Internal Tor configuration for the scanner¶
The scanner needs a specific Tor configuration. The following options are either set when launching Tor or required when connection to an existing Tor daemon.
Default configuration:
SocksPort auto
: To proxy requests over Tor.CookieAuthentication 1
: The easiest way to authenticate to Tor.UseEntryGuards 0
: To avoid path bias warnings.UseMicrodescriptors 0
: Because full server descriptors are needed.SafeLogging 0
: Useful for logging, since there’s no need for anonymity.LogTimeGranularity 1
ProtocolWarnings 1
FetchDirInfoEarly 1
FetchDirInfoExtraEarly 1
: Respond to MaxAdvertisedBandwidth as soon as possible.FetchUselessDescriptors 1
: Keep fetching descriptors, even when idle.LearnCircuitBuildTimeout 0
: To keep circuit build timeouts static.
Configuration that depends on the user configuration file:
CircuitBuildTimeout ...
: The timeout trying to build a circuit.DataDirectory ...
: The Tor data directory path.PidFile ...
: The Tor PID file path.ControlSocket ...
: The Tor control socket path.Log notice ...
: The Tor log level and path.
Configuration that needs to be set on runtime:
__DisablePredictedCircuits 1
: To build custom circuits.__LeaveStreamsUnattached 1
: The scanner is attaching the streams itself.
Configuration that can be set on runtime and fail:
ConnectionPadding 0
: Useful for avoiding extra traffic, since scanner anonymity is not a goal.
Currently most of the code that sets this configuration is in sbws.util.stem.launch_tor()
and the default configuration is sbws/globals.py
.
Note
the location of this code is being refactored.