Tor SHOULD NOT be used to masquerade the source of malicious network requests.
That can be illegal => you are warned.
Tor is used to anonymize network requests and host/allow access to hidden (.onion) services.
Traffic you send over tor should ALWAYS be encrypted!
Else malicious tor nodes might be able to read and even modify your requests.
Just using the tor network won’t be enough to stay anonymous!
You should also always follow the basic guidelines on how to stay anonymous.
If you are serious about your anonymity you might even go a set further and:
Set-up a virtual machine to use for accessing tor.
Per example: whonix
Connect that vm to a network that has no access to internal resources. (only internet access, maybe a guest-network or ‘dmz’)
Route traffic over tor
Tor uses the protocol SOCKS5.
DNS-requests can be tunneled specially to prevent dns-leaking. (your provider [and so on..] will know what you are accessing)
# example on ubuntu/debian sudo -i # installing apt update apt install tor -y # if you want to start it on system boot systemctl enable tor # configuration echo 'DNSPort 5353' > /etc/tor/torrc systemctl start tor echo 'nameserver 127.0.0.1' > /etc/resolv.conf # will not be persistent
You might want to enable DNS-over-HTTPS or DNS-over-TLS to keep your requests secure.
To access websites anonymously you can use the tor browser.
Use DuckDuckGo as search engine!
Other engines like Google will compromise your anonymity!
Don’t log-in with your personal accounts => it will compromise your anonymity.
Some websites won’t work correctly => but it keeps you safe(r).
You might see websites blocking your requests as the most providers are blocking or limiting requests from tor exit-nodes.
Maybe pressing ‘Ctrl+Shift+L’, to use a new ‘route’ for accessing the current page, might help.
Using hidden services
The ‘default’ websites you use daily using your normal browser are in a domain of the internet called ‘clear-net’.
You can browse them without worrying too much - they might ‘just’ compromise your anonymity.
Hidden services are in the ‘deep-net’ => those are hidden for the usual user and only reachable using tor.
For clarification: tor is only ONE network that hosts hidden services - there are more out there
Hidden services have their own search engines but they have not listed many of the existing services!
For the most** part you need to know the unique .onion address of a service to access it.
You might see/find disturbing and/or illegal content on those hidden services.
You need to have a basic technical understanding on how to interact with those services securely - else you might even get hacked.
Whenever you want a program to use tor as ‘gateway’ for its connection you need to ‘proxy’ it.
That proxy needs a tor ‘SOCKS’ socket to connect to.
The easiest way of starting such a socket is by opening the tor browser
It starts such a socket in the background!
socks5 127.0.0.1 9150
Another way is to install & start tor as service
socks5 127.0.0.1 9050
On linux I would recommend using the application ‘proxychains4’ to achieve that.
You just need to set the SOCKS target to use.
# example: tor browser SOCKS sudo -i echo 'socks5 127.0.0.1 9150' > /etc/proxychains4.conf
After that you can just start the application that should connect over tor by prepending ‘proxychains4’ to its command:
# without tor curl https://ipinfo.io/city # using tor proxychains4 curl https://ipinfo.io/city
You can also set a proxy for ssh-connections.
Another program called ‘netcat’ is needed to archive that.
You will need to install the variant ‘netcat-openbsd’ as the ‘default’ one does not implement the needed options.
# example on ubuntu/debian using tor browser SOCKS # install dependencies sudo apt update sudo apt install openssh netcat-openbsd -y # use ssh -p PORT -o ProxyCommand="nc -X5 -x127.0.0.1:9150 %h %p" USER@SERVER
There are options to send all TCP-Traffic and DNS-Requests over the tor network.
This should only be used if you really know what you are doing - as there are many ways you might compromise your anonymity!
Here is the official guide to proxying.
I won’t go into the details on how to set this up - as I have not got experience with it.
It is done something like this: (copied from the guide)
# example for 'middlebox' on ubuntu/debian sudo -i # installing apt update apt install tor -y # if you want to start it on system boot systemctl enable tor # writing config echo 'VirtualAddrNetworkIPv4 10.192.0.0/10' > /etc/tor/torrc echo 'AutomapHostsOnResolve 1' >> /etc/tor/torrc echo 'TransPort 192.168.1.1:9040' >> /etc/tor/torrc echo 'DNSPort 192.168.1.1:5353' >> /etc/tor/torrc systemctl restart tor # adding traffic redirection _trans_port="9040" _inc_if="eth1" # you need to update the interface iptables -t nat -F # WARNING: will remove all existing NAT-rules iptables -t nat -A PREROUTING -i $_inc_if -p udp --dport 53 -j REDIRECT --to-ports 5353 iptables -t nat -A PREROUTING -i $_inc_if -p udp --dport 5353 -j REDIRECT --to-ports 5353 iptables -t nat -A PREROUTING -i $_inc_if -p tcp --syn -j REDIRECT --to-ports $_trans_port
You can use a tool like OnionFruit.