Wednesday, April 26, 2006

Browsing Web Anonymously using Privoxy and Tor

First we need to install two things Privoxy and Tor :

In my Mandrake 2006 System I installed using URPMI :

[root@localhost ~]# urpmi privoxy

ftp://distrib-coffee.ipsl.jussieu.fr/pub/linux/MandrivaLinux/official/2006.0 /i586/media/contrib/privoxy-3.0.3-6mdk.i586.rpm
installing privoxy-3.0.3-6mdk.i586.rpm from /var/cache/urpmi/rpms
Preparing... #############################################
1/1: privoxy #############################################
[root@localhost ~]# urpmi tor
To satisfy dependencies, the following 2 packages are going to be installed (1 M B):
libevent1-1.1-1mdk.i586
tor-0.1.0.15-1mdk.i586
Is this OK? (Y/n) Y

ftp://distrib-coffee.ipsl.jussieu.fr/pub/linux/MandrivaLinux/official/2006.0 /i586/media/main/libevent1-1.1-1mdk.i586.rpm
ftp://distrib-coffee.ipsl.jussieu.fr/pub/linux/MandrivaLinux/official/2006.0 /i586/media/contrib/tor-0.1.0.15-1mdk.i586.rpm
installing tor-0.1.0.15-1mdk.i586.rpm libevent1-1.1-1mdk.i586.rpm from /var/cach e/urpmi/rpms
Preparing... #############################################
1/2: libevent1 #############################################
2/2: tor #############################################
[root@localhost ~]#



You will configure your Browser to use Privoxy port which in turn forwards the request to Tor which is a Onion Router.

So what is Onion Router ?

Onion Routing prevents the transport medium from knowing who is communicating with whom -- the network knows only that communication is taking place. In addition, the content of the communication is hidden from eavesdroppers up to the point where the traffic leaves the OR network.


Add this line to /etc/privoxy/config (anywhere is fine, but line 1010 looks like the right place):

Step 1
File: /etc/privoxy/config

forward-socks4a / localhost:9050 .
# Don't forget the '.' at the end!


Step 2
File: /etc/privoxy/config

listen-address 192.168.0.1:8118

Note: If your firewall works by blocking ports (like mine), then you can tell Tor to only use the ports that your firewall permits by adding "FascistFirewall 1" to your torrc configuration file.

By default, when you set this Tor assumes that your firewall allows only port 80 and port 443 (HTTP and HTTPS respectively). You can select a different set of ports with the FirewallPorts option.

As of Tor 0.1.1.6-alpha, FascistFirewall and FirewallPorts replaced with a new config option:

ReachableAddresses *:80,*:443


As of Tor 0.1.1.14-alpha ReachableAddresses will be split in two:

ReachableDirAddresses *:80
ReachableORAddresses *:443

[root@localhost tor]# /etc/rc.d/init.d/privoxy start
Starting privoxy: [ OK ]
[root@localhost tor]# /etc/rc.d/init.d/tor start
Starting tor: [ OK ]


In your Browser you will you will use the IPaddress of Privoxy and Port as 8118

In our example it is 192.168.0.1:8118


Now the Browser connects to Privoxy on Port 8118 which in turn Forwards to Tor which Runs on Port 9050.

This Set Up is Good in Case if you are Constantly Facing DOS Attacks !!!