Tip
If you find some discrepancy or missing information - open a GitHub issue
Was this information useful? Then star the repository on GitHub
Tor
Warning
Tor SHOULD NOT be used to masquerade the source of malicious network requests.
That can be illegal => you are warned.
Introduction
Tor is used to anonymize network requests and host/allow access to hidden (.onion) services.
Warning
Traffic you send over tor should ALWAYS be encrypted!
Else malicious tor nodes might be able to read and even modify your requests.
Just using the tor network won’t be enough to stay anonymous!
You should also always follow the basic guidelines on how to stay anonymous.
If you are serious about your anonymity you might even go a set further and:
Set-up a virtual machine to use for accessing tor.
Per example: whonix
Connect that vm to a network that has no access to internal resources. (only internet access, maybe a guest-network or ‘dmz’)
Route traffic over tor
Tor uses the protocol SOCKS5.
A technical limitation of the tor implementation is that only TCP-traffic can be sent over those connections.
DNS
DNS-requests can be tunneled specially to prevent dns-leaking. (your provider [and so on..] will know what you are accessing)
Implementation examples:
-
Basically:
# example on ubuntu/debian sudo -i # installing apt update apt install tor -y # if you want to start it on system boot systemctl enable tor # configuration echo 'DNSPort 5353' > /etc/tor/torrc systemctl start tor echo 'nameserver 127.0.0.1' > /etc/resolv.conf # will not be persistent
You might want to enable DNS-over-HTTPS or DNS-over-TLS to keep your requests secure.
Web access
To access websites anonymously you can use the tor browser.
Basics:
Use DuckDuckGo as search engine!
Other engines like Google will compromise your anonymity!
Don’t log-in with your personal accounts => it will compromise your anonymity.
Don’t enable JavaScript (disabled via NoScript by default)
Some websites won’t work correctly => but it keeps you safe(r).
You might see websites blocking your requests as the most providers are blocking or limiting requests from tor exit-nodes.
Maybe pressing ‘Ctrl+Shift+L’, to use a new ‘route’ for accessing the current page, might help.
Using hidden services
The ‘default’ websites you use daily using your normal browser are in a domain of the internet called ‘clear-net’.
You can browse them without worrying too much - they might ‘just’ compromise your anonymity.
Hidden services are in the ‘deep-net’ => those are hidden for the usual user and only reachable using tor.
For clarification: tor is only ONE network that hosts hidden services - there are more out there
Hidden services have their own search engines but they have not listed many of the existing services!
For the most** part you need to know the unique .onion address of a service to access it.
Warning
Be aware:
You might see/find disturbing and/or illegal content on those hidden services.
You need to have a basic technical understanding on how to interact with those services securely - else you might even get hacked.
Specific program
Whenever you want a program to use tor as ‘gateway’ for its connection you need to ‘proxy’ it.
That proxy needs a tor ‘SOCKS’ socket to connect to.
SOCKS socket:
The easiest way of starting such a socket is by opening the tor browser
It starts such a socket in the background!
socks5 127.0.0.1 9150
Another way is to install & start tor as service
socks5 127.0.0.1 9050
Linux
On linux I would recommend using the application ‘proxychains4’ to achieve that.
You just need to set the SOCKS target to use.
# example: tor browser SOCKS
sudo -i
echo 'socks5 127.0.0.1 9150' > /etc/proxychains4.conf
After that you can just start the application that should connect over tor by prepending ‘proxychains4’ to its command:
# without tor
curl https://ipinfo.io/city
# using tor
proxychains4 curl https://ipinfo.io/city
SSH
You can also set a proxy for ssh-connections.
Another program called ‘netcat’ is needed to archive that.
You will need to install the variant ‘netcat-openbsd’ as the ‘default’ one does not implement the needed options.
# example on ubuntu/debian using tor browser SOCKS
# install dependencies
sudo apt update
sudo apt install openssh netcat-openbsd -y
# use
ssh -p PORT -o ProxyCommand="nc -X5 -x127.0.0.1:9150 %h %p" USER@SERVER
All Traffic
There are options to send all TCP-Traffic and DNS-Requests over the tor network.
Warning
This should only be used if you really know what you are doing - as there are many ways you might compromise your anonymity!
Linux
Here is the official guide to proxying.
I won’t go into the details on how to set this up - as I have not got experience with it.
It is done something like this: (copied from the guide)
# example for 'middlebox' on ubuntu/debian
sudo -i
# installing
apt update
apt install tor -y
# if you want to start it on system boot
systemctl enable tor
# writing config
echo 'VirtualAddrNetworkIPv4 10.192.0.0/10' > /etc/tor/torrc
echo 'AutomapHostsOnResolve 1' >> /etc/tor/torrc
echo 'TransPort 192.168.1.1:9040' >> /etc/tor/torrc
echo 'DNSPort 192.168.1.1:5353' >> /etc/tor/torrc
systemctl restart tor
# adding traffic redirection
_trans_port="9040"
_inc_if="eth1" # you need to update the interface
iptables -t nat -F # WARNING: will remove all existing NAT-rules
iptables -t nat -A PREROUTING -i $_inc_if -p udp --dport 53 -j REDIRECT --to-ports 5353
iptables -t nat -A PREROUTING -i $_inc_if -p udp --dport 5353 -j REDIRECT --to-ports 5353
iptables -t nat -A PREROUTING -i $_inc_if -p tcp --syn -j REDIRECT --to-ports $_trans_port
Windows
You can use a tool like OnionFruit.