Anonymous - 2012-10-14
'arm' displayed only two warnings: Port 144 and Port X(can't remember the number) are commonly used for unencrypted data.

If you send traffic through some ports which are normally used for old cleartext protocols, Tor wars you. For example if you use POP without SSL. For example if you use Thunderbird(Icedove) and Torbirdy to access a Tormail account, Tor will warn you for using an unencrypted port. In that case and in the portscanning case you can safely discard the warning. (Tormail is a hidden service and they are always encrypted end to end (or Tor to Tor if you want to be more accurate). So if you knock on (port scan) a port which is hardcoded into Tor to be a known unencrypted port, it warns you. Nothing to be concerned in that case.

and according to the information I read, it is dangerous to do port scanning through Tor or any proxy. It only supports TCP packets but other kind of packets will reveal my true IP address.

Not when you are using Whonix-Workstation. Don't mess with the Whonix-Gateway (unless you know better). Anything you do inside the Workstation can not leak your IP/DNS. It's one of the main points of the whole Whonix project.

The default/download version Whonix-Workstation is based on Debian. See https://sourceforge.net/p/whonix/wiki/OtherOperatingSystems/ for other operating systems. If you boot a Live CD inside Whonix-Workstation, there can be still no IP/DNS leaks. (To be more precise, read the [Security] page, in short: the adversary needs a VM exploit.)

Any non-TCP traffic is always blocked in the Gateway. All TCP related tests will work, unless the exit node has some precautions to block port scans or or similar.

So, the solution I found is a tool called 'socat'. Socat is a socket and configured with Nessus, or any port scanner, and with Tor, will prevent other raw packets to go through Tor (for more information: http://www.dest-unreach.org/socat/doc/README) Instead it will just ping my localhost, this is because you configure your localhost to be an specific address. But this is only by using Tor, socat and the port scanning tool in the same machine.

I know socat. It's a fine tool, useful for various advanced stuff. (Example: with socat you can tunnel DNSSEC over Tor) However, I don't see how socat would help for your use case. No reason to block UDP/ICMP... The Whonix-Gateway does that already, if it wouldn't, that would be a critical bug.

Is it possible to configure Socat with the two virtual machines in this case?

Absolutely. Socat works fine inside Whonix-Workstation. At minimum everything can work which worked before and more. One example: https://sourceforge.net/p/whonix/wiki/OptionalConfigurations/#dnssec-over-tor

Plus an additional advantage: if you mess up something, IP/DNS leaks are still impossible.

I don't think you need it for the port scan stuff. The port scan stuff will be limited to TCP stuff, again, the Gateway will block anything else.