Re: Pen-Testing via TOR

From: andrew.thornton (andrew.thornton@thorntonindustries.com)
Date: Thu Jul 21 2005 - 20:09:33 EDT

• Next message: okrehel@loews.com: "RE: Unknown App"
• Previous message: Daniel Grzelak: "RE: verify HTTPS 'vulnerabilities'"
• In reply to: Whodini: "Pen-Testing via TOR"
• Next in thread: M. Shirk: "RE: Pen-Testing via TOR"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Tor will forward all SOCKS (versions 4, 4a and 5) compliant protocols.
There is some packet enforcement going on by default within tor. It is
called an exit policy. Here is the what is blocked by default:

reject *:1214
reject *:4661-4666
reject *:6346-6429
reject *:6881-6999

The following sites may be helpful to you:

http://www.infosecninja.org/content/view/16/28/
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#CompatibleApplications
http://www.socks.permeo.com/AboutSOCKS/SOCKSOverview.asp

Whodini wrote:

>I am trying to pentest a box of mine "remotely" by using TOR to make
>me hit the cloud first and then double back. What specific pen-test
>can I use, either for Win32 or Linux that will work through TOR, or a
>proxy?
>
>

• Next message: okrehel@loews.com: "RE: Unknown App"
• Previous message: Daniel Grzelak: "RE: verify HTTPS 'vulnerabilities'"
• In reply to: Whodini: "Pen-Testing via TOR"
• Next in thread: M. Shirk: "RE: Pen-Testing via TOR"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:37 EDT