Tor
From ArchWiki
Tor is a free implementation of 2nd generation onion routing -- essentially, it is an anonymous proxy network. Its primary goal is to protect its users against traffic analysis attacks.
Onion routing is a method of networking traffic for end-user anonymity. It keeps you anonymous by encrypting traffic, sending it through other nodes of the Tor network, and the last node to receive your traffic decrypts it and forwards it to the server you specified.
Although Tor is considerably safer than the commonly used direct connections (in other words, without a proxy), it can be considerably slower due to the large amount of traffic re-routing. There is a also the chance that the last node your traffic goes through en route can read your message after decryption, but this is not believed to be usual.
Contents |
Installation
To use the Tor network, you need the Tor package and the Privoxy package:
# pacman -S tor privoxy
Configuration
Edit /etc/privoxy/config:
forward-socks4a / localhost:9050 . # Do not forget the '.' at the end.
Privoxy's default configuration logs all GET, POST, and CONNECT HTTP requests. to disable, comment out:
#debug 1 # show each GET/POST/CONNECT request
NOTE: Tor may fail to start in some cases after install. If privoxy starts but tor does not after following the directions be sure to reboot the system to allow for the changes to take place
Binding Privoxy to local network
Substitute the IP as appropiate:
listen-address 192.168.0.1:8118
Starting service
# /etc/rc.d/privoxy start # /etc/rc.d/tor start
Starting service on boot
Edit /etc/rc.conf and add tor and privoxy to the DAEMONS array:
DAEMONS=(... tor privoxy ...)
Internet relay chat with irssi
$ torify irssi
Map address to hidden service
Edit /etc/tor/torrc:
mapaddress 10.40.40.40 mejokbp2brhw4omd.onion # freenode
Connect to hidden service
torify irssi -c 10.40.40.40
Running a Tor Server
Basic configuration
You should at least share 20kb/s.
Nickname <tornickname> ORPort 9001 BandwidthRate 20 KB # Throttle traffic to 20KB/s BandwidthBurst 50 KB # But allow bursts up to 50KB/s
Allow irc ports 6660-6667 to exit from node
ExitPolicy accept *:6660-6667,reject *:* # Allow irc ports but no more
Running Tor as exit node
ExitPolicy accept *:119 # Accept nntp as well as default exit policy
Running Tor as middleman
ExitPolicy reject *:*