19 Jan 2012

Installing and configuring Tor on Backtrack 5R1

Tor is free software and an open network that helps us defend against a form of network surveillance that threatens personal freedom and privacy, confidential  activities and relationships, and state security known as traffic analysis.

Privoxy "scrubs" (removes personal information from) the data it sends. But even Privoxy won't protect us from viruses, Java Script attacks, etc; and Privoxy can't do anything about text typed into forms. Stay aware, awake and alert.

Vidalia lets you start and stop Tor, see how much bandwidth you are consuming, see how many circuits you currently have active, see where these circuits are connected on a global map, view messages from Tor about its progress and current state, and let you configure your Tor client, bridge, or relay with a simple interface. Included in Vidalia is an extensive help system which helps you understand all of the options available to you.

In this blog article:

Installation of Tor and Privoxy
Privoxy configuration
Starting (and stopping) Privoxy
System wide configuration of clients
Starting and stopping Tor with Vidalia
Configuration per client
TorButton for Firefox
Performance: Optimisation of Firefox
Configuring console based application with proxychains
That's it for now. Enjoy!

Installation of Tor and Privoxy

You will first need to add the repository from which you wish to install Tor and Privoxy. Open the /etc/apt/sources.list file (or your preferred config editor) with vi:

vi /etc/apt/sources.list

Press the A (shift a) key, press return, and add the following line:

deb http://deb.torproject.org/torproject.org lucid main

Click Esc to stop editing, then :wq [enter] or ZZ (shift zz) to write the changes to the file and quit vi.

Run the following commands:

gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | apt-key add -

During installation you will be asked whether you want to continue. If there are no strange warnings and it resembles this output, answer Y.

Run the following commands to install tor and privoxy:

apt-get update
apt-get install tor tor-geoipdb

apt-get install privoxy

Privoxy configuration

Open /etc/privoxy/config with vi (or your preferred config editor)

vi /etc/privoxy/config

Scroll down using the j or arrow down key (or other cursor movement way). In section 4.1, check that the listen address is

If it is not, change it by pressing the A (shift a) key or i key (or any other insertion way), making the necessary changes, and pressing the esc key when you are done. Scroll down further to section 5.

When using socks5 on port %d, your application is giving Tor only an IP address. Applications that do DNS resolves themselves may leak information. So using Socks4A instead is a good idea. Read more on that here.

In section 5.2, set forward privoxy to TOR (Do NOT forget that point at the end)

forward-socks4a / .

The following two configuration changes are performance improvements.
In 6.4 change keep-alive-timeout 300 to keep-alive-timeout 600 and in 6.6 change socket-timeout 300 to socket-timeout 600:

Click Esc to stop editing, then :wq [enter] or ZZ (shift zz) to write the changes to the file and quit vi.

Starting (and stopping) privoxy

Run the command:

/etc/init.d/privoxy start

You can run the same command but then with "stop" instead of "start" if you wish to stop privoxy. If you do, and you have already configured clients, connections will be refused.

System wide configuration of clients

Configure your clients with IP address and port 8118

Set system wide proxy on Gnome: System —>Preferences —> Network Proxy

Click radio button Manual Proxy configuration, check the "Use the same proxy for all protocols" and and enter and 8118. Then click "Apply System Wide ..." button.

In KDE: System Settings —> Network Settings —> Proxy tab, then manually specify the system wide proxy settings.

Next is configuring your browser for using system wide proxy settings:
With IE, Opera and Safari there are too many ways that our privacy can be breached, and because of their closed design it is really hard to do anything about such privacy problems, hence the focus on Firefox and Konquerer.

Konqueror uses the KDE system wide proxy settings.

In Firefox go to Edit —> Preferences —> Advanced tab —> Connection (Click Settings ... button)

Check that it's working:


If it doesn't work, maybe this faq helps.

Starting and Stopping Tor with Vidalia

Install Vidalia:

apt-get install vidalia

Start up the Vidalia GUI in Applications —> Internet

It takes a while for it to make the initial connection.

Note: If you stop Tor while using system wide settings, you also have to change these back to "direct connection" or else connections are refused.

Note: Vidalia hogs resources.

Configuration per client

We've got Tor, Privoxy and Tor installed and tested now. And if like me, you want more finegrained control over when to use Tor and when not, configure Tor proxy settings per client.

Change your system wide proxy settings back to direct connection.

Tor Button for Firefox

You can use TorButton to toggle Tor on and off while browsing. TorButton is no longer available as Firefox extension from the add-ons:
[...] because we don't have enough developer resources to keep up with the accelerated Firefox release schedule, the toggle model of Torbutton is no longer recommended. [...]
But you can install the button from The Tor Project: Current stable version is (17 Dec 2011). Click to install from this website. Verify the signature.

There is now a little onion next to your address bar. Go to your installed browser add-ons and change the settings:

You can now toggle Tor on and off in your browser. Have a look at what else is in the other tabs. Lots of nifty stuff to help you be safe(r) on the internet. May your control freak run wild!

Performance: Optimisation of Firefox

Tor is notoriously known for being slow. And we can do something about that!

Run about:config from the address bar of your browser. Be careful. :D

The variables are listed in alphabetical order. Scroll down to the items starting with network.http... and change (if need be) the following variables:

network.http.keep-alive true
network.http.keep-alive.timeout 600
network.http.max-connections 30
network.http.max-connections-per-server 15
network.http.max-persistent-connections-per-proxy 16
network.http.max-persistent-connections-per-server 6
network.http.pipelining true
network.http.pipelining.maxrequests 8
network.http.pipelining.ssl true
network.http.proxy.keep-alive true
network.http.proxy.pipelining true

You can change a variable by rightclicking on its line. The result looks like this:

Restart your browser for the changes to take effect.

Configuring console-based applications with proxychains

For using Tor with console based "clients", applications that do not have any settings for adding proxy addresses, add the command “proxychains” in front of your commands. We also add elinks, Elinks, a 'text-browser' that makes it possible to browse the internet without displaying images (Images and other media like pdf's can optionally be displayed).

Install proxychains:

apt-get install proxychains
apt-get install elinks

Open /etc/proxychains.conf with vi and check the following line exists (if not, add it):

socks4 9050

Check that it works by running the following commands and comparing results:

proxychains elinks cmyip.com 


elinks cmyip.com 

Now you can anonymously run Nmap anysite.com with the following command:

proxychains nmap anysite.com

That's it for now. Enjoy!

If you can't get it to work or if you have questions, or suggestions for improvement of this blog article, let me know.


  1. Im having a problem with the Socks4a part of your tutorial. I follow all your steps to a tea but i get the following message when I run privoxy by changing the way I connect through the internet I get the following message

    Privoxy was unable to socks4a-forward your request http://www.google.com/ through connect_to failed: see logfile for details

    error 503.

  2. Followed your tutorial and on the apt-get install I get errors.... Any idea??

    root@lp:/tmp# apt-get install tor tor-geoipdb
    Reading package lists... Done
    Building dependency tree
    Reading state information... Done
    Package tor is not available, but is referred to by another package.
    This may mean that the package is missing, has been obsoleted, or
    is only available from another source
    E: Package tor has no installation candidate