Protecting your online privacy with tor

Posted by Steve on Thu 21 Apr 2005 at 18:32

Tor is a SOCKS proxy which allows you to surf the internet whilst protecting your IP address.

Tor is supported by the Electronic Frontier Foundation, and is a system of proxies which bounce your communications amongst a random set of hosts before sending it to your eventual destination.

This allows you to surf the internet, use chat clients, or connect to hosts without revealing your personal IP address - instead servers will see the IP address of the last node in the Tor network which your communications passed through.

Installing Tor is simple for Testing or Unstable Debian machines is simple:

apt-get install tor

Once the package is installed you will have a SOCKS proxy running on your local machine, listing for incoming connections on port 9050.

The server will start automatically when your machine boots thanks to the startup file /etc/init.d/tor, and can be tweaked via the files in /etc/tor.

To actually make use of the software you will need to change your software's proxy settings. Instead of having your browser connected directly to the internet you should adjust your proxy server settings.

For firefox you do this by:

• Opening the settings via the menu option "Edit | Preferences".
• Selecting the "General" icon on the left hand side.
• Clicking upon the "Connection Settings" button.
• Choosing "Manual proxy configuration" from the list at the top.
• Entering "localhost" and "9050" in the "SOCKS Host" section.
• Clicking "OK" to close the window, and again to close the preferences.

Other software can be setup in a similar manner, including Gaim (the chat client).

Once you've finished setting up the client(s) that you are using you can test it to make sure that it is indeed hiding your IP address. One simple way of doing this is attempting to point a web browser at an online site such as http://WhatIsMyIPAddress.com.

If everything is working correctly you should see your IP address listed as something other than your own - it will be a random address belonging to the last Tor node your connection passed through.

Of course just because you're anonymous you shouldn't abuse the software by doing malicious things with it. Just think of it as an additional layer of privacy for your online activities.

To make the software more useful for applications you can setup an installation of another proxy server, such as privoxy, or squid, and forward that installation to the tor server. This will allow you to use the tor network with clients which don't support SOCKS proxies - but that's a more advanced setup which I'm not going to discuss here.

This article can be found online at the Debian Administration website at the following bookmarkable URL (along with associated comments):

• http://www.debian-administration.org/article/Protecting_your_online_privacy_with_tor

This article is copyright 2005 Steve - please ask for permission to republish or translate.