Totseans

Tag: TOR

  • Proxify Any Application – Miseryland

    This is a repost of a post by Miseryland from tM back in early 2008, which was then reposted again on tM sometime last year. Despite the reposting, it still works, so I thought I’d throw it up here. Unfortunately the images are broken, but if you know anything about computers you should still be able to follow the tutorial successfully. This is posted WITHOUT his permission, because I’m a badass motherfucker.

    Upon another short inspection, it would seem that the grammar used in this guide resembles that of a small child. I went through and fixed the links myself, and tried to polish things up a little, but it’s still fairly basic and lame. Read it if you wish, and good luck with getting a result.

    This is a short writeup on how to anonymise your intertubes with tor.

    Quote:
    Warning: Want Tor to really work?…then please don’t just install it and go on. You need to change some of your habits, and reconfigure your software!
    – Tor by itself is NOT all you need to maintain your anonymity. There are several major pitfalls to watch out for:

    * 1. Tor only protects Internet applications that are configured to send their traffic through Tor
    — it doesn’t magically anonymize all your traffic just because you install it. We recommend you use Firefox with the Torbutton extension.

    * 2. Browser plugins such as Java, Flash, ActiveX, RealPlayer, Quicktime, Adobe’s PDF plugin, and
    – others can be manipulated into revealing your IP address. You should probably uninstall your plugins
    – (go to “aboutlugins” to see what is installed), or investigate QuickJava, FlashBlock, and NoScript if
    – you really need them. Consider removing extensions that look up more information about the websites you type
    – in (like Google toolbar), as they may bypass Tor and/or broadcast sensitive information. Some people prefer
    – using two browsers (one for Tor, one for unsafe browsing).

    * 3. Beware of cookies: if you ever browse without Tor and Privoxy and a site gives you a cookie, that cookie
    – could identify you even when you start using Tor again. You should clear your cookies frequently.
    – CookieCuller can help protect any cookies you do not want to lose.

    * 4. Tor anonymizes the origin of your traffic, and it encrypts everything inside the Tor network, but it can’t
    – encrypt your traffic between the Tor network and its final destination. If you are communicating sensitive information,
    – you should use as much care as you would on the normal scary Internet — use HTTPS or other end-to-end encryption and authentication.

    * 5. While Tor blocks attackers on your local network from discovering or influencing your destination,
    – it opens new risks: malicious or misconfigured Tor exit nodes can send you the wrong page,
    – or even send you embedded Java applets disguised as domains you trust.

    The good thing is while tor is INTENDED to anonymise general internet surfing, it can me made to anonymise all/some traffic with some effort.

    • Install the whole package, and run tor INDEPENDENTLY of the vidala bundle

    START>Programs>Vidala bundle>tor>tor.exe

    This means that the tor client is running, YOU ARE NOT ANONYMOUS YET!

    So you have a working tor client, now what?

    When you search for tor you will find plugins, but these things are application sensitive, ie tor plugins for Firefox, and whatnot. What you want is to torrify specific applications that you specify, ever seen a tor plugin for lindens SL client? didn’t think so!

    So you want proxifier, a purely epic win product that will torrify any software you specify, get it here or torrent it.

    Install it normally, and set these settings to it…

    Quote:
    Options>Proxy settings.
    hit the add button and add these settings.
    server address= localhost
    Port = 9050
    Protocol= socks 5

    So now you have the tor client installed, and proxifier configured to tors default settings, you think your ready to hax the planet? enjoy your V&!

    While tor is running and proxifier will torrify any application you specify, we havn’t specified any applications yet!

    ok, so now you should have the tor client running and proxifier configured to your local tor clients settings, time to torrify some applications
    For simplicity’s sake im going to torrify ie here, but this applies to any program, remember though, that its specific to the app you configure.

    ie torrifying internet explorer will torrify internet explorer and that’s it.
    If you torrify ie, and go to a site that inits flash, it will show your ip because flash is a separate program to ie and is being executed
    independently to ie.
    Know your target first, then configure your torrification rules appropriately.
    if it calls flash, then proxify both ie and flash.

    Proxifier rules being written for IE
    OPTIONS>PROXIFICATION RULES
    then ADD>name rule>ADD>APPLICATIONEXECUTABLE

    NAO ITS TIME TO START THE SERIOUS BUSINESS MACHINE!

    • Close ALL things thats going to be used, in this example TOR PROXIFIER AND IE.
    • Start tor and when it is running like so
    • Good, now MINIMIZE TOR, and start PROXIFIER
    • OH look, tor and proxifier working hand in hand to torrify ie!

    Proxifier and tor is now running, so lets fire up IE and go to…

    www.whatismyipaddress.com

    The results?

    You are now anonymous.

    This informative guide was brought to you by Miseryland

    Discuss  http://www.totse.info/bbs/showthread.php?t=8745

  • A Guide To Using TOR

    A Guide To Using TOR

    Here is an informative guide on using TOR, and choosing your own nodes to work with to allow better anonymity. This guide was dug up from my old tM shit which I saved, and was written by slim-ov-derby.

    Now most of you will know about tor, if you don’t then I recommend reading this site;
    http://www.torproject.org/

    The thing is you can’t just download it, let it run and expect to be as anonymous as you think. yes Tor selects the best routers of its own, but if you actually check you’ll find that alot of them are in the US and Germany. If you have 3, hell even 2 nodes from the same country and range then the traffic is easily correlated; also the exit nodes are not encrypted and the entry node knows your IP, so imagine how easy it would be for them if they were in the same country.

    To make sure you don’t get a bad circuit you want to edit the torrc file.
    Not all nodes are always available so you’ll have to keep checking to see which ones are available.
    https://torstat.xenobite.eu/
    (and the link whilst using Tor: http://eodys67qpzyvyxm5.onion/torstat/)
    Or you can check them in the view network window if you use vidalia.

    Also this link lists all of the suspicious nodes that have been blacklisted by Tor as stings, I’ll explain what to do with this later.
    http://en.linuxreviews.org/Bad_Tor_exit_servers

    Now on with choosing the nodes.

    The first nodes you choose will be the entry nodes, choose fast ones; if you’re using vidalia (which I recommend) then you can see their speeds in the view network window, you can sort them by speed. Choose fast nodes that are in a foreign country (you actually never want to use any node that is in your origin country anywhere in your circuit).
    EntryNodes node1,node2,etc

    Now you want to specify only the nodes you wrote above will be used or Tor will use other nodes if yours are down.
    Do this by adding this line to your file;
    StrictEntryNodes 1

    Now you’ll want to choose your exit nodes. I recommend choosing Russian, Ukrainian or Japanese nodes if you can get any, they are unlikely to be interested in what you’re doing. I recommend staying away from Nigerian nodes, as while they won’t give a fuck about what you’re doing they will be sniffing for passwords and login details. Too choose your nodes add this line;
    ExitNodes node3,node4,etc

    Like with entry nodes, specify to only use these ones you’ve chosen.
    StrictExitNodes 1

    Now we want to add the nodes that we never want to be used in a circuit; these will include nodes from your own country, unnamed nodes and any that are acting suspiciously. There are plenty of Tor forums out there on the entwork that discuss these type of nodes as well, so keep an eye out.
    ExcludeNodes node5,node6,etc

    Note that the node1,node2 etc should be changed to the actual names of your nodes. I know most of you would know this, but there are some idiots who would just c/p everything from this into their file.

    Going back to what I said earlier about the entry and exit nodes being in the same country; make sure they’re not.

    You can’t choose middle nodes, so just be careful and keep any eye ou. The middle node doesn’t know who you are or what you’re doing though.

    Once the file is edited and saved, restart Tor so the changes work. Go and check that your IP is changed (http://www.ip-adress.com/ip_tracer/).

    If it still uses unwanted nodes then delete the router-cache and restart Tor.

    C:\Documents and Settings\loginname\Application Data\Tor\
    Delete the cached-status, cached-routers and cached-routers.new files.

    Always b on the look out to see if your nodes are still up and which ones are available. Like with your proxies, you should change them regularly.

    If you’re still paranoid and want that great deniabilty factor in your favour (comes in great handy when downloading Certain Pornographic content) then run your own exit node.
    http://en.linuxreviews.org/HOWTO_setup_a_Tor-server

    Also coming for great deniability is truecrypt, and of course flash drives which can be disposed of or hidden easily. I’ll go into them at another time though.

    I will also say, like with other proxies, it will be wise to disable javascript and flash, or you could torrify them with the help of proxifier; but I won’t go into that, I recommend just disabling them.

    Tor is useless if you are logging into something that’s linked to you in ayway, shape or form from the same nodes; unless the account was created on Tor itself.

    If you want advice on settng up such applications like IRC and instant messengers through Tor then check this out
    http://www.hermann-uwe.de/blog/howto…-some-pitfalls

    In most cases it’s just about redirecting it to go through the port tor uses (9050)

    Server: 127.0.0.1
    Port: 8118
    socks 5 / server: localhost port: 9050

    It’s pretty simple.

    By the way, if you’re using eMule for any such things
    Empty out the incoming folder. It is not private. Companies search that folder for copyright violations along with your IP address.

    It helps you with the deniablity factor if it comes to that.

    I don’t recommend Tor for scams involving credit cards for the following reasons.

    A lot of tor nodes are blacklisted on sites where you place credit card orders. Even if you set your own nodes it’s not worth it to risk it. More availability to the area it is in with the actual sock proxies, which will help you. You want it to be constant wth that type of thing instead of changing from one location to the other. And if you have a 3, hell even 2 nodes from the same country and range then the traffic is easily correlated; and I’m sure you know the entry and exit nodes aren’t encrypted as well.

    Do not get me wrong, I love tor and use it as well as freenet and i2p each for individually different purposes; tor serves well in a lot of areas, just not for certain scams.

    If you’re going to torrent, please don’t use Tor for that, it puts a lot of strain on the server. Use i2p for torrents instead.

    Like with regular sock proxies, change your nodes regularly, keep them fresh like you would normal sock proxies.

    Discuss