If you would like to experiment or you are unable to install tor for some reason you can use the following address as a socks server:
tor-proxy.rrbone.net:9050
(You are able to chain proxies with tor, for instance using proxychains. Though I am not sure why one would want to do this because tor is extremity anonymous as it is. Also note to use this proxy server to access HTTP you MUST use a program like privoxy to tunnel HTTP traffic over socks. Also )

Tor is a very nice program that allows for an individual to be completely anonymous because of a group effort. Think of Zebra's on a network level. It is an anonymous onion router based mixer network. Its more than just accessing the open Internet anonymously. You can host "hidden daemons" where you can host any tcp server completely anonymously. People do some interesting things when they are anonymous and I suggest checking out some of these sites (Freenet is another example of this). But unlike Freenet tor is real time and a heck of a lot faster. There are IRCd's and SMTPd's hosted on tor, which you can't do on freenet. I am showing various security weaknesses in tor.

Tor allows for some interesting functionality, configuration and customization of tor is exceptional. The documentation is also very noteworthy, there is even a guide on how to set up your own tor network to suit YOUR needs. Thats really the magic of open source, you can customize the application to suit your specific needs, instead of being forced into a cramped cookie cutter, like a slave. Business is about excelling and doing better than the next guy, so why be constricted by insecure closed source software?

By default tor is secure. I'm not talking like Squid is secure by default or Windows 2003 is secure by default. One of the reasons why there are so many open proxies, people get "default secure" software, and to use it they compromise it. Tor is actually usable and secure by default. What a thought, maybe Microsoft could learn a thing or two from that. (Buying a $4000 OS that is useless by default? What a JOKE, that isn't security, that is running with your tail between your legs.)

What I am focusing on is the customization of Tor exit gates to the open Internet. Without them you would only be able to access tor hidden servers. Gateways are servers that are on 24/7, this is necessary because though your route to the gateway is quite dynamic because it is made up of users who are constantly joining and leaving the tor network. For Internet functionality to work properly you need a static ip address during the session. The tcp protocol is very robust and packets can be lost without loss of data or the connection. The more tor gates on the network, the faster you will be able to access the open net.

As a tor gate owner you have the amazing power to define what you want to exit your server. If you want you can only allow traffic to exit that is going to port 80 (http), or even a particular IP address or IP address range.
This is the default exit policy for tor:

reject 0.0.0.0/8
reject 169.254.0.0/16
reject 127.0.0.0/8
reject 192.168.0.0/16
reject 10.0.0.0/8
reject 172.16.0.0/12
accept *:20-22
accept *:53
accept *:79-81
accept *:110
accept *:143
accept *:443
accept *:706
accept *:873
accept *:993
accept *:995
reject *:1214
reject *:4661-4666
reject *:6346-6429
reject *:6881-6999
accept *:1024-65535
reject *:*

here is an example of someone modifying the exit policy:
http://archives.seul.org/or/talk/Mar-2005/msg00042.html

I really like the reject *:*, so you have to specify what traffic you do want to allow, this is good security. If you notice port 25 is blocked, this restricts spammers from abusing tor. By default IRC is also not allowed, however if you have used tor you know you have no problems connecting to IRC. Some irc servers have k-lined some of the exit gateways due to abuse, but it is still possible to connect to these services. The ease at which you can connect to IRC demonstrates that these config files are being modified.

What is the potential impact of a modification? What would happen if someone allowed 127.0.0.1 aka loopback traffic?
To test this with your browser tell it to forward 127.0.0.1 though tor then try and access: http://127.0.0.1 (you might have to refresh more than once.) At the time of this writing there is at least one apache server running giving you a directory listing.
What about services that are only available on the loopback because of serious security concerns? Keep in mind that windows SP2 turned the firewall on by default, and made it such that all windows services are only available to the local LAN or loop back. I will not divulge such services that are only loop back because they should ONLY be on loopback because I do not want tor gateways to be attacked.

What about access to the LAN?
There is a common trend of network security to have a "M&M Security"(this is done because its cheap and fairly effective) Where you have a hard outer shell and a soft inside. Someone could set up a tor network and potentiality expose there soft inner network to attack.
(Note it is not common however I have seen in some networks where they use 1.0-255.0-255.0-255 for internal use only, the 1.0.0.0 net block is reserved and my not be used for quite some time. This practice a dirty hack, but it gets the job done which is really all industry cares about anyway. Just remember that tor doesn't block 1.0.0.0 by default. )

I enjoy the tor network greatly and I would like it to be healthy. Apart of that is keeping it its gateways secure. Keep in mind that by default Tor gateways are secure, so don't be afraid of running a tor gateway. I urge people to modify there config files, I would like it if more ports where available by default, such as IRC. Just remember you MUST reject access to the local LAN and the loopback.

peace

Very good point,

Remember that yahoo hacked because of this kind of proxy. Also by default browsers skip proxies for localhost so close that option to try this.

ALso the "homeless hacker" hacked times using a poorly configured proxy.

Browsers to not forward 127.0.0.1 by default, but they can be configured t odo so. I think it is somthing that people don't easly take into consideration.


peace

keep in mind when using a socks proxy like the one given in this thread, that the owner of that can sniff 100% of what you are doing! even encrypted protocols they can see the source and destination and packet sizes, which depending on motives can tell a lot. For example using guesswho techniques from teso you can determine ssh login password length, things like that. but really the biggest threat is being able to see your activity. also if you are doing anything not https/ssh, like email, web surfing, pop3, etc.. then all of that can be captured by the person running the socks.

the way tor is set up, if you are using the tor client, then what you do is not sniffable... but this SOCKS GATEWAY if different ... its just socks, redirecting your traffic into tor. Same concept as a VPN -- the person running the vpn can see everything you do. the feds ran a vpn to bust all the shadowcrew people - it is well documented fact that these techniques work (google for it if you doubt).

i am not saying anything against this person here, it may be an innocent gift for all to share.. but KEEP IN MIND the danger. that when you use someone else's socks, if they are smart and skilled, they can see everything you do.

illustration:
you tor client ->(not sniffable) tor network
you socks ->(SNIFFABLE) socks host ->(not sniffable) tor network

if you don't believe me, i've got a great fast socks proxy to give you ....

If SSL is trusted (I mean, if I have that SSL root certificate) how can you sniff without a notice. For sniffing SSL you need MITM style attack so it means I'll going to notify about that.

But also yeah you right, you're forwarding the traffic so it's over you and you can sniff it easily in non-SSL connections.

Also Tor can be sniffed by end points. In last Tor gateway you can see clean traffic because it has to be make clean traffic to get data from a real webserver.

you mean adrian?

Tor is an amazing contribution to all security professionals and normal people alike..
Its a boon to people living in Countries where rights to information is restricted.
I just hope users dont abuse it and be responsible enough to contribute with more onion routers to the directory.

They do abuse this network. Some use it for seeding bit-torrent or downloading/distributing large files. Thats where some of the slowdown comes from.