61
edits
Difference between revisions of "Tor"
Jump to navigation
Jump to search
no edit summary
| (26 intermediate revisions by 10 users not shown) | |||
| Line 1: | Line 1: | ||
'''Tor''' (previously an acronym for The Onion Router) is a space within the normal Internet where all users can remain anonymous, activities can remain untraceable, and its resources can remain hidden from the rest of the Internet. If you are reading this page, you are probably using the Tor network. | {{Template:Computer engineering}} | ||
<div style="float: right; margin-left: 12px">__TOC__</div> | |||
'''Tor''' (/tɔɹ/, previously an acronym for The Onion Router) is a space within the normal Internet where all users can remain anonymous, activities can remain untraceable, and its resources can remain hidden from the rest of the Internet. If you are reading this page, you are probably using the Tor network. | |||
Technically, Tor is free software for enabling online anonymity and censorship resistance. This software directs Internet traffic through a free, worldwide, volunteer network consisting of more than five thousand relays to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. | Technically, Tor is free software for enabling online anonymity and censorship resistance. This software directs Internet traffic through a free, worldwide, volunteer network consisting of more than five thousand relays to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis. | ||
| Line 5: | Line 8: | ||
Using Tor makes it more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages, and other communication forms", back to the user and is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential business by keeping their internet activities from being monitored. | Using Tor makes it more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages, and other communication forms", back to the user and is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential business by keeping their internet activities from being monitored. | ||
== Upload files with Orbot on your smartphone == | |||
See [[Orbot]] article. | |||
== Snowflake is a system to defeat internet censorship == | |||
Android [[Tor Browser]] Alpha | |||
Snowflake | |||
[[Snowflake]] is a system to defeat internet censorship. People who are censored can use Snowflake to access the internet. Their connection goes through Snowflake proxies, which are run by volunteers. For more detailed information about how Snowflake works see our documentation wiki. | |||
https://snowflake.torproject.org/?lang=en_US | |||
https://gitlab.torproject.org/legacy/trac/-/wikis/doc/Snowflake/ | |||
== How to use == | == How to use == | ||
| Line 11: | Line 28: | ||
On [[terminal]], type the below [[command]]s: | |||
cd tor-browser_en-US/ | cd tor-browser_en-US/ | ||
./start-tor-browser.desktop | ./start-tor-browser.desktop | ||
then it starts. It doesn't need to be installed. | And then it starts. It doesn't need to be installed. | ||
== Firefox connects via Tor to Mullvad. Mullvad will be the exit node. == | |||
* Tor and [[Mullvad VPN]] | |||
Last updated: 21 January 2021 | |||
In this guide we will install the [[Tor Browser]] and enable other programs to connect to the internet via the [[Tor]] Browser proxy. | |||
Overview | |||
We will first install [[OpenVPN]] and configure it to connect to [[Mullvad]] via the Tor Browser. Last step is to configure Firefox (or other programs) to connect to Mullvad using our [[SOCKS5]] proxy | |||
The end result is that [[Firefox]] connects via Tor to Mullvad ("VPN through Tor"). Mullvad will be the exit node. | |||
The Tor Browser itself will only use the Tor Network. | |||
Programs not configured to use Mullvad's SOCKS5 proxy will connect directly to the internet without using any VPN or Tor at all. | |||
Set-up instructions | |||
Linux | |||
1. Install OpenVPN (OpenVPN installation guide) | |||
2. Download the Tor Browser for Linux | |||
3. Verify signatures. | |||
4. Unpack the Tor Browser (xz -d tor-browser-linux*.xz && tar -vxf tor-browser-linux*.tar) | |||
5. cd into "tor-browser*/Browser/TorBrowser/Data/Tor" | |||
6. Edit torrc-defaults and change CookieAuthentication 1 to CookieAuthentication 0 | |||
7. Save the change. | |||
8. Download an OpenVPN configuration file from our website, make sure you select Linux as Platform and 443 TCP as Port (Tor only works with TCP, not UDP). | |||
9. Extract the zip file | |||
10. Edit the OpenVPN configuration file | |||
11. Add the following entries to it: | |||
route-nopull | |||
route 10.8.0.1 255.255.255.255 | |||
socks-proxy 127.0.0.1 9150 | |||
12. Save the changes | |||
13. rename the configuration file to something easy to identify like mullvad_tor.conf | |||
14. Start the Tor browser | |||
15. Start OpenVPN using the mullvad_tor.conf | |||
16. Open Firefox (not the tor browser) and then go to our Connection check to check your IP | |||
17. Follow our SOCKS5 guide and then reload the Connection check to verify that the IP address is showing one of Mullvads IP addresses | |||
http://o54hon2e2vj6c7m3aqqu6uyece65by3vgoxxhlqlsvkmacw6a7m7kiad.onion/en/help/tor-and-mullvad-vpn/ | |||
https://mullvad.net/en/help/tor-and-mullvad-vpn/ | |||
== Tor Plus VPN == | |||
=== You -> VPN/SSH -> Tor === | |||
You can route Tor through VPN/SSH services. That might prevent your ISP etc from seeing that you're using Tor (VPN/SSH Fingerprinting below). On one hand, VPNs are more popular than Tor, so you won't stand out as much, on the other hand, in some countries replacing an encrypted Tor connection with an encrypted VPN or SSH connection, will be suspicious as well. SSH tunnels are not so popular. | |||
Once the VPN client has connected, the VPN tunnel will be the machine's default Internet connection, and TBB (Tor Browser Bundle) (or Tor client) will route through it. | |||
This can be a fine idea, assuming your VPN/SSH provider's network is in fact sufficiently safer than your own network. | |||
Another advantage here is that it prevents Tor from seeing who you are behind the VPN/SSH. So if somebody does manage to break Tor and learn the IP address your traffic is coming from, but your VPN/SSH was actually following through on their promises (they won't watch, they won't remember, and they will somehow magically make it so nobody else is watching either), then you'll be better off. | |||
https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN#You-VPNSSH-Tor | |||
=== VPN/SSH Fingerprinting === | |||
Using a VPN or SSH does not provide strong guarantees of hiding your the fact you are using Tor from your ISP. VPN's and SSH's are vulnerable to an attack called Website traffic fingerprinting 1. Very briefly, it's a passive eavesdropping attack, although the adversary only watches encrypted traffic from the VPN or SSH, the adversary can still guess what website is being visited, because all websites have specific traffic patterns. The content of the transmission is still hidden, but to which website one connects to isn't secret anymore. There are multiple research papers on that topic. 2 Once the premise is accepted, that VPN's and SSH's can leak which website one is visiting with a high accuracy, it's not difficult to imagine, that also encrypted Tor traffic hidden by a VPN's or SSH's could be classified. There are no research papers on that topic. | |||
What about Proxy Fingerprinting? It has been said above already, that connections to proxies are not encrypted, therefore this attack isn't even required against proxies, since proxies can not hide the fact, you're using Tor anyway. | |||
1 See Tor Browser Design for a general definition and introduction into Website traffic fingerprinting. https://2019.www.torproject.org/projects/torbrowser/design/ | |||
2 See slides for Touching from a Distance: Website Fingerprinting Attacks and Defenses. There is also a research paper from those authors. Unfortunately, it's not free. However, you can find free ones using search engines. Good search terms include "Website Fingerprinting VPN". You'll find multiple research papers on that topic. https://www3.cs.stonybrook.edu/~xcai/fp.pdf https://dl.acm.org/doi/10.1145/2382196.2382260 | |||
https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN#VPNSSHFingerprinting | |||
=== VPN versus SSH or Proxy === | |||
VPN operates on network level. A SSH tunnel can offer a socks5 proxy. Proxies operate on application level. These technical details introduce their own challenges when combining them with Tor. | |||
The problematic thing with many VPN users is, the complicated setup. They connect to the VPN on a machine, which has direct access to the internet. | |||
* the VPN user may forget to connect to the VPN first | |||
* without special precautions, when a VPN connection breaks down (VPN server reboot, network problems, VPN process crash, etc.), direct connections without VPN will be made. | |||
To fix this issue you can try something like VPN-Firewall. https://github.com/adrelanos/VPN-Firewall | |||
When operating on the application level (using SSH tunnel socks5 or proxies), the problem is that many applications do not honor the proxy settings. Have a look into the Torify HOWTO to get an idea. https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO | |||
The most secure solution to mitigate those issues is to use transparent proxying, which is possible for VPN, SSH and proxies. | |||
https://trac.torproject.org/projects/tor/wiki/doc/TorPlusVPN#VPNversusSSHorProxy | |||
=== You -> X -> Tor === | |||
Some people under some circumstances (country, provider) are forced to use a VPN or a proxy to connect to the internet. Other people want to do that for other reasons, which we will also discuss. | |||
== TOR Anonymity: Things Not To Do While Using TOR == | |||
* TOR Anonymity: Things Not To Do While Using TOR | |||
May 23, 2018 | |||
9 Things you shouldn’t do while using Tor | |||
1. Don’t use your mobile phone for 2-Step verification on Tor | |||
2. Don’t operate user accounts outside TOR | |||
3. Don’t post your personal information | |||
4. Don’t send unencrypted data over TOR | |||
5. Don’t use TOR with Windows | |||
6. Don’t forget to delete cookies and local website data | |||
7. Don’t use TOR for Google Search | |||
8. Don’t use HTTP website on TOR | |||
9. Don’t connect to the same server with and without TOR simultaneously | |||
https://fossbytes.com/tor-anonymity-things-not-using-tor/ | |||
== Tor redirection vulnerability exit node == | |||
* Obtaining IP Addresses, Even from the Tor Network | |||
June 5, 2019 | |||
At a very high level, these are the different conditions required to obtain one’s IP address through a Tor network channel: | |||
* Use a standard web browser, not the Tor browser | |||
* Control of a Tor exit node | |||
* HTTP packet sniffing | |||
* HTTP 301 cache poisoning | |||
I want to look at each of these conditions independently and review them. | |||
https://www.secplicity.org/2019/06/05/obtaining-ip-addresses-even-from-the-tor-network/ | |||
== Tor Security == | == Tor Security == | ||
| Line 47: | Line 224: | ||
* [http://www.user-agents.org/ User-Agents.org] - a searchable database of user agents | * [http://www.user-agents.org/ User-Agents.org] - a searchable database of user agents | ||
See [[Browser Security|browser security]] for more on the subject. | See [[Browser Security|browser security]] for more on the subject. | ||
=== Bridges === | |||
If your country censors your Tor using, you should use a [[bridge]]. | |||
Start [[Tor Browser Bundle]]. | |||
Click the Cancel button before [[Tor Browser]] connects to [[Tor network]]. | |||
Click the Configure button. | |||
Check the [[checkbox]] "Tor is censored in my country" | |||
Bridge Relay Help | |||
Bridges are unlisted relays that make it more difficult to block connections to the Tor Network. Each type of bridge uses a different method to avoid censorship. The obfs ones make your traffic look like random noise, and the meek ones make your traffic look like it's connecting to that service instead of Tor. | |||
Because of how certain countries try to block Tor, certain bridges work in certain countries but not others. If you are unsure about which bridges work in your country, visit torproject.org/about/contact.html#support | |||
Click "Select a built-in bridge". Click "select a bridge". There are for types of bridges: [[obfs4]], [[fte]], [[meek]]-[[azure]] (works in [[China]]), [[obfs]]3. None of them works in my countries. It starts a progress to connect to [[Tor network]], but it is stuck and not finished. | |||
Check "Request a bridge from torproject.org" and click the "Request a Bridge..." button. Solve the [[CAPTCHA]] to request a [[bridge]]. | |||
"Request a bridge from torproject.org" works well in my country. | |||
If you want, you can choose "Provide a vridge I know". Type address:port (one per line). | |||
You can also use a [[proxy]] or [[VPN]] to connect Tor. Just check the [[check box]] "I use a proxy to connect to the Internet" and fill out "Proxy Type", "Address", and "Port." "Username" and "Password" are optional. There are three types for "Proxy Type": [[SOCKS]] 4, [[SOCKS 5]], '[[HTTP]] / [[HTTPS]]'. | |||
If you want to use a [[bridge]]s for [[Android]], see the [[Orbot]] article. | |||
* Tor bridges was banned in [[china]] mainland almostly? | |||
Apr 01 2018 | |||
https://www.reddit.com/r/TOR/comments/88kcp7/tor_bridges_was_banned_in_china_mainland_almostly/ | |||
* [[TOR]] - [[China]] Bridges | |||
Jun 25, 2018 | |||
https://www.reddit.com/r/TOR/comments/8tom7h/china_bridges/ | |||
=== NIT === | |||
* [TUTO] Protect and harden your torrc configration. NIT 2.0 | |||
http://bestboytt55akspr.onion/viewtopic.php?f=7&t=4355 | |||
* There's a new [[NIT]] being deployed on [[Tor]] users. It causes your Tor client to connect to a malicious guard node, revealing your real IP. It isn't OS specific and exploits not only the Tor browser but the Tor network itself. If anyone can bring this to the attention of the Tor devs, please do so right away. This NIT preys on the fact that they're trying to spot malicious exits only and not malicious guards. You can help improve and strengthen the Tor network by bringing this to the attention of the Tor devs, and hopefully get it patched ASAP | |||
http://beepedjhffvat3uwij5fxny72vlj7ugqb67ippjebise6adxf73y3uqd.onion/t/f12ed476529cc226a0e851de63b3068aabb4e72b/ | |||
== Tor Usage Tips == | == Tor Usage Tips == | ||
| Line 145: | Line 398: | ||
See article [[Setup Anonymous SSH Via Tor Hidden Services]] | See article [[Setup Anonymous SSH Via Tor Hidden Services]] | ||
[[ | |||
== See also == | |||
* [[Orfox]] | |||
* [[Orbot]] | |||
* [[Security]] | |||
* [[Darknet]] | |||
* [[Firefox]] | |||
* [[I2P]] | |||
* [[Freenet]] | |||
* [[anoNet]] | |||
* [[Whonix]] | |||
* [[IprediaOS]] ([[Ipredia]]) | |||
* [[Tails]] | |||
[[Category:Darknet]] | [[Category:Darknet]] | ||
[[Category:Dark web]] | [[Category:Dark web]] | ||
[[Category:Tor]] | [[Category:Tor]] | ||
[[Category:Deep web]] | |||
[[Category:Security]] | [[Category:Security]] | ||