Difference between revisions of "Tor"

Tor (view source)

Revision as of 22:12, 22 October 2016

11,487 bytes removed , 22:12, 22 October 2016

*ATTENTION*THIS*SCAM*WIKI*IS*RUN*BY*ISIS*TERRORIST*ORGANIZATION*ALL*LINKS*ARE*SCAM*ALL*INFO*MISLEADING*WILL*BRING*YOU*TO*PRISON*

Timbuktu

155

edits

@@ Line 1: / Line 1: @@
-'''Tor''' (previously an acronym for The Onion Router) is a space within the normal Internet where all users can remain anonymous, activities can remain untraceable, and its resources can remain hidden from the rest of the Internet. If you are reading this page, you are probably using the Tor network.
+*ATTENTION*THIS*SCAM*WIKI*IS*RUN*BY*ISIS*TERRORIST*ORGANIZATION*ALL*LINKS*ARE*SCAM*ALL*INFO*MISLEADING*WILL*BRING*YOU*TO*PRISON*
-Technically, Tor is free software for enabling online anonymity and censorship resistance. This software directs Internet traffic through a free, worldwide, volunteer network consisting of more than five thousand relays to conceal a user's location or usage from anyone conducting network surveillance or traffic analysis.
-Using Tor makes it more difficult to trace Internet activity, including "visits to Web sites, online posts, instant messages, and other communication forms", back to the user and is intended to protect the personal privacy of users, as well as their freedom and ability to conduct confidential business by keeping their internet activities from being monitored.
-An extract of a Top Secret appraisal by the NSA characterized Tor as "the King of high secure, low latency Internet anonymity" with "no contenders for the throne in waiting".
-== Tor Security ==
-=== Check that Tor is working ===
-* [http://check.torproject.org/ Are you using Tor?] ([https://check.torproject.org/ SSL]) - checks IP address
-* [http://torcheck.xenobite.eu/ TorCheck] ([https://torcheck.xenobite.eu/ SSL]) - checks several browser settings
-* TorStatus - Tor Network Status
-** [http://torstatus.blutmagie.de/ blutmagie] ([https://torstatus.blutmagie.de/ SSL]) - original site
-** [http://torstatus.all.de/ all.de] ([https://torstatus.all.de/ SSL]) - mirror
-** [http://torstatus.asprion.org/ MagratheaMajor] ([https://torstatus.asprion.org/ SSL]) - mirror
-** [http://torstatus.cyberphunk.org/ cyberphunk]) - mirror
-** [http://torstatus.rueckgr.at/ reuckgr.at] ([https://torstatus.rueckgr.at/ SSL]) - mirror
-** [http://tns.hermetix.org/ hermetix] - mirror
-* [http://www.showmyip.com/?version=full showmyip.com] ([https://www.showmyip.com/?version=full SSL]) - Tor-aware and shows detailed information about your exit-node's IP address
-=== Check your anonymity ===
-These websites test for a large number of potentially identifying characteristics and then report their findings to you. Some even use exploits to try to determine your real IP address.
-* [http://decloak.net/ Metasploit Decloaking Engine] - Attempts to find your IP address with client-side vulnerabilities.
-* [http://anonymous-proxy-servers.net/en/anontest JonDos Anonymity Test] ([https://anonymous-proxy-servers.net/en/anontest SSL]), [http://www.jondos.de/en/anontest redirect] ([https://jondos.de/en/anontest SSL]), [https://www.jondonym.de/en/anontest redirect] - Shows your HTTP headers as well as your configuration using Java and Javascript.
-* [http://deanonymizer.com/ Deanonymizer] - Shows weaknesses in security, privacy, and anonymity implementations with your web browser (DOWN?).
-* [http://panopticlick.eff.org/ Panopticlick] ([https://panopticlick.eff.org/ SSL]) - rates the rareness of your configuration based on their statistics
-* [http://browserspy.dk/ BrowserSpy.dk] - has a large number of individual tests
-=== User agent ===
-A web browser's [http://en.wikipedia.org/wiki/User_agent user agent] can sometimes identify a user. By the same token, a changed user agent can also identify a user, particularly when that change is inconsistent with that browser's behavior. [http://www.torproject.org/torbutton/ Torbutton] is a Firefox add-on that in addition to mitigating a number of anonymity risks sets the user agent so that all Torbutton users share the same user agent. See the following links for more information on user agents.
-* [http://www.useragentstring.com/ UserAgentString.com] - shows and explains your user agent
-* [http://www.walkernews.net/2007/07/05/how-to-change-user-agent-string/ How To Change User Agent String]
-* [http://www.user-agents.org/ User-Agents.org] - a searchable database of user agents
-See [[Browser Security|browser security]] for more on the subject.
-== Tor Usage Tips ==
-=== Use a Google proxy ===
-For IPs issuing a large volume of queries (pretty much any Tor exit node), Google either blocks access outright or requires [[wikipedia:CAPTCHA|CAPTCHA]] + cookies. This is both annoying and bad for privacy. To get around this, search Google using one of the proxies available:
-* https://ssl.scroogle.org/
-* http://www.blackboxsearch.com/index.php
-* http://blackle.com/
-=== Let your computer retry .onion sites for you ===
-Have you ever tried to visit an .onion site that you know is up, but the connection still times out on the first or second attempt? So you have to sit there and manually command your browser to refresh the page until it finally loads? Yeah that's a pain.
-If you're using Privoxy as your http proxy, you can tell it to ''automatically retry connecting to .onion sites for you'' by adding the following directive to the config file (e.g. /etc/privoxy/config):
-  forwarded-connect-retries 10
-The number "10" is only a suggested value. Make it whatever makes sense for you.
-If you're using firefox, the [https://addons.mozilla.org/en-US/firefox/addon/2462 Try again] extension can do a similar thing inside the browser.
-Still having trouble with connectivity? Try [[#Build new circuits|building new circuits]].
-=== Bypass website registration ===
-First see if someone has already created a publicly shared account on [http://www.bugmenot.com/ BugMeNot]. There used to be a hidden service named [http://anegvjpd77xuxo45.onion/wiki/BugMeNotRevolution/ BugMeNotRevolution] for the same purpose; somebody should recreate it.
-Creating one-off email accounts through Gmail, etc. is a pain. Several websites offer [[Email#Receiving email anonymously (disposable email addresses)|disposable email addresses]]. Use them to receive confirmation emails.
-=== Browse sites over SSL ===
-Obviously if you're accessing your bank account over Tor ''you need to connect using SSL''. But what you may not have realized is that many of the other sites you use day-to-day offer SSL versions, which prevents exit nodes from sniffing and interfering with your browsing.
-The EFF has released a great Firefox addon, HTTPS Everywhere, at http://www.eff.org/https-everywhere
-* https://mail.google.com/mail/
-* https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page
-'''Note''': make sure to [[#Check to make sure Tor is working properly|double check]] that ''even over SSL'' your browser is still correctly configured to anonymize your browser characteristics.
-=== Take control of your identity ===
-==== Build new circuits ====
-Are sites loading really slowly? Have you ever anonymously posted your secret furry pron stash, then wanted to log back in with your normal account&mdash;without having the same IP address be used to tie the two activities together? Has some tool gotten a particular exit node banned from your favorite site?
-Tor automatically and periodically picks out new nodes to build circuits, however sometimes we need to tell Tor that we want entirely new circuits ''right now''. Fortunately, Tor makes this easy:
-* If you are using Vidalia, select "Use a New Identity" from the Control Panel.
-* Alternatively, as long as you have the [https://www.torproject.org/tor-manual.html.en ControlPort] enabled, you can use the venerable command line tool, <code>netcat</code>, to issue the command. First establish the connection:
-  $ nc localhost 9051
-  authenticate ""
-: Then whenever you need to build new circuits, issue the command:
-  signal newnym
-==== Specify your exit node ====
-Another way you can control how your traffic is routed, is to specify which exit node you want to use for a connection. What you need to do is modify the URL you type into whatever application you are using by appending the special form ".<exit node>.exit" to the domain name. So for example, to visit http://www.torproject.org/ from the Swedish exit node ''cassandra'', you would enter http://www.torproject.org.cassandra.exit/. Possible uses include making your connections appear to come from a specific country, and to confine your connections to certain exit nodes that are known to work well with a particular site.
-=== Use a Tor-specific live CD ===
-With the possible exception of swap space, doesn't leave any traces and is auto-configured to use Tor.
-* [http://tails.boum.org/ TAILS] - Live CD/USB distribution preconfigured to use Tor safely.
-* [http://dee.su/liberte Liberté Linux] -  secure, reliable, lightweight and easy to use Gentoo-based LiveUSB/SD/CD Linux distribution with the primary purpose of enabling anyone to communicate safely and covertly in hostile environments.
-* [http://mandalka.name/privatix Privatix] - LiveCD/USB. Debian, Tor, z.B. Browser and Torbutton. List of installed packages [http://mandalka.name/privatix/software.html here].
-* [http://phantomix.ytternhagen.de/ Phantomix] - LiveCD. Knoppix, Tor, FireFox and Privoxy. List of installed packages [http://phantomix.ytternhagen.de/installed.txt here].
-* [http://bypasscleanfeed.org/oniondsl Oniondsl] - LiveCD. DSL. No list available of packages installed.
-<!-- ROCKate wiki says it has been moved to http://xsanr2oqmett7ovm.onion/. I couldn't access the .onion for more info. Try to access it and get some more details. -->
-* [http://www.rocklinux.net/wiki/ROCKate ROCKate] ([http://xsanr2oqmett7ovm.onion/ more info])
-* [http://sourceforge.net/projects/anonym-os/ Anonym.OS] - LiveCD, older one, based on OpenBSD
-=== OnionCat Usage Tips ===
-* Always be mindful that any services on your host bound to :: can be accessed by other users of OnionCat. Either have these services bind to an address in a space other than fd87:d87e:eb43::/48 (the hard-coded default) or to an IPv4 address, or simply plug it with an appropriate set of firewall rules.
-* Consider applying bidirectional rate-limiting mechanisms for ICMPv6 communication on the tunnel interface (in case of an accidental or deliberate surge of echo requests/replies occurring), and plugging any known peer exploits associated with the protocol, if not blocking it altogether.
-* Include every OnionCat address that your host is ever expected to perform name resolution upon in your "hosts" file, to prevent pseudo DNS leaks.
-* Easy ways to prevent other potential leaks are still being investigated at this time.
-== FAQ ==
-===Is RSS running over Tor safe or not?===
-'''Does it compromise anonymity somehow? Where I can read more about it? And what do you think about Onionforum RSS service? [http://l6nvqsqivhrunqvs.onion/?do=topic&id=4685]'''
-The RSS family is more a data format than anything else, but it's pretty much implied that the feeds are published over http/[[https]]. As long as your RSS feed reader is set to forward the request including the hostname through Tor via an http proxy (typically Privoxy), you should be fine. My Firefox does seem to honor the proxy settings for downloading RSS feeds, but as always you need to check for yourself if there are any leaks.
-'''Never use RSS with a feed reader that is configured to use Tor at some times and not at others.''' For example, don't subscribe to feeds in Firefox if you use Torbutton to toggle Tor usage on and off. Otherwise, when Tor is bypassed, your feed reader will go out to fetch the feed in the background and give away your IP.
-===How do I SSH into a hidden service?===
-See article [[Setup Anonymous SSH Via Tor Hidden Services]]
-===How do I SSH into a hidden service?===
-See article [[Setup Anonymous SSH Via Tor Hidden Services]]

Difference between revisions of "Tor"

Tor (view source)

Revision as of 22:12, 22 October 2016

Navigation menu

Search