Tor

From ArchWiki

Jump to: navigation, search
Image:Tango-document-new.png This article is a stub.
This typically means the article is a placeholder for more content to come. Knowledgeable users are encouraged to help expand the article.
Image:Tango-two-arrows.png This article is a candidate for merging.
It is suggested that this page or section be merged with Proxy routing with Tor and Privoxy. (Discuss)

Tor is a free implementation of 2nd generation onion routing -- essentially, it is an anonymous proxy network. Its primary goal is to protect its users against traffic analysis attacks.

Onion routing is a method of networking traffic for end-user anonymity. It keeps you anonymous by encrypting traffic, sending it through other nodes of the Tor network, and the last node to receive your traffic decrypts it and forwards it to the server you specified.

Although Tor is considerably safer than the commonly used direct connections (in other words, without a proxy), it can be considerably slower due to the large amount of traffic re-routing. There is a also the chance that the last node your traffic goes through en route can read your message after decryption, but this is not believed to be usual.

Contents

Installation

To use the Tor network, you need the Tor package and the Privoxy package:

# pacman -S tor privoxy

Configuration

Edit /etc/privoxy/config:

forward-socks4a / localhost:9050 .  # Do not forget the '.' at the end.

Privoxy's default configuration logs all GET, POST, and CONNECT HTTP requests. to disable, comment out:

#debug   1    # show each GET/POST/CONNECT request

NOTE: Tor may fail to start in some cases after install. If privoxy starts but tor does not after following the directions be sure to reboot the system to allow for the changes to take place

Binding Privoxy to local network

Substitute the IP as appropiate:

listen-address  192.168.0.1:8118

Starting service

# /etc/rc.d/privoxy start
# /etc/rc.d/tor start

Starting service on boot

Edit /etc/rc.conf and add tor and privoxy to the DAEMONS array:

DAEMONS=(... tor privoxy ...)

Internet relay chat with irssi

$ torify irssi

Map address to hidden service

Edit /etc/tor/torrc:

mapaddress  10.40.40.40  mejokbp2brhw4omd.onion # freenode

Connect to hidden service

torify irssi -c 10.40.40.40

Running a Tor Server

Basic configuration

You should at least share 20kb/s.

Nickname <tornickname>
ORPort 9001
BandwidthRate 20 KB            # Throttle traffic to 20KB/s
BandwidthBurst 50 KB           # But allow bursts up to 50KB/s

Allow irc ports 6660-6667 to exit from node

ExitPolicy accept *:6660-6667,reject *:* # Allow irc ports but no more

Running Tor as exit node

ExitPolicy accept *:119        # Accept nntp as well as default exit policy

Running Tor as middleman

 ExitPolicy reject *:*
Personal tools