Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Why you should care about encrypting and anonymizing your internet traffic, and how to build your very own Raspberry Pi TOR project.
- RasPi AP
- Steps
- 1. Image Raspbian onto your SD card
- 2. Expand the volume
- -- Open Terminal
- -- "sudo raspi-config"
- -- Select option 1
- 3. Change the default password
- -- Select option 2
- ** RasPi will Reboot
- 4. Turn your RasPi into an Access Point
- * A GIT user by the name of "Harry Allerston" created a script to automate the process
- -- Open Terminal
- -- "git clone https://github.com/unixabg/RPI-Wireless-Hotspot.git"
- -- "cd RPI-Wireless-Hotspot"
- -- "sudo ./install"
- -- "Y" to agree to terms
- -- "Y" to use preconfigured DNS
- -- "Y" to use Unblock-Us DNS servers
- -- "N" for WiFi defaults
- -- Type in a new WiFi password (it will be checked)
- -- Type in a new SSID
- -- Type in your desired WiFi channel (1, 6, 11)
- -- Type "N" when asked - "Are you using a rtl871x chipset?" --
- -- Type "N" for chromecast support (unless you plan to use a chromecast w/RasTor)
- ** Your Pi will reboot
- 5. Update your Raspbian installation
- - Open Terminal
- - "sudo apt-get update"
- * "apt-get" is a diagnostic tool that updates all packages and checks for broken dependencies
- What's in your traffic stream?
- Why should we care about encrypting/anonymizing our traffic?
- The easiest way to explain this is to show you what can be seen by your ISP.
- Parts and Tools
- 1. "SharkTap" Gigabit Network Sniffer ~$180 https://www.amazon.com/midBit-Technologies-LLC-100-1000/dp/B0175EODCE/ref=sr_1_1?ie=UTF8&qid=1491429802&sr=8-1&keywords=shark+tap
- 2. Wireshark (Windows and OSX) FREE https://www.wireshark.org/
- RasPi TOR
- Steps
- 6. Install TOR
- -- "sudo apt-get install tor"
- -- "Y" on "continue?"
- 7. Configure TOR
- -- "sudo nano /etc/tor/torrc"
- -- Add the following just below the first set of comments
- Log notice file /var/log/tor/notices.log
- VirtualAddrNetwork 10.192.0.0/10
- AutomapHostsSuffixes .onion,.exit
- AutomapHostsOnResolve 1
- TransPort 9040
- TransListenAddress 192.168.42.1
- DNSPort 53
- DNSListenAddress 192.168.42.1"
- 8. Dump all the old rules from the iptable
- -- "sudo iptables -F"
- -- "sudo iptables -t nat -F"
- * iptables lets you configure the rules of the Linux Kernel Firewall.
- * It allow you to define how packets are treated
- * We're using it to route traffic through TOR
- 9. Route DNS through the TOR
- -- "sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53"
- 10. Route all TCP traffic through the TOR
- -- "sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040"
- 11. Check your routes
- -- "sudo iptables -t nat -L"
- 12. Save our new rules to the NAT table
- "sudo sh -c "iptables-save > /etc/iptables.ipv4.nat""
- 13. Create log file
- -- "sudo touch /var/log/tor/notices.log"
- * "touch" creates an empty file
- -- "sudo chown debian-tor /var/log/tor/notices.log"
- * "chown" changes the ownership of a fille (so that TOR can use it)
- -- "sudo chmod 644 /var/log/tor/notices.log"
- * "chmod" is the "change mode" command - it changes permissions
- *** 600 : Only owner can read/write
- *** 644 : Only owner can write, others can read
- *** 666 : All uses can read/write.
- 14. Start the TOR service
- -- "sudo service tor start"
- 15. Check to see if the service is running
- -- "sudo service tor status"
- 16. Change the service to start on boot
- -- "sudo update-rc.d tor enable"
- Be Sure to Include this text in the notes!!!
- "*** Install the WiFi Hotspot **
- git clone https://github.com/unixabg/RPI-Wireless-Hotspot.git
- cd RPI-Wireless-Hotspot
- sudo ./install
- ** Install TOR **
- sudo apt-get install tor
- ** Configure TOR **
- sudo nano /etc/tor/torrc
- ** Add the following to the config file **
- Log notice file /var/log/tor/notices.log
- VirtualAddrNetwork 10.192.0.0/10
- AutomapHostsSuffixes .onion,.exit
- AutomapHostsOnResolve 1
- TransPort 9040
- TransListenAddress 192.168.42.1
- DNSPort 53
- DNSListenAddress 192.168.42.1
- ** Dump iptable **
- sudo iptables -F
- sudo iptables -t nat -F
- ** Route DNS **
- sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
- ** Route TCP **
- sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
- ** Check Routes **
- sudo iptables -t nat -L
- ** Save routes **
- sudo sh -c ""iptables-save > /etc/iptables.ipv4.nat""
- ** Create Log File **
- sudo touch /var/log/tor/notices.log
- sudo chown debian-tor /var/log/tor/notices.log
- sudo chmod 644 /var/log/tor/notices.log
- ** Start TOR **
- sudo service tor start
- ** Check TOR **
- sudo service tor status
- ** Set TOR to start on boot **
- sudo update-rc.d tor enable
- Connect with us!
- Don't forget to check out our large library of projects at https://twit.tv/shows/know-how.
- Join our Google+ Community.
- Tweet at us at @PadreSJ, @Cranky_Hippo, and @Anelf3.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement