Why you should care about encrypting and anonymizing your internet traffic, and

1. Why you should care about encrypting and anonymizing your internet traffic, and how to build your very own Raspberry Pi TOR project.
2.  
3. RasPi AP
4.  
5. Steps
6. 1. Image Raspbian onto your SD card
7. 2. Expand the volume
8. -- Open Terminal
9. -- "sudo raspi-config"
10. -- Select option 1
11.  
12. 3. Change the default password
13. -- Select option 2
14.  
15. ** RasPi will Reboot
16.  
17. 4. Turn your RasPi into an Access Point
18. * A GIT user by the name of "Harry Allerston" created a script to automate the process
19. -- Open Terminal
20. -- "git clone https://github.com/unixabg/RPI-Wireless-Hotspot.git"
21. -- "cd RPI-Wireless-Hotspot"
22. -- "sudo ./install"
23. -- "Y" to agree to terms
24. -- "Y" to use preconfigured DNS
25. -- "Y" to use Unblock-Us DNS servers
26. -- "N" for WiFi defaults
27. -- Type in a new WiFi password (it will be checked)
28. -- Type in a new SSID
29. -- Type in your desired WiFi channel (1, 6, 11)
30. -- Type "N" when asked - "Are you using a rtl871x chipset?" --
31. -- Type "N" for chromecast support (unless you plan to use a chromecast w/RasTor)
32.  
33. ** Your Pi will reboot
34.  
35. 5. Update your Raspbian installation
36. - Open Terminal
37. - "sudo apt-get update"
38. * "apt-get" is a diagnostic tool that updates all packages and checks for broken dependencies
39.  
40.  
41.  
42. What's in your traffic stream?
43.  
44. Why should we care about encrypting/anonymizing our traffic?
45.  
46. The easiest way to explain this is to show you what can be seen by your ISP.
47.  
48. Parts and Tools
49. 1. "SharkTap" Gigabit Network Sniffer ~$180 https://www.amazon.com/midBit-Technologies-LLC-100-1000/dp/B0175EODCE/ref=sr_1_1?ie=UTF8&qid=1491429802&sr=8-1&keywords=shark+tap
50. 2. Wireshark (Windows and OSX) FREE https://www.wireshark.org/
51.  
52. RasPi TOR
53.  
54. Steps
55. 6. Install TOR
56. -- "sudo apt-get install tor"
57. -- "Y" on "continue?"
58.  
59. 7. Configure TOR
60. -- "sudo nano /etc/tor/torrc"
61. -- Add the following just below the first set of comments
62. Log notice file /var/log/tor/notices.log
63. VirtualAddrNetwork 10.192.0.0/10
64. AutomapHostsSuffixes .onion,.exit
65. AutomapHostsOnResolve 1
66. TransPort 9040
67. TransListenAddress 192.168.42.1
68. DNSPort 53
69. DNSListenAddress 192.168.42.1"
70.  
71. 8. Dump all the old rules from the iptable
72. -- "sudo iptables -F"
73. -- "sudo iptables -t nat -F"
74. * iptables lets you configure the rules of the Linux Kernel Firewall.
75. * It allow you to define how packets are treated
76. * We're using it to route traffic through TOR
77.  
78. 9. Route DNS through the TOR
79. -- "sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53"
80.  
81. 10. Route all TCP traffic through the TOR
82. -- "sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040"
83.  
84. 11. Check your routes
85. -- "sudo iptables -t nat -L"
86.  
87. 12. Save our new rules to the NAT table
88. "sudo sh -c "iptables-save > /etc/iptables.ipv4.nat""
89.  
90. 13. Create log file
91. -- "sudo touch /var/log/tor/notices.log"
92. * "touch" creates an empty file
93. -- "sudo chown debian-tor /var/log/tor/notices.log"
94. * "chown" changes the ownership of a fille (so that TOR can use it)
95. -- "sudo chmod 644 /var/log/tor/notices.log"
96. * "chmod" is the "change mode" command - it changes permissions
97. *** 600 : Only owner can read/write
98. *** 644 : Only owner can write, others can read
99. *** 666 : All uses can read/write.
100.  
101. 14. Start the TOR service
102. -- "sudo service tor start"
103.  
104. 15. Check to see if the service is running
105. -- "sudo service tor status"
106.  
107. 16. Change the service to start on boot
108. -- "sudo update-rc.d tor enable"
109.  
110. Be Sure to Include this text in the notes!!!
111. "*** Install the WiFi Hotspot **
112. git clone https://github.com/unixabg/RPI-Wireless-Hotspot.git
113. cd RPI-Wireless-Hotspot
114. sudo ./install
115.  
116. ** Install TOR **
117. sudo apt-get install tor
118.  
119. ** Configure TOR **
120. sudo nano /etc/tor/torrc
121.  
122. ** Add the following to the config file **
123. Log notice file /var/log/tor/notices.log
124. VirtualAddrNetwork 10.192.0.0/10
125. AutomapHostsSuffixes .onion,.exit
126. AutomapHostsOnResolve 1
127. TransPort 9040
128. TransListenAddress 192.168.42.1
129. DNSPort 53
130. DNSListenAddress 192.168.42.1
131.  
132. ** Dump iptable **
133. sudo iptables -F
134. sudo iptables -t nat -F
135.  
136. ** Route DNS **
137. sudo iptables -t nat -A PREROUTING -i wlan0 -p udp --dport 53 -j REDIRECT --to-ports 53
138.  
139. ** Route TCP **
140. sudo iptables -t nat -A PREROUTING -i wlan0 -p tcp --syn -j REDIRECT --to-ports 9040
141.  
142. ** Check Routes **
143. sudo iptables -t nat -L
144.  
145. ** Save routes **
146. sudo sh -c ""iptables-save > /etc/iptables.ipv4.nat""
147.  
148. ** Create Log File **
149. sudo touch /var/log/tor/notices.log
150. sudo chown debian-tor /var/log/tor/notices.log
151. sudo chmod 644 /var/log/tor/notices.log
152.  
153. ** Start TOR **
154. sudo service tor start
155.  
156. ** Check TOR **
157. sudo service tor status
158.  
159. ** Set TOR to start on boot **
160. sudo update-rc.d tor enable
161.  
162.  
163.  
164. Connect with us!
165.  
166. Don't forget to check out our large library of projects at https://twit.tv/shows/know-how.
167. Join our Google+ Community.
168. Tweet at us at @PadreSJ, @Cranky_Hippo, and @Anelf3.