HOW TO CONFIGURE AN ONION (old guide, scroll down for updated version)
Install Tor:
Debian-like:
- sudo apt-get update
- sudo apt-get install tor tor-geoipdb
- sudo apt-get install privoxy
Now, we need to configure Privoxy. First to all, remember to have sudoer account. Let's go to configuration file located in /etc/privoxy/config, The file config is a sample of configuration file. We can delete it or rename (e.g. configbk) and create a new file called "config" and write into it this code:
This is a sample privoxy configuration file for use with the Unixish and Gnu/Linux packages:
# Generally, this file goes in /etc/privoxy/config # # Tor listens as a SOCKS4a proxy here: forward-socks4a / 127.0.0.1:9050 . confdir /etc/privoxy logdir /var/log/privoxy # actionsfile standard # Internal purpose, recommended actionsfile default.action # Main actions file actionsfile user.action # User customizations filterfile default.filter # Don't log interesting things, only startup messages, warnings and errors logfile logfile #jarfile jarfile #debug 0 # show each GET/POST/CONNECT request debug 4096 # Startup banner and warnings debug 8192 # Errors - *we highly recommended enabling this* user-manual /usr/share/doc/privoxy/user-manual listen-address 127.0.0.1:8118 toggle 1 enable-remote-toggle 0 enable-edit-actions 0 enable-remote-http-toggle 0 buffer-limit 4096
(-->Source TorProject PrivoxyConfig)
Then, save the file.
- forward-socks4a / 127.0.0.1:9050
- listen-address 127.0.0.1:8118
By default, localhost's IP is 127.0.0.1, so this file usually just works.
Let's start the service:
- sudo /etc/init.d/tor start
- sudo /etc/init.d/privoxy start
Now configure browser for Tor:
Open your MozillaBased-Browser, click on Edit->Preferences->Advanced->Network and click on Settings...
DO IT & CONFIRM ALL!
Close browser. Now open Terminal and RUN tor and privoxy as written above. Open your browser and
Hower, if you want to stop tor and privoxy, type:
- sudo /etc/init.d/tor stop
- sudo /etc/init.d/privoxy stop
WARNING!
Now, by these two methods, we are "proxied" only on browser, in fact from the point of view of system we have the true IP address. If you don't believe me :), let's verify the first method by two commands that show public (and not private, that is shown by /sbin/ifconfig) IP; start tor and privoxy, open terminal and type:
- curl ifconfig.me
- curl http://ipecho.net/plain
Close all, close also open terminals, then open one terminal and verify that works by command curl above. PERFECT! SYSTEM IS COMPLETELY ToRxYED! =)
IMPORTANT NOTE: when you check with curl command, remember to close the terminal and reopen it. If you don't close it, it gives you the old IP address.
ALTERNATIVE UPDATED 2017 (BETTER SOLUTION)
It is needed to download Tor Browser Bundle from the official website into a folder, by Terminal to access into folder and type the following command to work with it:
- ./start-tor-browser
To configure the entire system to work under Tor, you need to install polipo or privoxy. These two softwares allow to route HTTP/HTTPS requests to SOCKS5 otherwise we are not able to navigate by HTTP/HTTPS protocol. I have chosen to use polipo because it is part of torproject. Open the terminal and type:
- sudo apt-get install polipo
- sudo gedit /etc/polipo/config
# This file only needs to list configuration variables that deviate # from the default values. See /usr/share/doc/polipo/examples/config.sample # and "polipo -v" for variables you can tweak and further information. logSyslog = true logFile = /var/log/polipo/polipo.log ### Basic configuration ### ******************* # Uncomment one of these if you want to allow remote clients to # connect: # proxyAddress = "::0" # both IPv4 and IPv6 # proxyAddress = "0.0.0.0" # IPv4 only proxyAddress = "127.0.0.1" proxyPort = 8118 # If you do that, you'll want to restrict the set of hosts allowed to # connect: # allowedClients = "127.0.0.1, 134.157.168.57" # allowedClients = "127.0.0.1, 134.157.168.0/24" allowedClients = 127.0.0.1 allowedPorts = 1-65535 # Uncomment this if you want your Polipo to identify itself by # something else than the host name: proxyName = "localhost" # Uncomment this if there's only one user using this instance of Polipo: cacheIsShared = false # Uncomment this if you want to use a parent proxy: # parentProxy = "squid.example.org:3128" # Uncomment this if you want to use a parent SOCKS proxy: socksParentProxy = "localhost:9150" socksProxyType = socks5 ### Memory ### ****** # Uncomment this if you want Polipo to use a ridiculously small amount # of memory (a hundred C-64 worth or so): # chunkHighMark = 819200 # objectHighMark = 128 # Uncomment this if you've got plenty of memory: # chunkHighMark = 50331648 # objectHighMark = 16384 chunkHighMark = 67108864 ### On-disk data ### ************ # Uncomment this if you want to disable the on-disk cache: diskCacheRoot = "" # Uncomment this if you want to put the on-disk cache in a # non-standard location: # diskCacheRoot = "~/.polipo-cache/" # Uncomment this if you want to disable the local web server: localDocumentRoot = "" # Uncomment this if you want to enable the pages under /polipo/index? # and /polipo/servers?. This is a serious privacy leak if your proxy # is shared. # disableIndexing = false # disableServersList = false disableLocalInterface = true disableConfiguration = true ### Domain Name System ### ****************** # Uncomment this if you want to contact IPv4 hosts only (and make DNS # queries somewhat faster): # # dnsQueryIPv6 = no # Uncomment this if you want Polipo to prefer IPv4 to IPv6 for # double-stack hosts: # # dnsQueryIPv6 = reluctantly # Uncomment this to disable Polipo's DNS resolver and use the system's # default resolver instead. If you do that, Polipo will freeze during # every DNS query: dnsUseGethostbyname = yes ### HTTP ### **** # Uncomment this if you want to enable detection of proxy loops. # This will cause your hostname (or whatever you put into proxyName # above) to be included in every request: disableVia = true # Uncomment this if you want to slightly reduce the amount of # information that you leak about yourself: # censoredHeaders = from, accept-language # censorReferer = maybe censoredHeaders = from,accept-language,x-pad,link censorReferer = maybe # Uncomment this if you're paranoid. This will break a lot of sites, # though: # censoredHeaders = set-cookie, cookie, cookie2, from, accept-language # censorReferer = true # Uncomment this if you want to use Poor Man's Multiplexing; increase # the sizes if you're on a fast line. They should each amount to a few # seconds' worth of transfer; if pmmSize is small, you'll want # pmmFirstSize to be larger. # Note that PMM is somewhat unreliable. # pmmFirstSize = 16384 # pmmSize = 8192 # Uncomment this if your user-agent does something reasonable with # Warning headers (most don't): # relaxTransparency = maybe # Uncomment this if you never want to revalidate instances for which # data is available (this is not a good idea): # relaxTransparency = yes # Uncomment this if you have no network: # proxyOffline = yes # Uncomment this if you want to avoid revalidating instances with a # Vary header (this is not a good idea): # mindlesslyCacheVary = true # Suggestions from Incognito configuration maxConnectionAge = 5m maxConnectionRequests = 120 serverMaxSlots = 8 serverSlots = 2 tunnelAllowedPorts = 1-65535
Save the configuration file.
Successively, we must go (I'm on Kali) on Applications-->System Tools-->Preferences-->System Settings. Then go on Network-->Network Proxy, and put Method: Normal, and in the first fields insert localhost, and on second fields insert: 8118, 8118, 9150, 9150.
Then open the terminal and type:
- sudo polipo
or
- sudo polipo -c /etc/polipo/config
The first command should call the /etc/polipo/config file since it is the default configuration file. To check the correctness of polipo state, you can check the log file by typing:
- sudo less /var/log/polipo/polipo.log
Note that this log file does not delete automatically older errors. If it does not contain new errors and the terminal running polipo is not idle, it means that polipo is on, we can route HTTP/HTTPS requests to SOCKS5. But SOCKS5 is enabled by Tor, so we need to start Tor Browser Bundle.
At the end open Tor Browser Bundle by typing:
- ./start-tor-browser
in the Tor Browser Bundle folder. At this point, HTTP, HTTPS, SOCKS4 and SOCKS5 connections work correctly.
TEST HTTP CONNECTION
by typing in a new terminal:
- curl ifconfig.me
- curl http://ipecho.net/plain
TEST HTTPS CONNECTION
by connecting on https://www.facebook.com or another site that supports https protocol.
SOCKS protocol working is checked directly by Tor Browser: if Tor works, it means that SOCKS protocol works.
NOTE: Tor Browser must be left opened otherwise SOCKS connection will be closed and we cannot connect to Internet. Also terminal running polipo must be left opened.
NOTE: Tor Browser must be left opened otherwise SOCKS connection will be closed and we cannot connect to Internet. Also terminal running polipo must be left opened.
PERFECT! SYSTEM IS COMPLETELY ToRxYED! =)
IMPORTANT NOTE: when you check with curl command, remember to close the terminal and reopen it. If you don't close it, it gives you the old IP address.
I'm WAITING for
Nessun commento:
Posta un commento