Jondo no longer able cascade Tor using Port 9150

If sometime something does not work...
JDM001
Posts: 15
Joined: Sun Apr 01, 2012 19:02

Jondo no longer able cascade Tor using Port 9150

Post by JDM001 » Sun Mar 09, 2014 14:00

I'm having trouble getting Jondofox [JDF] to cascade with Tor.

The latest release of JDF connects fine with Windows Tor Bundle 2.3.25-15 when Jondo Config/Network is set to 'I'm forced to use a proxy:', Socks Proxy', localhost and port 9150 are selected.

However, under Windows Tor Bundle 3.5.2.1 Jondo will not cascade its connection with Tor given every thing else remains unchanged. The premium cascades just roll to find a connection.

It could be that the Valadia control panel is built into 3.5.2.1 and is separate under 2.3.25-15 and something has been left out.

Can anybody find a way to get them to cascade again?

cane

Re: Jondo no longer able cascade Tor using Port 9150

Post by cane » Sun Mar 09, 2014 19:23

Because of changes in Tor it is not possibel any more to use it cascaded with JonDo.

sovereignpress
Posts: 188
Joined: Sat Aug 25, 2012 1:02
Contact:

Re: Jondo no longer able cascade Tor using Port 9150

Post by sovereignpress » Mon Mar 10, 2014 16:49

JDM001 wrote:I'm having trouble getting Jondofox [JDF] to cascade with Tor.

The latest release of JDF connects fine with Windows Tor Bundle 2.3.25-15 when Jondo Config/Network is set to 'I'm forced to use a proxy:', Socks Proxy', localhost and port 9150 are selected.

However, under Windows Tor Bundle 3.5.2.1 Jondo will not cascade its connection with Tor given every thing else remains unchanged. The premium cascades just roll to find a connection.

It could be that the Valadia control panel is built into 3.5.2.1 and is separate under 2.3.25-15 and something has been left out.

Can anybody find a way to get them to cascade again?
I'm not quite sure if this helps, but you can still do it in a Linux flavor. It is true that port 9150 does not work with JonDo client (no connection). But, port 9050 still works. I run Tor daemon, which connects to 9050; and run the tor browser, which connects to port 9150.

You can connect to the tor browser from Jondo fine, but it seems impossible to connect to Jondo from Tor on port 9150.

Try Windows daemon (services).

sovereignpress
Posts: 188
Joined: Sat Aug 25, 2012 1:02
Contact:

Re: Jondo no longer able cascade Tor using Port 9150

Post by sovereignpress » Mon Mar 10, 2014 17:10

I figured it out. Easier than I thought.

You have to work around the issue, as there appears to be no direct way of connecting to Jondo from 127.0.0.1 9150.

user64834
Posts: 10
Joined: Sat Feb 15, 2014 15:12

Re: Jondo no longer able cascade Tor using Port 9150

Post by user64834 » Tue Mar 11, 2014 19:32

With older verions of Tor bundle pack I trust you can still connect to JD thou ?

What is the work around sovereignpress ??

sovereignpress
Posts: 188
Joined: Sat Aug 25, 2012 1:02
Contact:

Re: Jondo no longer able cascade Tor using Port 9150

Post by sovereignpress » Tue Mar 11, 2014 22:28

user64834 wrote:With older verions of Tor bundle pack I trust you can still connect to JD thou ?

What is the work around sovereignpress ??
Old versions of Tor are not recommended, as they may be insecure. If you use a Linux distro, you can run Tor as daemon and use it with port 9050.

As to your other question, the work around is quite simple. In the JonDo client, configure the network for "HTTP/HTTPS", not SOCKS. Use localhost as the host and use port 8118.

To make this work with port 9150 (Tor), you need to download privoxy and configure it to forward socks5 traffic port 9150 to localhost 8118. When you add port 8118 in JonDo, privoxy will forward socks5 localhost 9150 to privoxy and thus to JonDo.

It works very well, with no lag.

JDM001
Posts: 15
Joined: Sun Apr 01, 2012 19:02

Re: Jondo no longer able cascade Tor using Port 9150

Post by JDM001 » Wed Mar 12, 2014 16:35

Thanks guys!

But I'm not so sure using HTTP/HTTPS is a good idea given these protocols have to be authenticated (they have headers) by a firewall which could block the connection?

"Consider that protocols such as HTTP and Telnet support firewall authentication. Anyone who has configured Authenticated Proxy on a Cisco firewall will understand this. However, encrypted protocols can never be authenticated by firewall, only by a SOCKS Proxy."

http://etherealmind.com/fast-introducti ... cks-proxy/

I'm trying to get my head around what actually happened with Tor 3.5.x.

Do we now suppose that Tor is no longer a Socks server? The other issue is one of disguising a Tor connection NOT to look like Tor because of packet inspection. Is this related to the as yet unimplemented inbuilt Tor transports mechanism?

If Tor IS no longer a socks server this is a huge departure from previous versions. The loss of the ability to use a new identity without discarding the existing page is another issue. Not happy, not happy at all! It will force some users to stick with earlier versions which are insecure which could put them at risk.

The only way around this would be to cascade Tor 2.x with Jondo so that Tor's insecurity is diminished by the cascade. Why then would you need any newer versions of Tor? All good business for the premium cascades?

user64834
Posts: 10
Joined: Sat Feb 15, 2014 15:12

Re: Jondo no longer able cascade Tor using Port 9150

Post by user64834 » Wed Mar 12, 2014 18:17

Thank you for your detailed explanation SP, I'm surprised admin haven't brought this to the community's attention sooner.

"As to your other question, the work around is quite simple. In the JonDo client, configure the network for "HTTP/HTTPS", not SOCKS. Use localhost as the host and use port 8118"

Would this alone using the new Tor enable me to connect to Tor Then JonDo ? Or do I need also to use privoxy (seems very complicated to layman)

Thanks again !

sovereignpress
Posts: 188
Joined: Sat Aug 25, 2012 1:02
Contact:

Re: Jondo no longer able cascade Tor using Port 9150

Post by sovereignpress » Wed Mar 12, 2014 19:33

user64834 wrote:Thank you for your detailed explanation SP, I'm surprised admin haven't brought this to the community's attention sooner.

"As to your other question, the work around is quite simple. In the JonDo client, configure the network for "HTTP/HTTPS", not SOCKS. Use localhost as the host and use port 8118"

Would this alone using the new Tor enable me to connect to Tor Then JonDo ? Or do I need also to use privoxy (seems very complicated to layman)

Thanks again !
No, let me explain. Tor is a socks only proxy. Privoxy natively runs on localhost 8118. This is not Tor. Since the JonDo client no longer supports Tor 9150, you cannot use socks 9150 directly.

Privoxy is required to make this work. Privoxy (when so configured) is instructed to forward traffic from localhost 9150 to localhost 8118. By adding localhost 8118 to JonDo, you are receiving traffic from socks5 Tor on port 9150 first. The privoxy acts as middleman.

Privoxy is a great app in and of itself, but it is especially good for apps that do not support socks.

sovereignpress
Posts: 188
Joined: Sat Aug 25, 2012 1:02
Contact:

Re: Jondo no longer able cascade Tor using Port 9150

Post by sovereignpress » Wed Mar 12, 2014 19:43

JDM001 wrote:Thanks guys!

But I'm not so sure using HTTP/HTTPS is a good idea given these protocols have to be authenticated (they have headers) by a firewall which could block the connection?

"Consider that protocols such as HTTP and Telnet support firewall authentication. Anyone who has configured Authenticated Proxy on a Cisco firewall will understand this. However, encrypted protocols can never be authenticated by firewall, only by a SOCKS Proxy."

http://etherealmind.com/fast-introducti ... cks-proxy/

I'm trying to get my head around what actually happened with Tor 3.5.x.

Do we now suppose that Tor is no longer a Socks server? The other issue is one of disguising a Tor connection NOT to look like Tor because of packet inspection. Is this related to the as yet unimplemented inbuilt Tor transports mechanism?

If Tor IS no longer a socks server this is a huge departure from previous versions. The loss of the ability to use a new identity without discarding the existing page is another issue. Not happy, not happy at all! It will force some users to stick with earlier versions which are insecure which could put them at risk.

The only way around this would be to cascade Tor 2.x with Jondo so that Tor's insecurity is diminished by the cascade. Why then would you need any newer versions of Tor? All good business for the premium cascades?
There appears to be a disconnect here.

Tor is a SOCKS only proxy. It is not an HTTP proxy. Tor does not support HTTP. Tor has a separate browser for bypassing strict censorship, so it does not look like it is Tor traffic.

Privoxy acts, among other things, (in particular filtering), as a middleman. It adds support for applications that only support HTTP traffic. So in other words, VLC only supports HTTP. You cannot use Tor for this app, as Tor is only a SOCKS proxy. To avoid this problem, you can either use a HTTP proxy (like JonDo), a socksifier, or something like Privoxy.

Privoxy (when so configured) "forwards" socks traffic (in this case Tor port 9150) to HTTP localhost 8118.

So in VLC, if you add "127.0.0.1:8118", it is Tor (socks) that is being forwarded to VLC. The exit IP address is Tor.

The same applies to JonDo. It is tor (socks5 port 9150) that is being forwarded to JonDo via localhost 8118.

If you try this method, and disconnect from Tor, JonDo will never connect. If you connect to Tor and then reconnect to JonDo, you can now successfully connect to JonDo.

Post Reply