getting started with tor for backtrack linux

1. ### Tutorial on being anonymous on the internet today.
2. ### by gh0st
3. ### big shouts to guys in #antisec on irc.anonops.li -> (especially redacated)
4.  
5. It has become apparent that more and more people today are interested in becoming anonymous on the internet today, and they want to know
6. how to hide themselves. While there are many ways to do this, i am going to show you how you can be anonymous while browsing the web and
7. using irc, for these seem to be the 2 that i find that most people are interested in. While i will cover these 2 areas in depth, you can
8. apply these "anonymous theories" to other services such ass Instant Messaging (Pidgin) for example. This tutorial will cover how to setup
9. tor and polipo on backtrack 5 specifically, but you can apply these methods to any linux distro. I appologize for windows users, however
10. its all pretty much the same thing. Please not that this is a quick tutorial to get you started with tor, i made this tutorial for the
11. guys in #antisec on irc.anonops.li. Big shout out to Redacted, your leadership is well respected! Okay lets get started.
12.  
13. 1. Why is important to be anonymous on the internet today ?
14.  
15. Well people will have different answers for this question. Some people will want to be anonymous so that websites can not track them,
16. and others will want it for more malicious reasons. If you plan on doing things like sql injection and other web attacks then it wouldn't
17. be very smart for you to go and use your real ip address would it... Also if you are going to be doing things such as vulnerability
18. scanning, you are going to be connecting the target network in a very LOUD way, so it is always a good idea to use some kind proxie to try
19. and anonymize your web activity.
20.  
21. 2. Will tor and other proxies keep me 100% anonymous on the internet today.
22.  
23. Well the sad answer for this one is no. Tor will not keep you 100% safe, and even in some instances tor is vulnerable to things like sniff
24. attacks. However, i am with the attitude that it is better than nothing, and Tor will make it more difficult for you to be traced back to.
25.  
26. 3. Tor is free, should i pay for a proxie ?
27.  
28. People ask me all the time what is the difference between using a free proxie vs paying for one. The truth is that it is rumored that free
29. proxie services probably log which could compromise you in a log run, and it is said that if you pay for proxie service that they don't
30. log, this is for you to decide and it depends on how paranoid you are. If you want to spend money great, i am sure you will be happy with
31. the results, me on the other hand i don't need to pay for proxie service.
32.  
33. Lets get started...
34.  
35. Like i stated earlier i am setting up tor and polipo on my backtrack 5 box. This setup will work with most linux distro with small changes.
36. Backtrack 5 does not come with tor in their repo's (other linux distros like fedora do carry it in their repo's) so we need to add tor
37. to the reop's list.
38.  
39. Step 1. go to this directory -> cd /etc/apt
40.  
41. Step 1a. run command "ls -alt" to make sure you have the file "sources.list" if you are running Backtrack or debian or ubuntu you should
42. have this file, for systems like fedora or centos tor is already in your repo's so you don't need to do this.
43.  
44. Step 2. open sources.list with vi -> commmand: vi sources.list
45.  
46. Step 2a. press "i" on your keyboard to enter insert mode in vi and go to the bottom of the page and add this line to /etc/apt/sources.list
47.  
48. "deb http://deb.torproject.org/torproject.org lucid main"
49.  
50. Step 2b. press "esc" on your keyboard to exit insert mode in vi, and on your keyboard type ":" vi will give you a ":" prompt at the end of
51. of the file enter "wq" and press enter. This will write the changes and quit the file.
52.  
53. Step 3. run this command: gpg --keyserver keys.gnupg.net --recv 886DDD89
54.  
55. Step 4. run this command: gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
56.  
57. Step 5. run the command: "apt-get update"
58.  
59. Step 5a. run the command: apt-get install tor tor-geoipdb
60.  
61. Okay now that we have tor installed on our linux box we need to setup polipo. Polipo is what tor uses for web proxy. When you install tor
62. it comes with privoxy (the other web proxy that tor uses) however i prefer Polipo. What is the difference you might ask? Well the major
63. difference between privoxy and polipo comes down to speed. Without getting into too much detail privoxy is considered being "more anonymous"
64. but at the same time, is very slow, it will slow down your web browsing. Polipo is much better when it comes to speed while web browsing,
65. and it works great so it is my choice. However, i will cover how to set both of them up.
66.  
67. ###### Setting up Polipo.
68.  
69. command: apt-get install polipo
70.  
71. Since we added tor to /etc/app/sources.list we can just run that command to get polipo, if you are using fedora or centos then you should
72. have it in your repo's.
73.  
74. Okay now we need to configure polipo to get it working.
75.  
76. Step 1. cd /etc/polipo
77.  
78. Step 2. we are going to use a different config file that the one provided but it is allways a good idea to backup the original one so run
79. this command: mv config conf-backup.txt
80.  
81. Step 3. Go to this website and copy the polipo config file that torproject provides
82. https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf
83.  
84. Step 4. Make a new config file with "vi config" press "i" on your keyboard, and copy and paste the polipo conf file you go from torproject
85. and then press "esc" on your keyboard the enter ":wq" and press enter to save the new file.
86.  
87. This will run polipo on 127.0.0.1 (localhost) on port 8118 -> this is standard if you need to change this then edit the conf file.
88.  
89. Step 5. cd /etc/init.d/
90.  
91. Step 5a. run command: polipo started
92.  
93. NOTE: for backtrack users running the command "polipo start" from /etc/init.d will cause an error which looks like this:
94.  
95. root@bt:/etc/polipo# cd /etc/init.d
96. root@bt:/etc/init.d# polipo start
97. command line:0: parse error.
98. root@bt:/etc/init.d#
99.  
100. So instead we will use the following:
101.  
102. run command: service polipo start
103.  
104. Now polipo should be running smoothly...lets double check though =-P
105.  
106. root@bt:/etc/init.d# ps aux |grep polipo
107. proxy 25081 0.0 0.0 2656 1220 ? Ss 15:39 0:00 /usr/bin/polipo -c /etc/polipo/config pidFile=/var/run/polipo/polipo.pid daemonise=true logFile=/var/log/polipo/polipo.log forbiddenFile=/etc/polipo/forbidden
108. root 25707 0.0 0.0 3372 744 pts/2 S+ 17:41 0:00 grep --color=auto polipo
109.  
110.  
111. another check will be with the command netstat
112.  
113. root@bt:/etc/init.d# netstat -ntl
114. Active Internet connections (only servers)
115. Proto Recv-Q Send-Q Local Address Foreign Address State
116. tcp 0 0 127.0.0.1:8118 0.0.0.0:* LISTEN
117. tcp 0 0 127.0.0.1:9050 0.0.0.0:* LISTEN
118. tcp 0 0 127.0.0.1:7175 0.0.0.0:* LISTEN
119. tcp6 0 0 ::1:7175 :::* LISTEN
120.  
121.  
122. Remember that polipo runs on port 8118, tor is running on 9050
123.  
124. if for whatever reason tor is not running run the command "service tor start"
125.  
126. Alright now that we got tor and polipo correctly configured we need to setup firefox to use the web proxy polipo so that we can start
127. surfing the web anonymously!
128.  
129.  
130. ###### Setting up Privoxy instead of Polipo
131.  
132. If you are the ultra paranoid type and you don't care about your web browsing speed being slowed down then you will want to use privoxy.
133.  
134. I am not going to go into too much detail about setting up privoxy because you use will use basically the same steps used to install
135. polipo.
136.  
137. When you ran the command "apt-get install tor tor-geoipdb" privoxy should be on your system, if for whatever reason it is not then run
138. the command "apt-get install privoxy"
139.  
140. Okay now go into the directory "/etc/privoxy" and locate the config file
141.  
142. root@bt:/etc/privoxy# ls -alt
143. total 200
144. drwxr-xr-x 149 root root 12288 2011-07-06 17:24 ..
145. drwxr-xr-x 2 root root 4096 2011-07-06 15:35 templates
146. drwxr-xr-x 3 root root 4096 2011-07-06 15:35 .
147. -rw-r--r-- 1 root root 51085 2010-01-17 23:09 config
148.  
149. Okay open privoxy with vi or whatever text editor you prefer and located the following line:
150.  
151. # forward-socks4 / socks-gw.example.com:1080 .
152.  
153. change that line to the following:
154.  
155. forward-socks4a / 127.0.0.1:9050 .
156.  
157. NOTE: THAT YES the "." at the end is needed
158.  
159. If this is a bit confusing for you then these are the general variables that are needed in the privoxy config file you can copy the
160. original privoxy config file to privconf-backup.txt like we did with polipo's config file earlier and make a new config file with these
161. options.
162.  
163. Example of Privoxy Config File.
164.  
165. forward-socks4a / 127.0.0.1:9050 .
166. confdir /etc/privoxy
167. logdir /var/log/privoxy
168. actionsfile standard
169. actionsfile default
170. actionsfile user
171. filterfile default.filter
172.  
173. debug 4096
174. debug 8192
175.  
176. user-manual /usr/share/doc/privoxy/user-manual
177. listen-address 127.0.0.1:8118
178. toggle 1
179. enable-remote-toggle 0
180. enable-edit-actions 0
181. enable-remote-http-toggle 0
182. buffer-limit 4096
183.  
184. Please remember that privoxy config file goes in /etc/privoxy/
185.  
186. After you modified the config file save and exit the file. Then you need to start privoxy with the following command:
187.  
188. run command: service privoxy start
189.  
190. You can check to make sure that privoxy is running correctly with the following commands that was showed earlier with Polipo.
191.  
192. ps aux |grep privoxy
193.  
194. netstat -ntl (look for localhost with ports 8118 and 9050
195.  
196. Thats it, privoxy should now be running smoothly you will just need to add a manual proxy setting in your web browser to start viewing
197. the web anonymously.
198.  
199.  
200. NOTE:
201. Before we configure foxyproxy with firefox open firefox and go to www.whatismyip.com and take not of your ip address. After we configure
202. foxyproxy to use polipo your ip address will never be the same! Are you excited ?
203.  
204. ####### Setting up firefox with tor
205.  
206. Okay load firefox
207.  
208. From firefox menu -> Tools -> Addons
209.  
210. From addons run a search for the following: FoxyProxy
211.  
212. FoxyProxy should be found right away and it is free do install the addon.
213.  
214. Once the foxyproxy addon has been installed on to firefox, you need to restart firefox by closing it and opening it up again. When you do
215. this a new tab should be open up with a foxyproxy web page being displayed.
216.  
217. Notice that a new icon has been added to firefox, you should see a fox with a circle around it crossed out (to the right of where you would
218. enter a web address) FoxyProxy is crossed out because it is not correctly configured yet.
219.  
220. Click on the fox icon
221.  
222. Click on the proxie tab and then click on "add new proxy"
223.  
224. From there what you want to do is add a proxie, but i am sure you are asking (what proxie do i add?)
225.  
226. If you know the answer to what proxie you should add then i am happy for you because you are getting the concept, and you are on your way!
227.  
228. Remember earlier when we ran the command "netstat -ntl" and got the following output
229.  
230.  
231. root@bt:/etc/init.d# netstat -ntl
232. Active Internet connections (only servers)
233. Proto Recv-Q Send-Q Local Address Foreign Address State
234. tcp 0 0 127.0.0.1:8118 0.0.0.0:* LISTEN
235. tcp 0 0 127.0.0.1:9050 0.0.0.0:* LISTEN
236. tcp 0 0 127.0.0.1:7175 0.0.0.0:* LISTEN
237. tcp6 0 0 ::1:7175 :::* LISTEN
238.  
239.  
240. This is why we run tor and polipo our proxie is running at 127.0.0.1 (localhost) on port 8118
241.  
242.  
243. So when we click "Add new proxy" on foxyproxy we are going to add the address 127.0.0.1 and add port 8118 it will ask us for a whitelist or
244. blacklist and these are websites that you either don't want to proxy or you do want to proxy for them, i choose to run the proxy for every
245. website, so i left that area blank, you will get a warning its okay just click okay.
246.  
247. Then just name your proxy whatever you like you can name your proxy "Tor" if you want to remind you that you are using tor.
248.  
249. In the top of the proxy menu is the "Select Mode" window and it is currently set at "don't use a proxie" and you want to set it at
250.  
251. Use Proxy "Tor" for all urls (use this setting to proxy every website you go to)
252.  
253. Now if all goes well you should see the foxyproxy icon in your firefox web browser turn blue and the circle with the cross out line should
254. be gone which means that foxyproxy is running.
255.  
256. For the test now go to www.whatismyip.com and see if your ip has changed, if your ip has changed you are now browsing the web anonymously!
257.  
258.  
259. Remember when we talked about purchasing proxies for even better privacy, if you want to instead of running tor on your computer you could
260. purchase one and use theirs, they tend not to be that expensive. It is up to you to research around which ones are the best. You have now
261. made it more difficult for websites and other people to track you will you browse the world wide web, congradulations!
262.  
263. If you have any other questions about tor or any other concerns that i did not cover here, always go to the website torproject.org they
264. also have great irc support that you can find at their website. I really hope this has helped you so far. Remember the setup is not much
265. different for windows, same concept.
266.  
267. ######## NOTE: WINDOWS USERS
268.  
269. go to this website for setting up tor on windows
270.  
271. https://www.torproject.org/docs/tor-doc-windows.html.en -> it will help i promise you
272.  
273.  
274. ######## NOTE LINUX USERS
275.  
276. If you would like a gui for using tor, linux provideds the app "Tork" which provides you with a graphical user interface for kde which
277. makes using tor and related apps a lot easier to use and manage. Tork is more than likely provided in your linux repo's so just run the
278. command "apt-get install tork' or "yum install tork" to install it. Again this app makes managing tork very easy.
279.  
280.  
281.  
282. ######## NEXT USING TOR WITH IRC
283.  
284. Everyone wants to be anonymous on the web, yet i am seeing a lot of questions today about being anonymous on irc. This has a couple of
285. issues. One a lot of irc networks don't support tor such as irc.freenode.org for example. If you have never been on irc.freenode.org it is a
286. great irc server dedicated to helping people with technical support for many different things.
287.  
288. NOTE: TOR does have scripts on their website to make connecting to irc servers easier, for example freenode. The link is provided in this
289. tutorial, just keep reading. Make sure to look for it.
290.  
291.  
292. ####### USING TOR WITH XCHAT
293.  
294. Setting up tor with xchat is not very difficult, you just need to configure a few options and you are good to go. Please remember to check
295. and see if the irc server you are trying to connect to supports tor.
296.  
297. Okay right click the window
298.  
299. Then go to setting -> preferences -> network -> network setup -> proxy server
300.  
301. Then enter the following:
302.  
303. Hostname: 127.0.0.1 NOTE: -> (enter the ip address, don't enter localhost)
304.  
305. Port: 9050 NOTE: -> (we are using tor not privoxy or polipo)
306.  
307. Type: Socks5 NOTE: -> (you can either use socks5 or socks4)
308.  
309.  
310. That is it, you are now able to use tor with irc, which means that your ip address for the most part will be protected from other users.
311. Not very difficult right? As i said before there are some cons to using tor on irc, however there are some advantages too, so it all
312. depends really on what your needs are. Next we will discuss how to use tor with irris, an irc text based client.
313.  
314.  
315. ######### USING TOR WITH IRSSI
316.  
317. Okay here we will show you how to use tor with irssi.
318.  
319. PROBLEM: you want to use irssi with tor but you also want ssl support, so you have encryption.
320.  
321. Okay well when you try to connect to an irc server with ssl and tor you are going to get errors about the SSL_Handshake failing. The reason
322. for this is because ssl_conncect is using https as its request and tor is not a http proxy, remember that is why we use privoxy and polipo.
323. So what do we do?
324.  
325. We need to use 'socat' to create a relay and then use this relay to connect to irc servers, i will show you...
326.  
327. run the following commands:
328.  
329. socat TCP4-LISTEN:5000,fork
330. SOCKS4A:127.0.0.1:irc.efnet.org:6697,socksport=9050 -> ( SEE WE CONNECT TO TOR AT PORT 9050, run netstat -ntl to check its running)
331. -> ( ALSO CHANGE THE IRC SSL SERVER 6697 TO WHATEVER YOU NEED TO )
332.  
333. now we just connect to localhost with irssi
334.  
335. start irssi then do /connect 127.0.0.1 5000
336.  
337. When you run irssi with tor you are going to get a lot of error warning and information leakage. To quiet this down so you are not getting
338. information leakage and other errors you can run this command on irssi:
339.  
340. /ignore * CTCPS
341.  
342.  
343. NOTE: You may want to run certain plugins like "torify irssi" for irc servers like freenode. Also, you may want to run sasl plugins with
344. DH-BLOWFISH encryption. To do that is fairly simple you just need to install the required plugins. Most linux distro's will have the plugins
345. so all you need to do is run "apt-get" or "yum install"
346.  
347.  
348. NOTE: for other users that want to run tor with other irc clients such as Mirc and BitchX please go to this website which gives excellent
349. instructions on how to setup tor with your favorite irc client.
350.  
351.  
352. https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IrcSilc#X-Chat -> (BE SURE TO GO TO THIS WEBSITE)
353.  
354.  
355. The above website is a great, please make sure to look at it if you have any further questions. They also provide scripts and plugins
356. to make irc with tor a lot easier for irc networks that don't support tor so make sure to check it out. They even offer tips to again
357. make things easier.
358.  
359.  
360. Thats a lot of work right? I know like i said its tradeoffs. Again, it all comes down to what you need.
361.  
362.  
363. When it comes to connecting to irc servers this is one of the best ways to be secure with ssl and anonymous (with tor).
364.  
365.  
366. ######## END
367.  
368. Well i hope this tutorial has been helpful for you, and i really hope it has answered a lot of questions out there. I want to give a big
369. shout out to the guys on irc.anonops.li in #antisec
370.  
371. You guys are why i do this....
372.  
373. If you have any questions you can find me in #antisec in irc.anonops.li
374.  
375. Take care everyone, again i hope this has been helful!
376.  
377. -gh0st