Tor: Part 2 - Installing and Using

Discussion in 'Linux Security' started by Eric Hansen, Sep 3, 2013.

  1. Eric Hansen

    Eric Hansen Moderator Staff Writer

    Messages:
    124
    Likes Received:
    87
    Trophy Points:
    28
    Ubuntu in all of its glory has Tor in their repositories. However, Ubuntu in all of its overly-cautious approach of everything usually don’t have the most updated versions of software, either. Normally this doesn’t bother me but when it comes to security software I prefer to either compile from source or have a better alternative for package management.


    Luckily Tor has their own deb repository that both Debian and Ubuntu (plus derivatives) can use to get the most recent stable version of Tor. So we will go this route. If you’re using Debian or Ubuntu (or Mint, Kubuntu, etc…), which I’m going to figure you are, open up /etc/apt/sources.list and root (sudo nnao /etc/apt/sources.list) and add this to the bottom (change “precise” to fit the rest of your items in the sources.list file):
    Code:
    deb http://deb.torproject.org/torproject.org precise main
    After that, we need to get the GPG key for the server and store it or else we’ll receive errors when updating. Run the following commands (preferably not as root as its not needed):
    Code:
    gpg --keyserver keys.gnupg.net --recv 886DDD89
    gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
    Now we need to update our cache of packages:
    Code:
    sudo apt-get update
    Next, while this isn’t needed, its helpful if you want to not have to keep making sure the key correct, so we’ll install it too:
    Code:
    sudo apt-get install deb.torproject.org-keyring
    Lastly we will finally install the point of this, Tor:
    Code:
    sudo apt-get install tor
    Using Tor
    Back in the old days, when Tor was first created and used, you had to install another program called Privoxy due to a DNS issue that would lead to DNS poisoning and compromise the whole point of Tor. Thankfully these days we don’t need to be going this far and Tor makes everything just as easy, if not easier. No longer are the days of having to forward traffic through Privoxy to Tor.

    Tor is a SOCKS proxy, which means any applications which support SOCKS proxies (which most do these days) can use Tor to route traffic through. After you install Tor it starts automatically so we just need to pass localhost:9050 to any applications we want to link through Tor first.

    A good example of this is your browser. Go to a website that shows you your IP (I usually use http://www.whatsmyip.org), and note what it says as your IP. Then set up your web browser’s proxy settings to point SOCKS (or HTTP requests) to localhost:9050, and Ctrl+F5 (or however your browser force-refreshes a page) and see what IP it gives you now. It should be completely different.

    Attached Files:

    • slide.jpg
      slide.jpg
      File size:
      135.4 KB
      Views:
      48,386
  2. Juergen

    Juergen New Member

    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Hello Eric,

    have installed everything on my machine according to your instructions but it doesn't start automatically the tor-browser. Therefore I still have to start the vidalia app via a terminal.

    Thought this is avoidable ...
  3. Eric Hansen

    Eric Hansen Moderator Staff Writer

    Messages:
    124
    Likes Received:
    87
    Trophy Points:
    28
    I don't use the Tor browser so I can't say for sure. Also, what you did doesn't follow the guide as I never mentioned installing the vidalia app. Ultimately if you're using Debian or Ubuntu though you can most likely just set Tor to run automatically. If the file /etc/init.d/tor exists then just run update-rc.d defaults tor
  4. flunwyc

    flunwyc Member

    Messages:
    99
    Likes Received:
    61
    Trophy Points:
    18
    I believe you're referring to polipo, not privoxy.

    Using that setup above you may still be leaking DNS. For Mozilla browsers there is one very important setting in about:config :

    network.proxy.socks_remote_dns;true
  5. Juergen

    Juergen New Member

    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Hello Eric,
    Thanks for your repley, well first of all I have had the TOR browser already installed on my machine, but I must activate it via vidalia, this I wanted to circumvent with your proposal, but it didn't work.

    Now, the file /etc/init.d/tor is there and when I try to let run this:

    juergen@juergen-desktop:~$ sudo update-rc.d defaults tor

    the following message comes up

    update-rc.d: /etc/init.d/defaults: file does not exist

    So another file is missing, am I correct.
  6. Eric Hansen

    Eric Hansen Moderator Staff Writer

    Messages:
    124
    Likes Received:
    87
    Trophy Points:
    28
    Thanks @flunwyc I'll make note of that in a future article on securing Tor a bit. :) Privoxy was used back when Tor first came out, they might've switched it down the road, I don't know. I know they ended up writing their own proxy forwarder program that took place of privoxy and apparently polipo as well.

    @Juergen : Sorry it should be sudo update-rc.d tor defaults
  7. flunwyc

    flunwyc Member

    Messages:
    99
    Likes Received:
    61
    Trophy Points:
    18
    Ah, I don't remember that. I know that tor is still frequently used with privoxy, but have never messed with that myself. When I get the time I might have a look.
  8. Eric Hansen

    Eric Hansen Moderator Staff Writer

    Messages:
    124
    Likes Received:
    87
    Trophy Points:
    28
    Well at least for Linux it comes with its own now called torsocks or something that does the same thing. Not sure if its relevant to this situation or anything.

Share This Page