Penetration Testing mailing list archives
Re: Pen-Testing via TOR
From: "andrew.thornton" <andrew.thornton () thorntonindustries com>
Date: Thu, 21 Jul 2005 17:09:33 -0700
Tor will forward all SOCKS (versions 4, 4a and 5) compliant protocols. There is some packet enforcement going on by default within tor. It is called an exit policy. Here is the what is blocked by default:
reject *:1214 reject *:4661-4666 reject *:6346-6429 reject *:6881-6999 The following sites may be helpful to you: http://www.infosecninja.org/content/view/16/28/ http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ#CompatibleApplications http://www.socks.permeo.com/AboutSOCKS/SOCKSOverview.asp Whodini wrote:
I am trying to pentest a box of mine "remotely" by using TOR to make me hit the cloud first and then double back. What specific pen-test can I use, either for Win32 or Linux that will work through TOR, or a proxy?
Current thread:
- Pen-Testing via TOR Whodini (Jul 21)
- Re: Pen-Testing via TOR andrew.thornton (Jul 21)
- RE: Pen-Testing via TOR M. Shirk (Jul 21)
- <Possible follow-ups>
- RE: Pen-Testing via TOR Hagen, Eric (Jul 22)
- Re: Pen-Testing via TOR Jerome Athias (Jul 22)