Installing Tor Server and Client on Arch Linux
Tor is a free software implementation of second-generation onion routing – a system which claims to enable its users to communicate anonymously on the Internet. Its primary goal is to protect its users against traffic analysis attacks. The Tor Project’s home page has a great simplified write up about how Tor actually works here: http://www.torproject.org/overview.html.en
Originally sponsored by the US Naval Research Laboratory, Tor became an Electronic Frontier Foundation (EFF) project in late 2004, and the EFF supported Tor financially until November 2005. Tor software is now developed by the Tor Project, which since December 2006 is a research/education non-profit organization based in the United States of America that receives a diverse base of financial support.
Getting Tor working both as a client and as a server is no sweat on Arch Linux and below are the steps.
Setup the Client
Installing necessary packages
pacman -S tor privoxy
Basic configuration
vim /etc/privoxy/config
forward-socks4a / localhost:9050 . # Don't forget the '.' at the end!
Privoxy’s default configuration logs all GET, POST, and CONNECT HTTP requests. to disable, comment out.
#debug 1 # show each GET/POST/CONNECT request
Binding Privoxy to the local network, eg.
listen-address 192.168.0.1:8118
Starting service on boot
vim /etc/rc.conf
DAEMONS=(.. privoxy tor ..)
Starting service
/etc/rc.d/privoxy start /etc/rc.d/tor start
Using applications within Tor
Internet relay chat via irssi
-
torify irssi
Map address to hidden service
- Edit /etc/tor/torrc
mapaddress 10.40.40.40 mejokbp2brhw4omd.onion # freenode
- Connect to freenode’s hidden service
torify irssi -c 10.40.40.40
Tor with Firefox
The easiest way to do this is to use the Torbutton extension.
Alternatively, you can use SwitchProxy Tool. After restarting Firefox you will have a new toolbar. Click Add, select Standard proxy type. Choose whatever Proxy Label you want, e.g Tor. Enter into both the HTTP Proxy and SSL Proxy fields:
Hostname: 127.0.0.1 Port: 8118
This will point Firefox at Privoxy. You can also add exeptions in the No Proxy for field.
Now, return to http://whatsmyip.net/ and check so that your IP is diffrent from before.
When you use a socks proxy with firefox (with SSH or Tor for instance) the dns lookups are done via your default gateway. Which makes the whole thing pointless if you’re trying to be private. This setting makes the dns lookups go out over the tunnel where they can’t be sniffed.
1. go to about:config
2. search for network.proxy.socks_remote_dns
3. Set to true, which will have the proxy server perform DNS lookups.
You can see how to torify other apps here: https://wiki.torproject.org/noreply/TheOnionRouter/TorifyHOWTO
Setup the Server
Basic configuration
Edit /etc/tor/torrc
You should at least share 20kb/s. I personally share about 50kb/s with bursts up to 70kb/s.
Nickname <tornickname> ORPort 9001 BandwidthRate 20 KB # Throttle traffic to 20KB/s BandwidthBurst 50 KB # But allow bursts up to 50KB/s
Allow irc ports 6660-6667 to exit from node
ExitPolicy accept *:6660-6667,reject *:* # allow irc ports but no more
Running Tor as an exit node
ExitPolicy accept *:119 # accept nntp as well as default exit policy
Running Tor as middleman
ExitPolicy reject *:*
Source:
- http://wiki.archlinux.org/index.php/Tor
- http://wiki.archlinux.org/index.php/Proxy_routing_with_Tor_and_Privoxy
- http://tuxtraining.com/2009/10/08/use-socks-host-for-dns-lookups-in-firefox
Related Posts
