|
Home > Archive > Anonymous Servers > December 2006 > Tor and QS blocked by ISP.
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Tor and QS blocked by ISP.
|
|
|
| Please bear in mind that I am an
old age new comer to computers.
I have been away from computers
for about eight years. Last time I
was active with the internet I was
using PGP 2.X command line.
I live in Central America and the
frigging service provider is, as of last
night blocking Tor and QS. I am enraged.
There are no other ISPs here to change
to. Is there a way around these skunks
at Cablenet or do I have to eat their shit?
I would love to defeat these people.
I use Windows XP and utilizing Opera
and Firefox.
If anyone could give me a clue or where
I might read on the net as to how I might ease
on around these effers I would be
ever so grateful.
Cordially Tio Tomas
--
Posted via a free Usenet account from http://www.teranews.com
| |
|
| Been experimenting with Wireshark, but have little understanding
of acronyms related to net traffic, however I discovered that my ISP
has starting using wpad. I Googled this (wpad).
A recent development for them (ISP) judging from my past monitoring
of traffic in relation to my machine.
Please, could someone give me some URL's that might help me
get a grasp of what is going on technically.
I was over 50 years old when I discovered computers.
The only people I could talk to about the revelation of computers were
kids.
I was a Tim May fan. Lurked on the Cypherpunks mail list
learning what I could.
Today I have begun to try and find out how I can once again
use Tor in spite of my ISP. These dolts make me hot. Again
it seems my only resource for information are young people.
Not all bad I guess.
Cordialmente, Tio Tomas
--
Posted via a free Usenet account from http://www.teranews.com
| |
| soja_a 2006-12-19, 1:14 am |
| Tio wrote:
>Been experimenting with Wireshark, but have little understanding
>of acronyms related to net traffic, however I discovered that my ISP
>has starting using wpad. I Googled this (wpad).
You've got a real problem on your hands, and it's not going to be simple
to fix. Wirehark's unlikely to tell you anything useful and wpad (unless
it's not the Microsoft protocol for proxy discovery) is a red herring. My
best guess is that your ISP has blocked access to all the TOR entry nodes
using a block list like TORbl. If that's the case, you're pretty much
hosed for using TOR, though you could of course bounce through a proxy en
route to the TOR entry node, at which point we might question why you're
using TOR at all.
There's the related question of why QS no longer works. It is possible
that they've also blocked access to remailers, but the first thing I'd
check is whether your stats are up to date. Check out the stats in
alt.privacy.anon-server.stats if you haven't already. Are you using a
remailer's SMTP server with TLS, or are you using your ISP's SMTP server?
If the latter, you might try a direct connection to a remailer using TLS.
It's possible that there's another explanation that I've overlooked, but
IP address blacklisting looks like the most obvious culprit to me.
soja_a
| |
| Nomen Nescio 2006-12-19, 1:14 am |
| Tio <Tiotomas@safe-mail.net> wrote:
> I live in Central America and the
> frigging service provider is, as of last
> night blocking Tor and QS.
More details, please. What does not work? What happens instead?
Have you tried Tor's fascist firewall option? Your provider cannot block
that unless they block https too.
| |
| Nomen Nescio 2006-12-19, 7:13 am |
| Nomen Nescio <nobody@dizum.com> wrote:
> Tio <Tiotomas@safe-mail.net> wrote:
>
>
> More details, please. What does not work? What happens instead?
> Have you tried Tor's fascist firewall option? Your provider cannot
> block that unless they block https too.
>
False. There are methods for fingerprinting and controlling Tor traffic
specifically. At least one high dollar ISP admin utility has the
ability built in already.
They could also simply peruse the directory and block by IP no matter
what the port/protocol is.
| |
| Nomen Nescio 2006-12-19, 7:13 am |
| soja_a <soja@retired.invalid> wrote:
> Tio wrote:
>
> You've got a real problem on your hands, and it's not going to be
> simple to fix. Wirehark's unlikely to tell you anything useful and
> wpad (unless it's not the Microsoft protocol for proxy discovery) is
> a red herring. My best guess is that your ISP has blocked access to
> all the TOR entry nodes using a block list like TORbl. If that's the
> case, you're pretty much hosed for using TOR, though you could of
> course bounce through a proxy en route to the TOR entry node, at
> which point we might question why you're using TOR at all.
To be anonymous. Whatever proxy you might find to "bounce" through
probably won't be. It absolutely won't be if it's any single hop open
proxy.
The first thing to do is to look for an answer within Tor itself.If by
some chance they're blocking by port, there a number of server that
listen on the more commonly allowed ports like 80. This should be the
first thing the OP investigates.
The next best bet is to tunnel through an SSH or VPN server. There use
to be a free one called "Jungleman" but I don't know if it still exists.
>
> There's the related question of why QS no longer works. It is possible
> that they've also blocked access to remailers, but the first thing I'd
More likely is that they're blocking the use of outside mail servers by
shutting down port 25. Forcing everyone to route outgoing mail through
them.
Here again, there's a number of servers that listen on nonstandard and
alternate ports. Banana's site has a list I believe. A connection
through Tor to an "odd" port that supports TLS would be ideal, assuming
the OP can get Tor to work.
> check is whether your stats are up to date. Check out the stats in
> alt.privacy.anon-server.stats if you haven't already. Are you using a
> remailer's SMTP server with TLS, or are you using your ISP's SMTP
> server? If the latter, you might try a direct connection to a
> remailer using TLS.
>
> It's possible that there's another explanation that I've overlooked,
> but IP address blacklisting looks like the most obvious culprit to me.
For the Tor problem, probably. Tor desn't try to fight this in any way.
But not for the SMTP problem.
>
> soja_a
>
>
>
| |
|
| On 19 Dec 2006 05:09:21 -0000, soja_a <soja@retired.invalid> wrote:
>you're pretty much
>hosed for using TOR, though you could of course bounce through a proxy en
>route to the TOR entry node, at which point we might question why you're
>using TOR at all.
Forgive me for being obtuse but why is the use of Tor questionable?
--
Posted via a free Usenet account from http://www.teranews.com
| |
|
| On Tue, 19 Dec 2006 07:30:12 +0100 (CET), Nomen Nescio
<nobody@dizum.com> wrote:
>More details, please. What does not work? What happens instead?
>Have you tried Tor's fascist firewall option? Your provider cannot block
>that unless they block https too.
Essentially everything works except using Tor or sending a message
via QuickSilver.
-------------------------
False. There are methods for fingerprinting and controlling Tor
traffic
specifically. At least one high dollar ISP admin utility has the
ability built in already.
They could also simply peruse the directory and block by IP no matter
what the port/protocol is.
--------------------
Thank you all.
Cordially, Tio Tomas
--
Posted via a free Usenet account from http://www.teranews.com
| |
|
| On Tue, 19 Dec 2006 06:15:52 -0800, Tio <Tiotomas@safe-mail.net>
wrote:
>On Tue, 19 Dec 2006 07:30:12 +0100 (CET), Nomen Nescio
><nobody@dizum.com> wrote:
>
>
>Essentially everything works except using Tor or sending a message
>via QuickSilver.
Perhaps I should have mentioned that it is my own isp that is blocking
me.
--
Posted via a free Usenet account from http://www.teranews.com
| |
| macarro 2006-12-20, 7:13 am |
| Tio wrote:
> On 19 Dec 2006 05:09:21 -0000, soja_a <soja@retired.invalid> wrote:
>
> Forgive me for being obtuse but why is the use of Tor questionable?
>
I believe he meant that if you are able to use a proxy then you probably
do not need Tor which is already a proxy, he isn't questioning the use
of Tor but the use of two different proxies, the one to route to Tor and
Tor itself.
--
Mapping the internet 24/7 http://www.netdimes.org
Join the Anime Fans United Team
| |
| macarro 2006-12-20, 7:13 am |
| soja_a wrote:
> Tio wrote:
I have Wireshark myself and as far as I know Wireshark will reveal what
traffic comes out from your computer to the ISP, that is assuming you
are sniffing your own network card. If I am wrong anybody let me know I
as I am not expert in Wireshark, but that is my experience, I have used
it in a real case scenario and have been able to see all the traffic
going through the network card, but I can't understand how you could
discover that wpad thing from your ISP, which I haven't got a clue what
it is.[vbcol=seagreen]
>
> My best guess is that your ISP has blocked access to all the TOR entry nodes
> using a block list like TORbl.
I know Undernet on IRC has blocked access to some Tor nodes because of
own experience, that it is a possibility, first of all assuming that is
the case I am greatly surprised an ISP of a small country in Central
America has gone to those lengths when bigger ISPs located in more
controlled societies don't, you do not say what errors you get or what
is exactly happening, that is essential if you want any help we can't
see what you are doing, make sure your configuration is properly done,
check all the obvious things before saying they are blocking Tor.
Now let's assume they are blocking the Tor entry nodes by IP, I can
think of an expensive solution, call abroad to a dial-up ISP (search for
"anonymous free international dial up ISP" plenty around) then you
should be able to use Tor using them, but you will be paying the price
of an international call, this can be good for troubleshooting, if you
manage to get it to work this way it will mean your ISP is definitively
blocking Tor.
Point: Remember that using a foreign dial up ISP you aren't anonymous no
matter what they say, they won't know your name and address but will
know the phone number of the person who has called them and link it to
the internet logs, so number +398877721887 log:edition.cnn.com, if you
use Tor with them their logs should show number +398877721887 log:Tor IP
Using a foreign ISP makes you harder to track but certainly not
impossible, anyone in the UK take note that foreign ISP abroad do not
have to comply with UK ISP data retention laws (5 years logs).
>
> There's the related question of why QS no longer works. It is possible
> that they've also blocked access to remailers,
This why I have so many suspicious...Tor and remailers blocked together?
First time I heard of it, but possible.
You can always handcode a mail2news in emergency, but they aren't as
safe as Quicksilver and PGP,Zero Freedom has a web based remailer with
SSL, again this isn't as safe as Quicksilver but better than nothing.
>Are you using a
> remailer's SMTP server with TLS, or are you using your ISP's SMTP server?
> If the latter, you might try a direct connection to a remailer using TLS.
If you are using your ISP SMTP server try another one, the block should
be gone, http://www.loftmail.com gives you a free email with free POP
and SMTP than can be used in port 80, your ISP can't block port 80
without blocking your internet browser, problem is all the information
will be easily sniffed, so don't use for personal email but in remailers
the information is encrypted so not a problem anymore. 
Maybe they aren't blocking port 25, maybe they are blocking the sites
you are getting the public keys from, in that case I believe it is
possible to get the public keys through a proxy http://www.samair.ru (if
you do not know how to use them ask), alternatively
http://www.unipeak.com or http://www.hidemyass.com (Free)
Download the remailers public keys with the proxy and place them
manually inside Quicksilver, please anyone correct me if its wrong as I
do not use Quicksilver myself, but I kind of recall seeing it can be
done manually
I forgot! Easier method, public keys are published in alt.security.keydist
>
> soja_a
>
If your ISP is blocking Tor and Quicksilver together it will be the
first case I heard of, even in China Tor can be used.
Final point: If you have any problems be more specific about what steps
you have done, what error/messages you get and any other background
information that could be of used to troubleshoot.
--
Mapping the internet 24/7 http://www.netdimes.org
Join the Anime Fans United Team
| |
| George Orwell 2006-12-20, 7:13 pm |
| macarro <email@is.invalid> wrote:
> Tio wrote:
>
> I believe he meant that if you are able to use a proxy then you
> probably do not need Tor which is already a proxy, he isn't
No, it's more accurately described as a network of proxies which use
lawyers of encryption to make your origin impossible to trace from the
destination end, and your destination impossible to know at the origin
end. There's a HUGE difference between that and a proxy, as it's being
discussed here, which makes the use of the two in conjunction highly
desirable in some situations. One of those situations is where an ISP
might block access to Tor nodes, as the OP suspects. There's nothing
questiona
> questioning the use of Tor but the use of two different proxies, the
> one to route to Tor and Tor itself.
>
>
| |
| soja_a 2006-12-21, 1:14 am |
| George Orwell wrote:
>
>No, it's more accurately described as a network of proxies which use
>lawyers of encryption to make your origin impossible to trace from the
>destination end, and your destination impossible to know at the origin
>end. There's a HUGE difference between that and a proxy, as it's being
>discussed here, which makes the use of the two in conjunction highly
>desirable in some situations.
No, indeed my point was not that TOR is redundant with a proxy server;
rather, my point was that if you're bouncing through an open proxy
selected from some script kiddie's list on the WWW then your anonymity is
likely blown to hell already, so using TOR is like putting a bandaid on a
severed artery. If the OP does need a proxy, what I'd recommend is getting
a friend to install Stunnel on a box lying outside of Cablenet's IP block
and then tunnel your TOR requests through SSL. Of couse, before I went to
that trouble I'd try the fascistfirewall option in TOR to see if they're
simply blocking certain outbound ports.
soja_a
| |
| Anonymous 2006-12-22, 1:16 am |
| In article <3COZ4T1X39071.9808217593@anonymous.poster>
soja_a <soja@retired.invalid> wrote:
> Of couse, before I went to that trouble I'd try the fascistfirewall
> option in TOR to see if they're simply blocking certain outbound ports.
>
> soja_a
Yeah, I second that. Many tor servers now operate on port 80 and 443
due to admins blocking port 9050. Any ISP I've found that blocked tor
works fine with the fascistfirewall option.
| |
| Osama bin Hidin 2006-12-23, 7:13 am |
| macarro <email@is.invalid> wrote:
>If you are using your ISP SMTP server try another one, the block should
>be gone, http://www.loftmail.com gives you a free email with free POP
>and SMTP than can be used in port 80, your ISP can't block port 80
loftmail.com free email account registration
Free account signups have been disabled until further notice.
Other alternatives?
|
|
|
|
|