Jump to content

Welcome to MSFN Forum
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. This message will be removed once you have signed in.
Login to Account Create an Account


Photo

Tor-Vidalia with KeX on Win 9x/ME

- - - - -

  • Please log in to reply
35 replies to this topic

#26
herbalist

herbalist

    paranoid independent

  • Members
  • PipPipPipPipPip
  • 726 posts
  • OS:98
  • Country: Country Flag
dencorso
That does look useful. Thanks.


How to remove advertisement from MSFN

#27
Mijzelf

Mijzelf

    Advanced Member

  • Members
  • PipPipPip
  • 462 posts
AFAIK you get this error when no more sockets are available. You can use netstat to find out how much sockets are in use at any moment. For W9x the maximum is 100, but it can be increased.
http://www.catalyst.com/kb/100072

Edited by Mijzelf, 22 January 2012 - 02:52 PM.


#28
Czerno

Czerno

    Newbie

  • Members
  • 16 posts
  • OS:98SE
  • Country: Country Flag

Netcat does look interesting. I wasn't aware of such a tool for Windows. I don't leave Vidalia running as such. I was starting it when I needed to shut Tor down cleanly. Can Netcat send a password to Tor?


Sure, always be sure to keep good old netcat at hand's reach, aka the "Swiss army knife" of networking !

Application to quickly shuting down Tor : first create a text file named "StopTor.bat" containing :

authenticate ""
signal shutdown
quit

Then create one (lor more) shortcuts to the StopTor bat, on the Desktop or the Start menu (for convenience). Double-click shortcut whenever you need to shut down your server!

The example assumed a blank Tor control password (not a vulnerability if the control port isn't open to the internet, which it is not by default, and local users of the computer are trusted). If you set a password though, insert it between the double quotes (authenticate line).

As for the resource leaks, I'm not certain that Tor is what's leaking. That's a large part of what I'm trying to determine. Anyone know of a resource monitor for 98 that shows the load of each process?


Process monitor and other Sysinternals tools are what come to mind (now owned by Microsoft, download from MS).

#29
jumper

jumper

    2014 All-American Masters HJ'er

  • Members
  • PipPipPip
  • 460 posts
  • OS:98SE
  • Country: Country Flag

As for the resource leaks, I'm not certain that Tor is what's leaking. That's a large part of what I'm trying to determine. Anyone know of a resource monitor for 98 that shows the load of each process?

I use TaskInfo2000 v2.1 by Igor Arsenin

Amongst many other things, for each process it lists:
  • Data KB (total, in memory, in use)
  • Code KB (total, in memory, in use)
  • Handles count
  • Windows
It uses low resources itself, updates every two second, and shows most of what VWin32 reports (and much more).

#30
loblo

loblo

    Oldbie

  • Members
  • PipPipPipPipPip
  • 728 posts
  • OS:ME
  • Country: Country Flag
Another excellent process/thread management/information utility, perhaps the best/most advanced of all, is Another Task Manager:

http://www.simtel.ne...t/view/id/12339

#31
herbalist

herbalist

    paranoid independent

  • Members
  • PipPipPipPipPip
  • 726 posts
  • OS:98
  • Country: Country Flag
Nice selection of tools. Thanks.

Mijzelf
According to that article, I'm set much higher than I should be at 512 but have not seen any instability. Lowering "TcpTimedWaitDelay" to 30 might be one reason. The errors have never returned. I have to believe the unofficial upgrades, primarily Revolutions Pack made that possible. I'm also wondering how much effect selecting "network server" in file system properties has here. Never took the time to check what it changes. This instance of Tor has run for 17 days now, still seems fine. Total uptime has reached 3 weeks. Both the available RAM and GDI resources have gone back up some.

I still wonder why the error messages both ended with "Not enough ram?" when MemLoad showed that I had RAM available. It also has me asking if stronger hardware would help here?

Looking at the other Dell with 2GB RAM and a 2.6GHZ P4 sitting next to this unit, wondering if the other half would notice if I swapped hardware with her.

Edited by herbalist, 24 January 2012 - 10:41 AM.


#32
herbalist

herbalist

    paranoid independent

  • Members
  • PipPipPipPipPip
  • 726 posts
  • OS:98
  • Country: Country Flag
I haven't had the chance to verify it, but I think I've found one of the items draining the RAM and/or resources. I'd forgotten that I had Kerio firewall set to log outbound Tor traffic. Needless to say, the log had become quite large. Deleting the log gave me back 25MB of RAM and available GDI resources went up 8%. The odd part here is that the decrease in RAM usage didn't show up in any of the processes listed in MemLoad but does show in in the free physical memory.

#33
herbalist

herbalist

    paranoid independent

  • Members
  • PipPipPipPipPip
  • 726 posts
  • OS:98
  • Country: Country Flag
After finding the issue with Kerio logs and RAM usage, I started looking for other processes that were consuming resources and RAM, shutting them down and restarting them. When I shut down SSM, available GDI resources went up to 80%. They remained there after I restarted SSM, but the system had become unstable and eventually crashed. The majority of the errors pointed to user32.dll and were general protection faults.

#34
herbalist

herbalist

    paranoid independent

  • Members
  • PipPipPipPipPip
  • 726 posts
  • OS:98
  • Country: Country Flag
As far as I can determine, the last crash was due to a conflict between System Safety Monitor and the latest version of Kernel Ex. Keeping these 2 compatible with each other has been problematic with Kernel Ex adding and modifying APIs and SSM hooking the same APIs. The Kernel Ex settings for the 2 primary SSM components, SysSafe.exe and mchook9x.dll, greatly affect how they interact and SSM's ability to function. This conflict appeared to be resolved with Kex 4.0 but looks to have reappeared with 4.5.2. For the moment I've left the Kex settings for mchook9x.dll on default and disabled Kex for SysSafe.exe with the "Don't use these settings in child processes" option checked.

For the most part, the gradual depletion of resources does not appear to be related to Tor, but the steady increase in RAM usage does. Before I do any more with Tor, I need to sort through the SSM-Kex interactions and determine why it resulted in so much resource depletion. While not directly related to running Tor on 98, I also need to determine how the different Kex settings for the 2 SSM components affect its ability to defend a Kex modified system. With more governments and entertainment industry watchdogs regarding Tor as a threat to their authority and/or profits, the possibility of Tor exit nodes being targeted for attack is increasing. While Kernel Ex is doing wonders for making 98 a viable system that can run todays software, its effects on 98 in regards to its vulnerability to exploits in user applications and the ability to defend against them is unexplored territory.

#35
CyberyogiCoWindler

CyberyogiCoWindler

    Junior

  • Members
  • Pip
  • 77 posts
  • OS:98SE
  • Country: Country Flag
I was very unsatisfied with webproxy sites (accessed pages either don't work or links escape from the webproxy's sandbox and switch back to unprotected URLs), so I just downloaded the Tor-Vidalia bundle and tried to install it on Win98SE with KernelEx 4.5.101.

I only want to use it as a client but Vidalia 0.2.17 refuses to work and shows wrong paths (from generic English Windows, mine is German and on E: ), and worse, once I correct these by hand, it won't save them but shows the same wrong paths after every restart. When Vidalia attempts to start tor, the screen always switches into DOS text mode and exits with errors. I tried to start tor manually from a DOS box (which works only when online and loaded 10 minutes to build the "circuit" on my analogue modem), but the Tor-Button on Firefox 3.6.22 only shows a proxy error even when tor.exe in a DOS box is running. When I tried to manually start Vidalia, it requests a password to connect to the running tor process, despite I had set none. What is wrong here?

I then found out that Vidalia can only be started with an argument pointing to its data directory, which (strange enough) works only with DOS file names due to quotation mark problems. So my link has this form:
"E:\Programme\Vidalia Bundle\Vidalia\vidalia.exe" -datadir "E:\PROGRA~1\VIDALI~1\Vidalia"

So Vidalia now can save entered data, but it still refuses to keep tor running. In its debug.log I found the following error message:

Apr 14 02:25:15.630 [debug] connection_handle_write_impl(): After TLS write of 512: 0 read, 586 written
Apr 14 02:25:16.070 [warn] Error "Die Zugriffsnummer ist nicht definiert.

" occurred while polling handle for monitored process 2147483647; assuming it's dead.
Apr 14 02:25:16.070 [notice] Monitored process 2147483647 is dead.
Apr 14 02:25:16.070 [notice] Owning controller process has vanished -- exiting now.

Apparently a connection handle(?) is undefined, causing tor.exe to exit after some seconds when started by Vidalia.

- Is it possible at all to properly use Vidalia/Tor on Win98SE with analogue modem?

Edited by CyberyogiCoWindler, 13 April 2012 - 06:53 PM.


#36
herbalist

herbalist

    paranoid independent

  • Members
  • PipPipPipPipPip
  • 726 posts
  • OS:98
  • Country: Country Flag
Starting in version 0.2.16, Vidalia uses a different location for its data directory.
From the changelog:

Make the default data directory in windows be located in the Local
AppData instead of the Roaming one. Fixes bug 2319.

On my system, when Vidalia .2.17 starts, it creates C:\application data\vidalia and no longer uses /windows/application data/vidalia. It appears other data and config file locations have also changed. Some of the paths are not found on 98 units. So far, I haven't managed to get Vidalia .2.17 to work properly. Vidalia has been something of a problem on 98, even when it did work. Version 0.2.15 works fairly well. If you really want Vidalia, try that version. I stopped using Vidalia. IMO, it's more trouble than it's worth. For all purposes, Vidalia is nothing more than a GUI, log reader, and configuration file editor for Tor. On 98, the Vidalia network map is unreliable, works part time. For the message log data, Tor can just as easily send that data to file.




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users



How to remove advertisement from MSFN