For those who don't know, TOR stands for the The Onion Router. TOR provides anonymous (FYI this differs from secure) access to the internet by bouncing your communications around a distributed
network of relays run by volunteers all around the world: it prevents
somebody watching your Internet connection from learning what sites you
visit, and it prevents the sites you visit from learning your physical
location. Tor works with many of your existing applications, including
web browsers, instant messaging
clients, remote login, and other applications based on the TCP protocol. (src) Think of it like every movie which has an evil hacker "He is untraceable, he is bouncing from USA to Africa to France etc..)
I have been an off-and-on again user of TOR for several years, however I really never found the "killer purpose" for using it -- After all I no longer pretend to be that bad guy hacker in a poorly written movie. However this weekend, @Surbo brought up an interesting situation: He noticed that a malicious site (which happened to be actively targeting our company) disappeared and changed tactics as soon as he started investigating it. He was concerned that the bad guys were watching THEIR logs, and took action when they saw him knocking on their door. That got me thinking, it would be nice if we had a centralized TOR server that my team could use every time we wanted to "investigate" a foreign site.
The following tutorial will walk you through setting up this centralized TOR proxy, which allows for multiple computers to easily connect and disconnect with a simple click of the mouse (and very little software to install).
Requirements:
- Always on computer (This will be the TOR proxy, from now on referenced as ComputerA)
- Second computer (This can be a desktop/laptop/iphone whatever, from now on referenced as ComputerB)
- Basic networking and sub-netting concepts
COMPUTER-AInstall the TOR client on ComputerA using the installation instructions found on TOR's site. They have great documentation walking you through the installation on OSX, Windows, and Linux operating systems. (Note: my systems were both OSX, so screenshots will reflect OSX install) I mentioned above that I had used TOR in the past, I can tell you I was
pleasantly surprised how easy it was to get TOR running on the current
code set.
Once installed, open "Vidalia" and make sure TOR is stopped. (If it isn't, go ahead and stop it) click on "Settings" and then "Advanced". You will need to make note of the location of the Tor configuration file. Edit the Tor Configuration file using your favorite file editor. (Using Smultron on my mac, I opened /Users/hevnsnt/Library/Vidalia/torrc)
Add the following to the bottom of the file:
SocksListenAddress 0.0.0.0:9100 #Accept from all interfaces
COMPUTER-BWhile Firefox is certainly NOT needed, we will be using it to connect ComputerB to the central TOR proxy. Using Firefox, visit https://addons.mozilla.org and search for: TorButton (link) and click on "Add to Firefox". After it is done installing, restart firefox and you will now see a "Tor Disabled" link on the bottom right of your browser.
In Firefox click on Tools/Add-ons, highlight TorButton and click "Preferences". Remove all entries in both HTTP and SSL boxes, and put ComputerA's IP address in the SOCKS field and 9100 for the port.
Save the TorButton settings, and exit back to Firefox. Click on "Tor Disabled" this will change to "Tor Enabled". Open a new tab and visit https://check.torproject.org/. If everything went right you should see..
You could now repeat this process (ComputerB) on multiple machines and have multiple machines using ComputerA as their TOR proxy. For most of the time you will run in "Tor Disabled" mode, as Tor significantly slows your browsing down, but in those times you want to be annonymous, you only need click once and you are hidden!
It is worth noting that this configuration may be susceptible to DNS leaks, which happen
when the client computer accessing the website in question through Tor
performs a DNS lookup of the target address, instead of letting the exit
node perform the DNS lookup for the address for the client.Firefox is one of the current browsers that
allows configuration for Socks Remote DNS over local DNS resolution. To
change this, in Firefox enter 'about:config' in the address bar. Using
the filter bar, or scrolling, find the entry
'network.proxy.socks_remote_dns'. Right click the value and select
Toggle State. You are now configured to properly use Remote DNS through
Socks. Also, when accessing .onion
hidden pages, Firefox needs to be configured to have a longer proxy
timeout than normal. Use the above steps to get into about:config, and
modify the value for 'network.proxy.failover_timeout' to be '5000'.
That being said, you don't need Firefox to point to the TOR proxy, all you would need to do is configure your Computer or Application to use a SOCKS5 proxy and point it at ComputerA's IP address, port 9100. OSX has the ability to do a OS wide proxy via Settings/Network/Ethernet/Advanced.
Enjoy!
|
