This site is now 100% read-only, and retired.

Protecting your online privacy with tor

Posted by Steve on Thu 21 Apr 2005 at 18:32

Tor is a SOCKS proxy which allows you to surf the internet whilst protecting your IP address.

Tor is supported by the Electronic Frontier Foundation, and is a system of proxies which bounce your communications amongst a random set of hosts before sending it to your eventual destination.

This allows you to surf the internet, use chat clients, or connect to hosts without revealing your personal IP address - instead servers will see the IP address of the last node in the Tor network which your communications passed through.

Installing Tor is simple for Testing or Unstable Debian machines is simple:

apt-get install tor

Once the package is installed you will have a SOCKS proxy running on your local machine, listing for incoming connections on port 9050.

The server will start automatically when your machine boots thanks to the startup file /etc/init.d/tor, and can be tweaked via the files in /etc/tor.

To actually make use of the software you will need to change your software's proxy settings. Instead of having your browser connected directly to the internet you should adjust your proxy server settings.

For firefox you do this by:

  • Opening the settings via the menu option "Edit | Preferences".
  • Selecting the "General" icon on the left hand side.
  • Clicking upon the "Connection Settings" button.
  • Choosing "Manual proxy configuration" from the list at the top.
  • Entering "localhost" and "9050" in the "SOCKS Host" section.
  • Clicking "OK" to close the window, and again to close the preferences.

Other software can be setup in a similar manner, including Gaim (the chat client).

Once you've finished setting up the client(s) that you are using you can test it to make sure that it is indeed hiding your IP address. One simple way of doing this is attempting to point a web browser at an online site such as http://WhatIsMyIPAddress.com.

If everything is working correctly you should see your IP address listed as something other than your own - it will be a random address belonging to the last Tor node your connection passed through.

Of course just because you're anonymous you shouldn't abuse the software by doing malicious things with it. Just think of it as an additional layer of privacy for your online activities.

To make the software more useful for applications you can setup an installation of another proxy server, such as privoxy, or squid, and forward that installation to the tor server. This will allow you to use the tor network with clients which don't support SOCKS proxies - but that's a more advanced setup which I'm not going to discuss here.

 

 


Re: Protecting your online privacy with tor
Posted by Anonymous (85.65.xx.xx) on Fri 22 Apr 2005 at 17:10
Nice, but this slows me quite badly...

[ Parent ]

Re: Protecting your online privacy with tor
Posted by Steve (82.41.xx.xx) on Fri 22 Apr 2005 at 17:12
[ View Weblogs ]

True, but unavoidable given the nature of the software.

On the plus side I didn't have any reliability issues at all, which I was impressed by.

Steve
-- Steve.org.uk

[ Parent ]

Re: Protecting your online privacy with tor
Posted by zorton (209.193.xx.xx) on Tue 26 Apr 2005 at 21:04
Sorry to say there is no release for sarge. The package was considered too unstable based on it's history. Ref Debian Bug: #229021

[ Parent ]

Re: Protecting your online privacy with tor
Posted by Anonymous (62.99.xx.xx) on Wed 27 Apr 2005 at 15:21
use the woody packages for sarge:

deb http://mirror.noreply.org/pub/tor stable main

or if you want 0.1.0x:
deb http://mirror.noreply.org/pub/tor experimental-woody main

(or deb http://mirror.noreply.org/pub/tor experimental main for sid)

[ Parent ]

Re: Protecting your online privacy with tor
Posted by Anonymous (216.32.xx.xx) on Wed 27 Apr 2005 at 15:32
tor 0.1.0.4-rc works fine with sarge, use this line in /etc/apt/sources.list

deb http://mirror.noreply.org/pub/tor experimental-woody main

[ Parent ]

Re: Protecting your online privacy with tor
Posted by Anonymous (140.247.xx.xx) on Thu 28 Apr 2005 at 02:10
I've been using TOR w/privoxy for quite a while, and have found that every now and then TOR becomes unusable, either because the TOR network is not responding, or because Google rejects connections saying something about a virus hassling their network.

To work around these cases, I've set up two instances of privoxy, with privoxy alone on port 8118, and privoxy/TOR on 8119. With the Switchproxy extension in Firefox, I can easily switch between the two.

Creation of a second privoxy instance is a breeze. Copy /etc/privoxy/config to /etc/privoxy/config-onion and add the line:

forward-socks4a / localhost:9050 .

to /etc/privoxy/config-onion. Then copy /etc/init.d/privoxy to /etc/init.d/privoxy-onion and edit the copy, changing NAME, DESC, and CONFIGFILE. NAME and DESC can be whatever makes you happy, and CONFIGFILE should be /etc/privoxy/config-onion. Nuthin' to it. Then just /etc/init.d/privoxy-onion start and away you go.

This unfortunately leaves you with two configuration files, but it's not all that often you'd want to twiddle the configuration so it's probably a non-issue for most of us.

[ Parent ]

Re: Protecting your online privacy with tor
Posted by Anonymous (62.131.xx.xx) on Thu 22 May 2008 at 21:28
Hi, I like your little 'tutorial', I've been wanting something like that for quite a while, but I'm still somewhat of a linux newb. I created everything et al. but when i type /etc/init.d/privoxy-onion start it says:

cannot create /var/log/privoxy/errorfile: Permission denied

anyone an idea on how to fix this?

[ Parent ]

Re: Protecting your online privacy with tor
Posted by Anonymous (130.231.xx.xx) on Tue 10 May 2005 at 13:54
Do note that the tor network is not neccessarily very large and tunneling everything over it will put more load on it. You may want to route select services/connections/sites directly and others through tor.

There is also the option of operating as an exit node or providing "hidden services". I suggest looking at these as well.

There are still many ways to expose yourself. Tor isn't (and isn't meant to be) a slap-on "solution" or product that will turn you invisible just like buying or even setting up a firewall won't help your network security in any way on its own.

Tor is a tool and it's useful for select uses and not useful for others. It certainly has much potential.

[ Parent ]

Re: Protecting your online privacy with tor
Posted by eaglex (82.79.xx.xx) on Wed 20 Jul 2005 at 11:16

You can also use tsocks for programs that don't support proxies, or, if you don't want to waste time with configuring proxies.

You just install tsocks from the apt repository, edit /etc/tsocks.conf and set the server and server_port lines to the ones you configured in tor.

After that, you can just use tsocks program; for example tsocks irssi; tsocks firefox and so on.

[ Parent ]

Re: Protecting your online privacy with tor
Posted by kamaraju (149.9.xx.xx) on Mon 29 May 2006 at 18:30
Can someone tell me how to set this up for konqueror? That instructions are clear for firefox. But what do for konqueror after Settings - Configure Konqueror - Proxy?

[ Parent ]

Re: Protecting your online privacy with tor
Posted by Anonymous (84.58.xx.xx) on Tue 26 Dec 2006 at 19:52
What about DNS requests? Is Firefox sending them via the SOCKS-Proxy, too? A while ago I read another article about setting up FF with Tor saying that some versions of FF are sending DNS requests directly to the configured DNS server rather than through Tor. Anyone who knows for sure?

Kind regards,

mistersixt

[ Parent ]

Re: Protecting your online privacy with tor
Posted by Steve (62.30.xx.xx) on Tue 26 Dec 2006 at 20:00
[ View Weblogs ]

DNS requests are not anonymised in this setup.

Steve

[ Parent ]