Penetration Testing mailing list archives

Re: Pen-Testing via TOR

From: "andrew.thornton" <andrew.thornton () thorntonindustries com>
Date: Thu, 21 Jul 2005 17:09:33 -0700

Tor will forward all SOCKS (versions 4, 4a and 5) compliant protocols.There is some packet enforcement going on by default within tor. It iscalled an exit policy. Here is the what is blocked by default:


reject *:1214
reject *:4661-4666
reject *:6346-6429
reject *:6881-6999


The following sites may be helpful to you:

http://www.infosecninja.org/content/view/16/28/
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#CompatibleApplications
http://www.socks.permeo.com/AboutSOCKS/SOCKSOverview.asp

Whodini wrote:

I am trying to pentest a box of mine "remotely" by using TOR to make
me hit the cloud first and then double back. What specific pen-test
can I use, either for Win32 or Linux that will work through TOR, or a
proxy?

Current thread:

Pen-Testing via TOR Whodini (Jul 21)
- Re: Pen-Testing via TOR andrew.thornton (Jul 21)
- RE: Pen-Testing via TOR M. Shirk (Jul 21)
- <Possible follow-ups>
- RE: Pen-Testing via TOR Hagen, Eric (Jul 22)
  - Re: Pen-Testing via TOR Jerome Athias (Jul 22)