TOR for anonymity By Click Death Squad (C.D.S.) Revision 1.1 TOR is a useful tool that can defend you against network profiling and help you remain anonymous. The basic summary is that TOR is a network of computers that can be connected to anonymously, and will route connections to the internet. This type of routing model is referred to as "onion routing" and provides an additional layer of security while browsing the web. If you'd like to read more on how TOR works in detail, check out the TOR overview on the website. By routing your web browsing through other random computers via an encrypted connection, you can defeat the possibility of your browsing being profiled by your ISP, or censored based on content your are viewing. The aim of this tutorial is to get TOR up and running as fast as possible on your computer, allowing you to browse the web in a secure and anonymous fashion. If you aren't familiar with how TOR works in basic detail or have an interest in becoming a client, this tutorial is probably not for you. Please keep in mind that TOR does not provide end-to-end encryption, and is certainly not a replacement for SSL. It is indeed possible for the owner of a TOR exit node to sniff traffic as it passes back to the internet and glean passwords. You should only use TOR to prevent data profiling or circumvent firewalls, but under no circumstances should you rely on it for security! In this example, we are using Firefox as the web browser of choice, and all the commands issued are given in quotes, with the result of the commands being listed in grey. After each step, a screenshot is given so you may compare your output to what should be happening. Please note that not all the screenshots contain the exact same data which is given in the example, they are merely for reference purposes. Tools you will need to accomplish this task:
Step 1: Install TOR and privoxy. TOR is the anonymous network routing tool that will pipe your browsing connections. Privoxy is a web proxy that filters out content which may compromise your identity while surfing the internet. When these two programs are coupled together, you have a powerful duo that can protect your privacy and anonymously take your data where it needs to go. Once these two programs are installed, they will be pre-configured to run at boot time in the background. First you need to install these TOR and privoxy, then we will configure them. "sudo apt-get install tor privoxy" ### install the TOR and privoxy packages.  Step 2: Configure privoxy to filter out web browsing information that may compromise our anonymity. Out of the box, using TOR as a client (instead of an exit node) requires no configuration. Configure privoxy so that it filters out any information that may possibly compromise our host. This can be done by modifying the privoxy configuration file. "sudo nano /etc/privoxy/config" ### edit the privoxy configuration file and make the necessary changes.  Now that you have disabled logging for connections, you should disable logging of cookies that are transmitted and received while browsing anonymously. Comment out the "jarfile" cookie logging feature to prevent privoxy from logging anything that could compromise our identity.  The final step in modifying the configuration file is to tell privoxy how connections should be forwarded to TOR. Privoxy will filter the content you are browsing, and TOR will route it through the anonymous network. At the very end of the privoxy configuration file, add a line which specifies which port to forward connections on. Go to the bottom of your privoxy configuration file and add a line which specifies how the connections should be routed after they are filtered. You will need to paste in "forward-socks4a / localhost:9050 ." into the bottom of your configuration file. Note: the "." must be included at the end.  Privoxy is fully configured to filter your web browsing traffic, and TOR will securely and anonymously route it for you. By default, TOR listens for connections on port 9050. Everything has been setup to pipe your traffic anonymously. Restart the privoxy service to complete our anonymous setup. "/etc/init.d/privoxy restart" ### restarts the privoxy service, forcing our modified configuration file to take effect. Step 3: Install the Firefox "torbutton" browser extension to utilize our anonymous browsing service. TOR and privoxy have both been installed. You have configured privoxy to filter traffic that may compromise your identity. The final step is to install the Firefox "torbutton" extension which gives you flexibility to browse networks using TOR at your discretion. Go to your "Tools" menu in Firefox, and search for "torbutton" to install this add-on feature.  You will need to restart Firefox in order to have this add-on to take effect. Restart Firefox and you will notice in the lower right hand corner of your browser that you have the "torbutton" installed. Click "Tor Disabled" to have the TOR plugin take effect. Now try browing to ensure your IP address does not resolve to where your actual location is. You might try going to IP2Location and having a geographic IP location lookup performed. If you followed the steps correctly, your connection should be routed through the TOR network and will end up resolving to a totally different IP than you are originating from.  Click Death Squad isn't from Germany, we represent Portland Oregon! As you can see, TOR and privoxy have routed our connection through an exit node which ends in Germany. This secures our connection by piping it through multiple encrypted connections. Now that you have TOR and privoxy up and running, you can browse the net securely and safely without fear of being profiled by your ISP or being censored. Always remember to check your logfiles, watch your back and stay safe. |