...
|
...
|
@@ -88,6 +88,8 @@ tells
|
88
|
88
|
languages?</li></a>
|
89
|
89
|
<li><a href="#GmailWarning">Gmail warns me that my account may have
|
90
|
90
|
been compromised.</a></li>
|
|
91
|
+ <li><a href="#NeedToUseAProxy">My internet connection requires an HTTP
|
|
92
|
+ or SOCKS Proxy</a></li>
|
91
|
93
|
</ul>
|
92
|
94
|
|
93
|
95
|
<p>Advanced Tor usage:</p>
|
...
|
...
|
@@ -107,7 +109,7 @@ country)
|
107
|
109
|
are used for entry/exit?</a></li>
|
108
|
110
|
<li><a href="#FirewallPorts">My firewall only allows a few outgoing
|
109
|
111
|
ports.</a></li>
|
110
|
|
- <li><a href="#ExitPorts">Is there a list of default exit ports?</a></li>
|
|
112
|
+ <li><a href="#DefaultExitPorts">Is there a list of default exit ports?</a></li>
|
111
|
113
|
<li><a href="#SocksAndDNS">How do I check if my application that uses
|
112
|
114
|
SOCKS is leaking DNS requests?</a></li>
|
113
|
115
|
<li><a href="#DifferentComputer">I want to run my Tor client on a
|
...
|
...
|
@@ -837,7 +839,7 @@ executive
|
837
|
839
|
</p>
|
838
|
840
|
<p>
|
839
|
841
|
If you really need to connect to only a small set of ports, see the FAQ
|
840
|
|
- entry on firewalled ports.
|
|
842
|
+ entry on <a href="#FirewallPorts">firewalled ports</a>.
|
841
|
843
|
</p>
|
842
|
844
|
<p>
|
843
|
845
|
Note that if you're running Tor as a relay, you must allow outgoing
|
...
|
...
|
@@ -1399,6 +1401,36 @@ recent logins and wondering if you actually logged in at those times.
|
1399
|
1401
|
|
1400
|
1402
|
<hr>
|
1401
|
1403
|
|
|
1404
|
+<a id="NeedToUseAProxy"></a>
|
|
1405
|
+<h3><a class="anchor" href="#NeedToUseAProxy">My internet connection requires an HTTP
|
|
1406
|
+ or SOCKS Proxy</a></h3>
|
|
1407
|
+
|
|
1408
|
+<p>
|
|
1409
|
+You can set Proxy IP address, port, and authentication information in
|
|
1410
|
+Tor Browser's Network Settings. If you're using Tor another way, check
|
|
1411
|
+out the HTTPProxy and HTTPSProxy config options in the <a
|
|
1412
|
+href="https://www.torproject.org/docs/tor-manual.html.en">man page</a>,
|
|
1413
|
+and modify your torrc file accordingly. You will need an HTTP proxy for
|
|
1414
|
+doing GET requests to fetch the Tor directory, and you will need an
|
|
1415
|
+HTTPS proxy for doing CONNECT requests to get to Tor relays. (It's fine
|
|
1416
|
+if they're the same proxy.) Tor also recognizes the torrc options
|
|
1417
|
+Socks4Proxy and Socks5Proxy.
|
|
1418
|
+</p>
|
|
1419
|
+<p>
|
|
1420
|
+Also check out HTTPProxyAuthenticator and HTTPSProxyAuthenticator if your
|
|
1421
|
+proxy requires auth. We only support basic auth currently, but if you need
|
|
1422
|
+NTLM authentication, you find <a
|
|
1423
|
+href="http://archives.seul.org/or/talk/Jun-2005/msg00223.html">this post
|
|
1424
|
+in the archives</a> useful.
|
|
1425
|
+</p>
|
|
1426
|
+<p>
|
|
1427
|
+If your proxies only allow you to connect to certain ports, look at the
|
|
1428
|
+entry on <a href="#FirewallPorts">Firewalled clients</a> for how
|
|
1429
|
+to restrict what ports your Tor will try to access.
|
|
1430
|
+</p>
|
|
1431
|
+
|
|
1432
|
+<hr>
|
|
1433
|
+
|
1402
|
1434
|
<a id="torrc"></a>
|
1403
|
1435
|
<h3><a class="anchor" href="#torrc">I'm supposed to "edit my torrc".
|
1404
|
1436
|
What does that mean?</a></h3>
|
...
|
...
|
@@ -1607,7 +1639,7 @@ day and date under the 'Date & Time' Tab. Also make sure your time
|
1607
|
1639
|
zone is correct.</li>
|
1608
|
1640
|
<li>Is your Internet connection <a href="#FirewallPorts">firewalled
|
1609
|
1641
|
by port</a>, or do you normally need to use a <a
|
1610
|
|
-href="<wikifaq>#MyInternetconnectionrequiresanHTTPorSOCKSproxy.">proxy</a>?
|
|
1642
|
+href="<#NeedToUseAProxy">proxy</a>?
|
1611
|
1643
|
</li>
|
1612
|
1644
|
<li>Are you running programs like Norton Internet Security or SELinux
|
1613
|
1645
|
that
|
...
|
...
|
@@ -1862,8 +1894,8 @@ use the ReachableAddresses config options, e.g.:
|
1862
|
1894
|
|
1863
|
1895
|
<hr>
|
1864
|
1896
|
|
1865
|
|
- <a id="ExitPorts"></a>
|
1866
|
|
- <h3><a class="anchor" href="#ExitPorts">Is there a list of default exit
|
|
1897
|
+ <a id="DefaultExitPorts"></a>
|
|
1898
|
+ <h3><a class="anchor" href="#DefaultExitPorts">Is there a list of default exit
|
1867
|
1899
|
ports?</a></h3>
|
1868
|
1900
|
<p>
|
1869
|
1901
|
The default open ports are listed below but keep in mind that, any port or
|
...
|
...
|
@@ -2017,7 +2049,7 @@ relays.
|
2017
|
2049
|
<li>If your relay is behind a NAT and it doesn't know its public
|
2018
|
2050
|
IP (e.g. it has an IP of 192.168.x.y), you'll need to set up port
|
2019
|
2051
|
forwarding. Forwarding TCP connections is system dependent but
|
2020
|
|
- <a href="<wikifaq>#ImbehindaNATFirewall">this FAQ entry</a>
|
|
2052
|
+ <a href="#BehindANAT">this FAQ entry</a>
|
2021
|
2053
|
offers some examples on how to do this.
|
2022
|
2054
|
</li>
|
2023
|
2055
|
<li>Your relay will passively estimate and advertise its recent
|
...
|
...
|
@@ -2058,7 +2090,7 @@ encounter</a>
|
2058
|
2090
|
<p>
|
2059
|
2091
|
The default exit policy allows access to many popular services
|
2060
|
2092
|
(e.g. web browsing), but <a
|
2061
|
|
-href="<wikifaq>#Istherealistofdefaultexitports">restricts</a>
|
|
2093
|
+href="#DefaultExitPorts">restricts</a>
|
2062
|
2094
|
some due to abuse potential (e.g. mail) and some since
|
2063
|
2095
|
the Tor network can't handle the load (e.g. default
|
2064
|
2096
|
file-sharing ports). You can change your exit policy
|
...
|
...
|
@@ -2589,12 +2621,14 @@ html">release
|
2589
|
2621
|
use
|
2590
|
2622
|
this feature.</li>
|
2591
|
2623
|
|
|
2624
|
+<!-- Nickm says he's not sure this is still accurate
|
|
2625
|
+
|
2592
|
2626
|
<li>If you're running on Solaris, OpenBSD, NetBSD, or
|
2593
|
2627
|
old FreeBSD, Tor is probably forking separate processes
|
2594
|
2628
|
rather than using threads. Consider switching to a <a
|
2595
|
2629
|
href="<wikifaq>#WhydoesntmyWindowsorotherOSTorrelayrunwell">better
|
2596
|
2630
|
operating system</a>.</li>
|
2597
|
|
-
|
|
2631
|
+-->
|
2598
|
2632
|
<li>If you still can't handle the memory load, consider reducing the
|
2599
|
2633
|
amount of bandwidth your relay advertises. Advertising less
|
2600
|
2634
|
bandwidth
|
...
|
...
|
@@ -3481,7 +3515,7 @@ Tor user be a relay.</a></h3>
|
3481
|
3515
|
<p>
|
3482
|
3516
|
Requiring every Tor user to be a relay would help with scaling the
|
3483
|
3517
|
network to handle all our users, and <a
|
3484
|
|
- href="<wikifaq>#DoIgetbetteranonymityifIrunarelay">running a Tor
|
|
3518
|
+ href="#BetterAnonymity">running a Tor
|
3485
|
3519
|
relay may help your anonymity</a>. However, many Tor users cannot be
|
3486
|
3520
|
good
|
3487
|
3521
|
relays — for example, some Tor clients operate from behind
|
...
|
...
|
@@ -3607,7 +3641,7 @@ problems are:
|
3607
|
3641
|
<li>IP packets reveal OS characteristics. We would still need to do
|
3608
|
3642
|
IP-level packet normalization, to stop things like TCP fingerprinting
|
3609
|
3643
|
attacks. Given the diversity and complexity of TCP stacks, along with <a
|
3610
|
|
-href="<wikifaq>#DoesTorresistremotephysicaldevicefingerprinting">device
|
|
3644
|
+href="#RemotePhysicalDeviceFingerprinting">device
|
3611
|
3645
|
fingerprinting attacks</a>, it looks like our best bet is shipping our
|
3612
|
3646
|
own user-space TCP stack.
|
3613
|
3647
|
</li>
|