Tor - Anonymity and Circumvention
-
Upload
hossam-el-hamalawy -
Category
Documents
-
view
262 -
download
2
Transcript of Tor - Anonymity and Circumvention
Tor - anonymity and circumvention
Tor is designed to increase the anonymity of your activities on the Internet. It disguises your identity and protects your online activities from
many forms of Internet surveillance. Tor can also be used to bypass Internet filtering.
Homepage
https://www.torproject.org
Computer Requirements
All Windows Versions
an Internet connection
Works best with Mozilla
Firefox
Versions used in this guide
Tor: 0.2.0.32
Vidalia: 0.1.10
TorButton: 1.2.0
Installing Tor
Follow any program-specific directions in theGuideIf there are none, simply click the link belowand choose a location to save the installerFind the installer on your computer anddouble-click it
Tor:
License
Free and Open-Source Software
Required Reading
How-to Booklet Chapter 8. How to Bypass Internet Censorship and Publish Information Anonymously on the Web
Level: 1: Beginner, 2: Average, 3: Intermediate and 4: Experienced, 5: Advanced
Time required to start using these tools: 20 - 30 minutes
What you will get in return:
The ability to hide your digital identity from the websites you visit
The ability to hide your online destinations from Internet Service Providers and national surveillance mechanisms
The ability to bypass Internet censorship and filtering rules
1.1 Things you should know about this tool before you start
Tor is a software tool designed to increase the anonymity of your activities on the Internet. It disguises your identity and your online activities
from many forms of Internet surveillance technology. Whether or not anonymity is important to you, Tor can also be useful as a secure means
of bypassing Internet censorship in order to access or publish blogs and news reports.
Tor protects your anonymity by routing communications through a distributed network of servers run by volunteers from all over the world. This
prevents anyone who may be watching your Internet connection from learning what sites you visit, and it prevents those sites from learning
your physical location. As for the Tor volunteers themselves, some of them may learn that you are using Tor, and others may learn that
somebody is accessing the sites you visit, but none of them can learn both.
Tor can disguise your attempts to connect to a particular website, but it was not designed to hide the content of your online communication. As
a result, it can add an additional layer of protection when used with secure services like !RiseUp and Gmail, but should not be used to access
insecure webmail providers, such as Hotmail and Yahoo, or any website that accepts your password over an insecure 'http' connection.
The Tor program is part of the Vidalia bundle. After installation, you will find four new programs on the computer:
Tor - the program itself, which allows you to use the Tor anonymity network
Vidalia - a graphical user interface (GUI) for Tor
Privoxy - a proxy program that improves your browser's ability to access the Internet through Tor
Torbutton - an add-on to the Firefox browser that allows you to easily enable and disable Tor
After installation, Tor, Privoxy and Vidalia will be automatically launched when your computer starts up. All three programs must be working in
order to use Tor effectively.
Definitions:
Port: In this chapter, a port is an access point through which software communicates with services running on other networked
computers. If a URL, such as www.google.com, gives you the 'street address' of a service, then the port tells you which 'door' to use
once you reach the correct destination. When browsing the Web, you typically use port 80 for insecure sites (http://mail.google.com) and
port 443 for secure ones (https://mail.google.com).
Proxy: In this chapter, a proxy is a software intermediary, running on your computer, on your local network or somewhere else on the
Internet, that helps to relay your communication toward its final destination.
Route: In this chapter, a route is the communication path on the Internet between your computer and the destination server.
Bridge Relay: A Bridge Relay is a tor server that can provide your first step into the Tor anonymity network. Bridges are optional, and
are designed for use by people who live in countries that block access to Tor.
How to Access the Tor Anonymity Network
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 1 of 13
After you have installed the Vidalia Bundle, you will notice new icons on the Desktop and in the Start menu. The Windows system tray
(located at the bottom right side of your screen) will feature the Privoxy icon and the Vidalia icon.
The Vidalia icon changes its appearance to indicate whether the Tor is running or not. Simply right-click this icon to either Stop Tor or StartTor.
Figure 1: The Vidalia system tray menu
When you stop the Tor service, the icon appears as follows:
You can also launch Privoxy and Vidalia from the Start menu by performing these two steps:
Step 1. Select: Start > Programs > Vidalia Bundle > Privoxy > Privoxy
Step 2. Select: Start > Programs > Vidalia Bundle > Vidalia
Before you continue, check that Privoxy and Vidalia are running and appear in the system tray.
2.1 The Vidalia Control Panel
The Vidalia Control Panel provides a graphical interface to the many features of Tor.
Figure 2: The Vidalia Control Panel
When launched, it will automatically attempt to connect to the Tor anonymity network. A progress bar will indicate the the status of the
connection attempt.
Figure 3: Status while Tor is starting up
Note: Tor must complete several tasks successfully before it connects to the anonymity network. Your initial attempt will take considerably
longer than future connections. This is because Tor takes some time to learn about the network and its features, then downloads necessary
information onto your computer.
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 2 of 13
If the connection attempt is successful, the following screen will appear:
Figure 4: The Tor Status section - Tor is running
If for some reason the connection is unsuccessful, please refer to Section 4: Troubleshooting Tor.
2.2 How to Browse the Internet using Tor
The next step, before you can begin browsing websites through Tor, is to configure your web browser. Please read one of the following
sections, depending on which browser you wish to use with Tor. We strongly recommend that you use the Mozilla Firefox browser.
2.2.1 Mozilla Firefox instructions
Step 1. Open Firefox.
You will notice that, after installing the Vidalia bundle, a new button appears in the bottom right-hand corner of your browser.
This is the Torbutton add-on, and you will use it to tell your browser whether to access websites through Tor or through a standard Internet
connection. When it is first installed, Torbutton is switched off and the label reads Tor Disabled.
Step 2. Click: the Torbutton to see it change to
Your browser is now configured to access webpages anonymously through Tor.
Tip: When you have finished browsing, be sure to delete your temporary Internet cache and cookies. This can be done in Firefox by selecting:
Tools > Clear Private Data, checking all available options in the presented screen and clicking the Clear Private Data Now button. For more
information, please refer to the Firefox Hands-on Guide.
2.2.2 Internet Explorer instructions
Note: Although you can use Tor with any web browser, you should avoid relying on Internet Explorer if anonymity is important to you. It is much
more difficult for others to reveal your identity when you use Firefox and the Torbutton add-on.
Step 1. Open the Internet Explorer web browser.
Step 2. Select: Tools > Internet Options to activate the Internet Options screen
Step 3. Click the Connections tab to activate the screen shown in Figure 5 below:
Figure 5: The Connections tab of the Internet Options screen
Step 4. Click the LAN Settings button to activate the Local Area Network (LAN) Settings screen as follows:
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 3 of 13
Figure 6: The Local Area Network (LAN) Settings.
Step 5. Check the Use a proxy server... option and click the Advanced button to activate the Proxy Settings screen.
Step 6. Complete the fields for the proxy settings as shown below in Figure 7:
Figure 7: Proxy settings in Internet Explorer
Step 7. Click the OK button three times, or until you return to the main screen of the browser.
Note: You will need to repeat steps 1 through 4 in order to stop using Tor. In place of Step 5 you should un-check the Use a proxy server...option.
Tip: When you have finished browsing, be sure to delete your temporary Internet cache and cookies. This can be done in Internet Explorer by
selecting: Tools > Internet Options and then clicking Delete Cookies, clicking OK, clicking Delete Files, clicking OK, clicking ClearHistory, clicking Yes, and clicking OK.
2.3 How to verify your connection to Tor
Step 1. Open the https://check.torproject.org/ website. It will confirm whether or not you are connected to the Tor anonymity network.
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 4 of 13
Figure 8: The 'Are you using Tor?' Mozilla Firefox screen
Congratulations! Your web browser is connected to the Internet through Tor. Websites that are blocked in your country will now be accessible,
and your online destinations will remain unknown to anyone who many be monitoring your Internet connection. You may also notice that some
webpages, such as [www.google.com], will occasionally assume that you are located in a different country. This is normal when using Tor.
If there is a problem with the Tor connection, you may see the following screen:
Figure 9: The Tor is not working screen
If you see this message, or if the webpage fails to display anything, please refer to section 4.0 Troubleshooting Tor.
Warning: If you are using any proxy service add-ons for Firefox (such as FoxyProxy), you should disable them before enabling the Torbutton,
otherwise Tor might not function properly.
The Vidalia Control Panel
The graphical user interface to the Tor program is accessible through the Vidalia Control Panel (Figure 2), which you have already used to startTor. Its other features will be explored below.
Double-click: to launch the Vidalia Control Panel
3.1 To view how your Tor connection is made
Click:
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 5 of 13
Figure 10: The Tor Network Map
The Tor Network Map displays all available Tor servers in the Relay list on the left. The Connection list, beneath the map, shows the names of
the randomly-chosen Tor servers through which your anonymous connection will pass. If you click on one of the rows in this list, your actual
route through the Tor network will be displayed on the map.
Note: This information is presented only to help demonstrate how Tor functions, so you do not have worry about understanding everything on
this screen.
3.2 To view and configure the program settings of Tor and Vidalia
Click:
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 6 of 13
Figure 11: The Settings screen in the Vidalia Panel
In the General tab, you can specify whether Vidalia should launch automatically when Windows starts up, and whether it should then start Tor.
You can leave both options selected as in Figure 11.
In the Appearance tab you can choose a language for the Vidalia interface. Other options in this window are described in the following sections.
3.3 To stop the Tor service from running
Click:
Figure 12: The Tor Status section - Tor is not running
Troubleshooting Tor
There are a number of reasons why Tor might not function properly. A few of the more common issues are described here, along with suggested
solutions. Before proceeding, make sure that all four programs included in the Vidalia bundle are installed and working properly. All of the
functions described in this section are accessible through the Vidalia Control Panel.
Note: One of the best ways to ensure that newly installed Windows software is working properly is simply to reboot your computer. A
surprisingly large number of common errors can be resolved this way!
4.1 How to View the Message Log
Any time Tor is running, even while it is attempting to make its initial connection, you can view its log messages. This can help you establish
whether the software is working and, if it is not, what might be causing the malfunction.
Click:
The Message Log that appears will look similar to Figure 13.
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 7 of 13
Figure 13: The Vidalia Message Log
This log shows that Tor has started. It will continue to display messages about how Tor is functioning. You should not be overly concerned
about the 'experimental software' warning. Despite what it says here, Tor is the most well-tested anonymity tool available. There are a few
important error messages that you should watch for, however, if you are having trouble with Tor:
connection_create_listener(): Could not bind to 127.0.0.1:9050: Address already in use. Is Tor already running?
This means that another Tor process has already began. The simplest solution in this instance would be to shut down Vidalia and restart the
computer.
Vidalia was unable to start Tor. Check your settings to ensure the correct name and location of your Tor executable is specified
This error occurs when Vidalia cannot find the Tor executable file, tor.exe. Search your computer for this file and specify its location in the
General tab of the Vidalia Settings window.
I have learned some directory information, but not enough to build a circuit
This message may appear repeatedly while Tor is first starting up, and may continue to appear for quite some time if you have a very slow
Internet connection. It simply means that Tor is still downloading information about the anonymity network.
When Tor is ready for you to use it, the log will will display the following message:
Tor has successfully opened a circuit. Looks like client functionality is working.
Figure 14: Tor has successfully connected message
This message indicates that Tor has established a path through its network and appears to be functioning correctly. If you are using Firefox,
you still have to enable Torbutton before you can browse websites anonymously. If you are using some other application, you must configure its
proxy settings so that it connects to the Internet through Tor.
If the log has failed to produce new information for fifteen minutes, after displaying an 'Opening Control listener' or 'Tor has learned some
directory information, but not enough to build a circuit' message, then you might need to adjust Tor's network settings. It is possible that your
current Internet connection requires you to use a particular Web proxy or that it blocks certain ports. It is also possible that your government or
ISP has begun blocking access to the Tor network.
4.2 Tor's Network Settings
There are a few steps that you may need to take if you find that Tor has stopped working properly or if it fails to connect when you first install
and run it. Try changing the network connection settings related to proxies, ports or Bridge Relays, as shown below.
Step 1. Stop the Tor service in Vidalia.
Step 2. Open the Vidalia Settings screen.
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 8 of 13
Step 3. Click:
Figure 15: The Settings screen in the Vidalia Control Panel
When you are done with these settings, click the OK button to close the Network Settings window, then Start the Tor service in Vidalia.
4.2.1 Using a network proxy
If you are required to use a proxy server to access the Internet, then specify its details in this window. In general, this is more common on
company and university networks, but proxies are occasionally required at Internet cafes, or even nationwide in some countries. If the
necessary proxy information is not clearly posted, you may have to ask a network administrator or someone else who is using the same
Internet connection.
Step 1. Check the I use a proxy to access the Internet option.
Step 2. Enter the proxy details into the fields provided:
Figure 16: The proxy details section
4.2.2 Port restrictions
Some network or computer settings may restrict access to certain ports. If you can browse websites normally, then you can rely on at least two
ports (80 and 443) being accessible. You can set Tor to work exclusively through these ports.
Step 1. Check the My firewall only lets met connect to certain ports option.
Step 2. The Allowed Ports field should already display '80,443', as shown in Figure 17 below:
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 9 of 13
Figure 17: The Firewall Settings section specifying open ports on the network
4.2.3 Using a Bridge Relay
If you still cannot connect to the Tor network, two options remain:
Option 1: Refer to the Tor FAQ wiki for suggestions.
Option 2: You may reside in one of the few countries that block Tor on the national Internet. In this case, you need to use a Bridge Relay toaccess Tor.
Bridges allow you to access the Tor anonymity network, even if it is blocked from within your country, by providing a hidden 'first step' into the
network. In order to use this feature, you must provide Tor with the location of at least one Bridge Relay. Ideally, you should enter three or more
Bridge addresses. If you know and trust someone who is already using a Bridge, you can learn this information from them. Or, you can use one
of two methods supported by the Tor Project's Bridge Database. First, you can send an email to [bridges |at| torproject |dot| org], from any
Gmail account, with the words "get bridges" in the body of your message. The database will reply with addresses for three bridges. (Remember,
you should only ever log into your Gmail account using the https://mail.google.com address!) As an alternative, you can visit the Bridge
Database website at https://bridges.torproject.org/ (while not using Tor) and it will display information about three different bridges.
Note: The Bridge Database is designed to prevent anyone from easily learning about all of the Bridges, so it may appear to advertise the same
Bridges each time you ask. If you let enough time pass, it will eventually provide new information.
Step 1. Check the My ISP blocks connections to the Tor network option.
Step 2. Type or Paste a Bridge address into the Add a Bridge field. As shown in Figure 18, Bridge information will include an IP address and
port number, such as 79.47.201.97:443, and may also include a long string of letters and numbers at the end, such as
80E03BA048BFFEB4144A4359F5DF7593A8BBD47B.
Step 3. Click:
Step 4. Repeat the above steps for each additional Bridge address. It is recommended that you enter at least three.
Figure 18: Inserting a Bridge Relay Address
4.3 Uninstalling the Vidalia Bundle
To remove all packages installed as part of the Vidalia bundle, perform the following actions:
Step 1. Select Start > Programs > Vidalia Bundle > Uninstall
Step 2. Choose a language for the installer and click Next
Step 3. Check All three of the packages shown in the window
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 10 of 13
Step 4. Click Next then click Uninstall.
How to Configure the Torbutton Add-on
Level: 4: Experienced
In addition to controlling whether or not Firefox will use Tor when browsing webpages, the Torbutton add-on also increases the security and
anonymity of your Tor session by blocking certain vulnerabilities in Firefox. Without Torbutton, a malicious website or Tor server could still
reveal some information about your location on the Internet and your online activities, even while you are using Tor. Fortunately, Torbutton
installs with a very safe default configuration. You can change these settings yourself, but you should not do so unless your have a relatively
strong understanding of browser-related security issues.
The Torbutton Preferences window has three tabs that let you specify different options:
The Proxy Settings tab
The Security Settings tab
The Display Settings tab
The Torbutton Preferences window can be accessed regardless of whether the Torbutton is disabled or enabled. To activate the TorbuttonPreferences window, perform the following steps:
Step 1. Right-click the Torbutton to activate its menu as follows:
Figure 19: The Torbutton menu
Step 2. Select the Preferences... option to activate the following screen:
Figure 20: The Torbutton Preferences window showing the Proxy Settings tab
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 11 of 13
5.1 The Proxy Settings tab
The Proxy Settings tab controls how Firefox accesses the Internet when the Torbutton is enabled. You should not need to change anything inthis tab.
5.2 The Security Settings tab
The Security Settings tab is intended for users with significant knowledge of web browsers and Internet security. Its default settings offer a highlevel of privacy for the average user. This tab lets you configure how Torbutton manages browser history, cache memory, cookies and other
features in Firefox.
Figure 21: The Security Settings tab
The Disable plugins during Tor usage option is one of the few security settings that you might need to change, although you should only do so
temporarily. In order to display online video content through Tor, many websites--including YouTube, DailyMotion and Witness's 'The Hub'--
require you to uncheck this option. You should only enable plugins while visiting websites that you trust, and you should return to the SecuritySettings tab and check this option, once again, as soon as you are finished.
For more information on the specific function of each option in the Security Settings tab, please refer to the Torbutton website.
5.3 The Display Settings tab
The Display Settings tab lets you choose how to display the Torbutton in the Firefox status bar, as an onion icon or as text. It functions thesame in either case.
Figure 22: The Display Settings tab
For more information on Torbutton, please refer to the Torbutton FAQ.
5.4 Removing the Torbutton
To remove this add-on, perform the following actions in Mozilla Firefox:
Step 1. Select: Tools > Add-ons
Step 2. Choose the Tor Button add-on and click Uninstall
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 12 of 13
Step 3. Restart Firefox
FAQ and Review
7.0 FAQ and Conclusion
Tor is an extremely well tested and well maintained piece of software. The Tor anonymity network is used by hundreds of thousands of people
worldwide, and continual improvements have made it increasingly stable and secure. Although the explanations in this chapter may seem
complex, in many cases you will not have to read past Section 2.0 How to Access the Tor Anonymity Network in order to get Tor working
properly.
Mansour has carefully read Chapter 8 of the How-to Booklet, about censorship circumvention, and has just finished working through the Tor
Guide. He nonetheless has a few questions for Magda, who has been using Tor for years.
Q: Why should I use Tor, anyway?
A: Good question. Tor is a great tool if you need to circumvent Internet censorship in order to access certain websites. It's also handy if youdon't want your Internet Service provider to know what websites you're visiting, or if you don't want those websites to know where you'recoming from.
Q: What's the difference between using the Tor Browser and the version of Tor that I have to install?
A: The Tor Browser can be extracted to a USB memory stick and accessed from any computer you use, including your own. You won't need toinstall it again. On the other hand, if you actually install the Vidalia bundle on your computer, Tor will work a little bit faster. Plus, assuming youwere already a Firefox user, you'll have access to your existing bookmarks and add-ons when you're using Tor.
Q: I have error messages in the 'Message Log' that I don't understand. What should I do?
A: See if those messages are in the Tor FAQ wiki. You could also press the 'Help' icon in the Vidalia interface and take a look at the'Troubleshooting' section.
7.1 Questions to test yourself with after completing the chapter
How many Tor servers are used to make a connection through the Tor network? Where can you see more information about these
servers?
What settings need to be changed in your web browser to make it access webpages through Tor?
Which programs need to be running to access the Tor network?
How can you prevent the Vidalia interface from launching whenever Windows starts up?
Tor - anonymity and circumvention 06/03/2009 01:32
http://en.security.ngoinabox.org/book/export/html/172 13 of 13