19 Jan 2012

Installing and configuring Tor on Backtrack 5R1

Tor is free software and an open network that helps us defend against a form of network surveillance that threatens personal freedom and privacy, confidential  activities and relationships, and state security known as traffic analysis.

Privoxy "scrubs" (removes personal information from) the data it sends. But even Privoxy won't protect us from viruses, Java Script attacks, etc; and Privoxy can't do anything about text typed into forms. Stay aware, awake and alert.

Vidalia lets you start and stop Tor, see how much bandwidth you are consuming, see how many circuits you currently have active, see where these circuits are connected on a global map, view messages from Tor about its progress and current state, and let you configure your Tor client, bridge, or relay with a simple interface. Included in Vidalia is an extensive help system which helps you understand all of the options available to you.

In this blog article:

Installation of Tor and Privoxy
Privoxy configuration
Starting (and stopping) Privoxy
System wide configuration of clients
Starting and stopping Tor with Vidalia
Configuration per client
TorButton for Firefox
Performance: Optimisation of Firefox
Configuring console based application with proxychains
That's it for now. Enjoy!


Installation of Tor and Privoxy


You will first need to add the repository from which you wish to install Tor and Privoxy. Open the /etc/apt/sources.list file (or your preferred config editor) with vi:

vi /etc/apt/sources.list


Press the A (shift a) key, press return, and add the following line:

deb http://deb.torproject.org/torproject.org lucid main



Click Esc to stop editing, then :wq [enter] or ZZ (shift zz) to write the changes to the file and quit vi.

Run the following commands:

gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -



During installation you will be asked whether you want to continue. If there are no strange warnings and it resembles this output, answer Y.

Run the following commands to install tor and privoxy:

apt-get update
apt-get install tor tor-geoipdb



apt-get install privoxy





Privoxy configuration


Open /etc/privoxy/config with vi (or your preferred config editor)

vi /etc/privoxy/config



Scroll down using the j or arrow down key (or other cursor movement way). In section 4.1, check that the listen address is 127.0.0.1:8118


If it is not, change it by pressing the A (shift a) key or i key (or any other insertion way), making the necessary changes, and pressing the esc key when you are done. Scroll down further to section 5.

When using socks5 on port %d, your application is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. So using Socks4A instead is a good idea. Read more on that here.

In section 5.2, set forward privoxy to TOR (Do NOT forget that point at the end)

forward-socks4a / 127.0.0.1:9050 .


The following two configuration changes are performance improvements.
In 6.4 change keep-alive-timeout 300 to keep-alive-timeout 600 and in 6.6 change socket-timeout 300 to socket-timeout 600:



Click Esc to stop editing, then :wq [enter] or ZZ (shift zz) to write the changes to the file and quit vi.


Starting (and stopping) privoxy


Run the command:

/etc/init.d/privoxy start


You can run the same command but then with "stop" instead of "start" if you wish to stop privoxy. If you do, and you have already configured clients, connections will be refused.


System wide configuration of clients


Configure your clients with IP address 127.0.0.1 and port 8118

Set system wide proxy on Gnome: System —>Preferences —> Network Proxy

Click radio button Manual Proxy configuration, check the "Use the same proxy for all protocols" and and enter 127.0.0.1 and 8118. Then click "Apply System Wide ..." button.



In KDE: System Settings —> Network Settings —> Proxy tab, then manually specify the system wide proxy settings.

Next is configuring your browser for using system wide proxy settings:
With IE, Opera and Safari there are too many ways that our privacy can be breached, and because of their closed design it is really hard to do anything about such privacy problems, hence the focus on Firefox and Konquerer.

Konqueror uses the KDE system wide proxy settings.

In Firefox go to Edit —> Preferences —> Advanced tab —> Connection (Click Settings ... button)



Check that it's working:

https://check.torproject.org/



If it doesn't work, maybe this faq helps.


Starting and Stopping Tor with Vidalia


Install Vidalia:

apt-get install vidalia


Start up the Vidalia GUI in Applications —> Internet



It takes a while for it to make the initial connection.

Note: If you stop Tor while using system wide settings, you also have to change these back to "direct connection" or else connections are refused.

Note: Vidalia hogs resources.


Configuration per client


We've got Tor, Privoxy and Tor installed and tested now. And if like me, you want more finegrained control over when to use Tor and when not, configure Tor proxy settings per client.

Change your system wide proxy settings back to direct connection.



Tor Button for Firefox


You can use TorButton to toggle Tor on and off while browsing. TorButton is no longer available as Firefox extension from the add-ons:
[...] because we don't have enough developer resources to keep up with the accelerated Firefox release schedule, the toggle model of Torbutton is no longer recommended. [...]
But you can install the button from The Tor Project: Current stable version is 1.4.5.1 (17 Dec 2011). Click to install from this website. Verify the signature.

There is now a little onion next to your address bar. Go to your installed browser add-ons and change the settings:



You can now toggle Tor on and off in your browser. Have a look at what else is in the other tabs. Lots of nifty stuff to help you be safe(r) on the internet. May your control freak run wild!


Performance: Optimisation of Firefox


Tor is notoriously known for being slow. And we can do something about that!


Run about:config from the address bar of your browser. Be careful. :D



The variables are listed in alphabetical order. Scroll down to the items starting with network.http... and change (if need be) the following variables:

network.http.keep-alive true
network.http.keep-alive.timeout 600
network.http.max-connections 30
network.http.max-connections-per-server 15
network.http.max-persistent-connections-per-proxy 16
network.http.max-persistent-connections-per-server 6
network.http.pipelining true
network.http.pipelining.maxrequests 8
network.http.pipelining.ssl true
network.http.proxy.keep-alive true
network.http.proxy.pipelining true

You can change a variable by rightclicking on its line. The result looks like this:



Restart your browser for the changes to take effect.


Configuring console-based applications with proxychains


For using Tor with console based "clients", applications that do not have any settings for adding proxy addresses, add the command “proxychains” in front of your commands. We also add elinks, Elinks, a 'text-browser' that makes it possible to browse the internet without displaying images (Images and other media like pdf's can optionally be displayed).

Install proxychains:

apt-get install proxychains
apt-get install elinks


Open /etc/proxychains.conf with vi and check the following line exists (if not, add it):

socks4 127.0.0.1 9050


Check that it works by running the following commands and comparing results:

proxychains elinks cmyip.com 


and

elinks cmyip.com 


Now you can anonymously run Nmap anysite.com with the following command:

proxychains nmap anysite.com



That's it for now. Enjoy!


If you can't get it to work or if you have questions, or suggestions for improvement of this blog article, let me know.

2 comments:

  1. Im having a problem with the Socks4a part of your tutorial. I follow all your steps to a tea but i get the following message when I run privoxy by changing the way I connect through the internet I get the following message

    Privoxy was unable to socks4a-forward your request http://www.google.com/ through 127.0.0.1: connect_to failed: see logfile for details

    error 503.

    ReplyDelete
  2. Followed your tutorial and on the apt-get install I get errors.... Any idea??

    root@lp:/tmp# apt-get install tor tor-geoipdb
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    Package tor is not available, but is referred to by another package.
    This may mean that the package is missing, has been obsoleted, or
    is only available from another source
    E: Package tor has no installation candidate
    --------------------------------------------------------------

    ReplyDelete