Tor is an anonymity network using onion routing.
Privacy Risks[edit | edit source]
While Tor is designed to protect your privacy and provide anonymity, there are certain risks that should be understood before using Tor. Some of which are:
- Compromised Exit Nodes: Anything you fetch from the internet via Tor that isn't encrypted will be visible to the exit node that is serving your request. The exit node can therefore see any HTTP requests or SMTP traffic. A 2016 article found that 1 in 9 exit nodes may be compromised. Treat Tor like a public WiFi network and assume anyone else can eavesdrop on your internet traffic. Traffic to a hidden service isn't affected by this as it doesn't go through exit nodes, but that leads to the next issue.
- Compromised Guard Nodes: The first node you connect to knows your real IP address. Because your Tor connection might refresh its circuit and use a different guard node, eventually someone running a compromised guard node will know that you from your IP address connected to Tor. Combined with timing attacks and this may be enough to pinpoint an individual user.
- Traffic Shaping and Timing Attacks: Your ISP can see Tor traffic and know that you are connected to the Tor network. Again, with timing attacks, it may be possible to determine your circuit configuration and determine what your destinations are.
- Your Activities and Behavior: What you do on Tor matters and doing something silly such as posting your email address, name, a previously used bitcoin address, or any other identifiable information will leak your identity. Your browsing behavior such as what you view, at what time, and browsing patterns might also be identifiable. The longer you are on Tor, the higher this exposure becomes.
Installation[edit | edit source]
Linux[edit | edit source]
Download and compile the Tor source. Alternatively, use the Docker image at https://git.steamr.com/docker/tor.
FreeBSD[edit | edit source]
cd /usr/ports/security/tor make config-recursive make install clean echo 'enable_tor="YES"' >> /etc/rc.conf vi /usr/local/etc/tor/torrc
Put the following in your torrc file:
# # Refer to https://www.torproject.org/docs/tor-manual.html.en # # Listen on localhost, using the default port of 9051 SocksPort 9051 SocksListenAddress 127.0.0.1 ORPort 9001 # Do not be an exit node ExitPolicy reject *:* BandwidthRate 10 MB BandwidthBurst 100 MB RunAsDaemon 1 ContactInfo firstname.lastname@example.org
To start tor, run
# /usr/local/etc/rc.d/tor start
Usage[edit | edit source]
As a Transparent Proxy[edit | edit source]
For detailed instructions on setting up a transparent proxy, see Tor Transparent Proxy.
Setup a Hidden Service[edit | edit source]
With Tor set up, add the following lines to the torrc configuration file:
HiddenServiceDir /srv/tor/hidden_services/ HiddenServicePort 80 192.168.192.10:8881
HiddenServiceDir will contain the hidden service hostname and private key. All subsequent
HiddenServicePort directives after will define the ports available from that hostname and to which IP data should be forwarded to.
The Dark Net[edit | edit source]
The dark net isn't really that special. It's like the regular internet. Be amazed by how many scams there are and stay away from some very vile stuff.
Sites[edit | edit source]
- Hidden Wiki - http://zqktlwiuavvvqqt4ybvgvi7tyo4hjl5xgfuvpdf6otjiycgwqbym2qad.onion/wiki/index.php/Main_Page
- Not evil search engine - hss3uro2hsxfogfq.onion
- Intel exchange - rrcc5xgpiuf3xe6p.onion
- 0day.in - qzbkwswfv5k2oj5d.onion
- abraxas (online store) - abraxasdegupusel.onion
- Readers against DRM - c3jemx2ube5v5zpg.onion
Hosting[edit | edit source]
- VPS Hosting - kowloon5aibdbege.onion
- Freedom Hosting 2 - http://fhostingesps6bly.onion/
Other[edit | edit source]
Blocking Tor Exit Nodes[edit | edit source]
While it is recommended to not outright block Tor traffic because there are legitimate uses, sometimes Tor exit nodes really do exhibit really undesirable behavior and you need to block them all for a reprieve. To block all Tor exit nodes that can reach your server, use the
TorBulkExitList.py script at https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=xxx
#/bin/sh # create a new set for individual IP addresses ipset -N tor iphash # get a list of Tor exit nodes that can access $YOUR_IP, skip the comments and read line by line wget -q https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$YOUR_IP -O - | sed '/^#/d' | while read IP do # add each IP address to the new set, silencing the warnings for IPs that have already been added ipset -q -A tor $IP done # filter our new set in iptables iptables -A INPUT -m set --match-set tor src -j DROP
Script above copied from: https://github.com/scriptzteam/BlockTor/blob/master/block.sh