sends a request to a DNS 
2244
+    server, telling it the hostname it wants to resolve. The DNS server 
2245
+    replies by telling your application the IP address. 
2246
+    </p>
2247
+    <p>
2248
+    Clearly, this is a bad idea if you plan to connect to the remote host 
2249
+    anonymously: when your application sends the request to the DNS server, 
2250
+    the DNS server (and anybody else who might be watching) can see what 
2251
+    hostname you are asking for. Even if your application then uses Tor to 
2252
+    connect to the IP anonymously, it will be pretty obvious that the user 
2253
+    making the anonymous connection is probably the same person who made 
2254
+    the DNS request. 
2255
+    </p>
2256
+    <p>
2257
+    <b>Where SOCKS comes in.</b> Your application uses the SOCKS protocol 
2258
+    to connect to your local Tor client. There are 3 versions of SOCKS you 
2259
+    are likely to run into: SOCKS 4 (which only uses IP addresses), SOCKS 5 
2260
+    (which usually uses IP addresses in practice), and SOCKS 4a (which uses 
2261
+    hostnames). 
2262
+    </p>
2263
+    <p>
2264
+    When your application uses SOCKS 4 or SOCKS 5 to give Tor an IP address, 
2265
+    Tor guesses that it 'probably' got the IP address non-anonymously from a 
2266
+    DNS server. That's why it gives you a warning message: you probably aren't 
2267
+    as anonymous as you think. 
2268
+    </p>
2269
+    <p>
2270
+    <b>So what can I do?</b> We describe a few solutions below. 
2271
+    </p>
2272
+    <ul>
2273
+    <li>If your application speaks SOCKS 4a, use it. </li>
2274
+    <li>If you only need one or two hosts, or you are good at programming, 
2275
+    you may be able to get a socks-based port-forwarder like socat to work 
2276
+    for you; see <a 
2277
+    href="https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO">the 
2278
+    Torify HOWTO</a> for examples. </li>
2279
+    <li>Tor ships with a program called tor-resolve that can use the Tor 
2280
+    network to look up hostnames remotely; if you resolve hostnames to IPs 
2281
+    with tor-resolve, then pass the IPs to your applications, you'll be fine. 
2282
+    (Tor will still give the warning, but now you know what it means.) </li>
2283
+<!-- I'm not sure if this project is still maintained or not
2284
+
2285
+<li>You can use TorDNS as a local DNS server to rectify the DNS leakage. See the Torify HOWTO for info on how to run particular applications anonymously. </li>
2286
+!-->
2287
+    </ul>
2288
+    <p>If you think that you applied one of the solutions properly but still 
2289
+    experience DNS leaks please verify there is no third-party application 
2290
+    using DNS independently of Tor. Please see <a 
2291
+    href="#AmITotallyAnonymous">the FAQ entry on whether you're really 
2292
+    absolutely anonymous using Tor</a> for some examples. 
2293
+    </p>
2294
+
2295
+    <hr>
2296
+
2266 2297
     <a id="SocksAndDNS"></a>
2267 2298
     <h3><a class="anchor" href="#SocksAndDNS">How do I check if my application that uses 
2268 2299
     SOCKS is leaking DNS requests?</a></h3>
... ...
@@ -2643,7 +2674,7 @@ users
2643 2674
     connect from localhost. Connections from other computers are 
2644 2675
     refused. If you want to torify applications on different computers 
2645 2676
     than the Tor client, you should edit your torrc to define 
2646
-    SocksListenAddress 0.0.0.0 g and then restart (or hup) Tor. If you 
2677
+    SocksListenAddress 0.0.0.0 and then restart (or hup) Tor. If you 
2647 2678
     want to get more advanced, you can configure your Tor client on a 
2648 2679
     firewall to bind to your internal IP but not your external IP.  
2649 2680
     </p>
... ...
@@ -3989,7 +4020,7 @@ ZKS's Freedom network could) -- but maybe that's a good thing at this stage.
3989 4020
     <hr>
3990 4021
 
3991 4022
     <a id="VPN"></a>
3992
-    <h3><a class="anchor" href="#VPN">What's safer, Tor or a VPN?</a></h3>
4023
+    <h3><a class="anchor" href="#VPN">Is Tor like a VPN?</a></h3>
3993 4024
     
3994 4025
     <p>
3995 4026
     Some people use Virtual Private Networks (VPNs) as a privacy solution.