• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

contrib/H15-Jul-2016-5,8004,226

doc/H03-May-2022-

include/tcpcrypt/H15-Jul-2016-5539

launchers/H15-Jul-2016-4,5984,280

lib/H15-Jul-2016-452343

shared/H15-Jul-2016-229181

src/H15-Jul-2016-11,6828,688

tests/H15-Jul-2016-170148

unix/H15-Jul-2016-9471

util/H15-Jul-2016-549419

win/H15-Jul-2016-75

.dir-locals.elH A D15-Jul-2016203 117

.gitignoreH A D15-Jul-2016263 2827

INSTALL-FreeBSD.markdownH A D15-Jul-20161.7 KiB6340

INSTALL-Linux.markdownH A D15-Jul-20162.3 KiB9060

INSTALL-MacOSX.markdownH A D15-Jul-20161.1 KiB4329

INSTALL-Windows.markdownH A D15-Jul-20162.6 KiB7952

LICENSEH A D15-Jul-20161.3 KiB2318

Makefile.amH A D15-Jul-20164.4 KiB184133

README.markdownH A D15-Jul-20162.8 KiB7451

bootstrap.shH A D15-Jul-2016143 101

configure.acH A D03-May-20224.9 KiB147124

launch_tcpcryptd.shH A D03-May-20223.6 KiB176140

README.markdown

1Tcpcrypt
2========
3
4Tcpcrypt is a protocol that attempts to encrypt (almost) all of your network
5traffic. Unlike other security mechanisms, Tcpcrypt works out of the box: it
6requires no configuration, no changes to applications, and your network
7connections will continue to work even if the remote end does not support
8Tcpcrypt, in which case connections will gracefully fall back to standard
9clear-text TCP.
10
11Tcpcrypt supports Linux, Mac OS X, Windows, and FreeBSD.
12
13For more information, see [tcpcrypt.org](http://tcpcrypt.org).
14
15Installing tcpcrypt
16-------------------
17
18    git clone git://github.com/scslab/tcpcrypt.git
19    cd tcpcrypt
20    ./bootstrap.sh
21    ./configure
22    make
23    sudo ./launch_tcpcryptd.sh
24
25The launch script starts tcpcryptd and adds firewall rules to divert all TCP
26traffic on port 80 to tcpcryptd.  When the script exits (on Ctrl-C or `kill`),
27it restores your firewall config to its former state -- *no permanent changes
28are made*.
29
30On Linux, you must first install libnfnetlink, libnetfilter_queue, and libcap.
31
32Optional: running `make install` will install `libtcpcrypt` and tcpcrypt
33headers, for building apps that use tcpcrypt's session ID.
34
35Try it out
36----------
37
38Go to [http://tcpcrypt.org/test.php](http://tcpcrypt.org/test.php) with
39tcpcryptd running. If tcpcrypt is working, you'll be able to join the
40tcpcrypt Hall of Fame and your tcpcrypt session ID will be displayed at the
41bottom of the page.
42
43Now let's examine the packets going over the wire by starting tcpdump and then
44reloading the URL above.
45
46    sudo tcpdump -X -s0 host tcpcrypt.org
47
48Compare this tcpdump output, which appears encrypted (or at least unreadable),
49with the cleartext packets you would see without tcpcryptd running.
50
51Troubleshooting
52---------------
53
54If it's not working, the most likely causes are the following.
55
56   * Your browser already had an open, non-tcpcrypted TCP connection to
57     tcpcrypt.org before you ran the launch script. Quit and reopen your
58     browser, wait 30 seconds, or use a different browser to retrieve the
59     tcpcrypt.org URL.
60
61   * There's a conflict with your existing firewall rules. See the
62     firewall setup section in the install guide for your platform.
63
64Visit [http://wiki.github.com/scslab/tcpcrypt/troubleshooting](http://wiki.github.com/scslab/tcpcrypt/troubleshooting) if you're still
65unable to make it work.
66
67
68More info
69---------
70
71The `INSTALL-*` files have more detailed installation and firewall setup instructions. See [tcpcrypt.org](http://tcpcrypt.org) for general info, including the [protocol specification](http://tcpcrypt.org/docs.php) and the [tcpcrypt paper, "The case for ubiquitous transport-level encryption"](http://tcpcrypt.org/tcpcrypt.pdf), presented at USENIX Security 2010.
72
73The code repository lives at [http://github.com/scslab/tcpcrypt](http://github.com/scslab/tcpcrypt).
74