Tor: Difference between revisions

From Omnia
Jump to navigation Jump to search
 
(2 intermediate revisions by the same user not shown)
Line 11: Line 11:
V2 is now deprecated as of October 2021 - https://blog.torproject.org/v2-deprecation-timeline/
V2 is now deprecated as of October 2021 - https://blog.torproject.org/v2-deprecation-timeline/


== Want Tor to Really Work ==
== Want Tor to Really Work Securely ==


Want Tor to really work? - https://www.torproject.org/download/download.html.en#warning
Want Tor to really work securely? <ref>https://www.torproject.org/download/download.html.en#warning</ref>
* Use Tor Browser
* Use Tor Browser
* Don't torrent over Tor
* Don't torrent over Tor
Line 115: Line 115:
   
   
  torsocks curl http://abcdefg....xyz.onion/
  torsocks curl http://abcdefg....xyz.onion/
== Darknet ==


== Dark Web ==
== Dark Web ==

Latest revision as of 19:48, 2 March 2024

Tor

.onion

Not real domains, only resolve on TOR network, with TOR clients.

v3 onion address

V3 onion addresses have 56 characters instead of 16 (because they contain a full ed25519 public key, not just the hash of a public key).

V2 is now deprecated as of October 2021 - https://blog.torproject.org/v2-deprecation-timeline/

Want Tor to Really Work Securely

Want Tor to really work securely? [1]

  • Use Tor Browser
  • Don't torrent over Tor
  • Don't enable or install browser plugins
  • Use HTTPS versions of websites
  • Don't open documents downloaded through Tor while online
  • Use bridges and/or find company

Linux Guide

Linux Tor Browser

Tor: Linux/BSD/Unix Install Instructions - https://www.torproject.org/docs/tor-doc-unix.html.en

sudo apt-get install xz-utils
wget --no-check-certificate https://www.torproject.org/dist/torbrowser/6.0.8/tor-browser-linux64-6.0.8_en-US.tar.xz
tar -vxf tor-browser-linux64-6.0.8_en-US.tar.xz
tor-browser_en-US/Browser/start-tor-browser

Linux Tor Hidden Service Server

Tor Project: Hidden Service Configuration Instructions - https://www.torproject.org/docs/tor-hidden-service.html.en

sudo apt-get install gcc make libevent-dev libssl-dev
wget --no-check-certificate https://www.torproject.org/dist/tor-0.2.9.8.tar.gz
tar xzf tor-0.2.9.8.tar.gz; cd tor-0.2.9.8
# ./configure && make
make clean
./configure --prefix=/opt/tor && make
sudo make install

Default config:

/usr/local/etc/tor/torrc
/opt/tor/etc/tor/torrc

Make directory:

mkdir -p /home/tor/.tor/data
chmod 700 /home/tor/.tor/data

sudo cp src/or/tor /usr/local/bin/

sudo mkdir -p /usr/local/etc/tor/
sudo touch /usr/local/etc/tor/torrc
sudo vim /usr/local/etc/tor/torrc

cd /home/tor/.tor/
ln -s /usr/local/etc/tor/torrc torrc

/opt/tor/etc/tor/torrc:

HiddenServiceDir /opt/tor/etc/service1
HiddenServicePort 80 127.0.0.1:80

HiddenServiceDir /opt/tor/etc/servic2
HiddenServicePort 80 127.0.0.1:80

# Log debug file /opt/tor/log/debug.lo

Note: This can run as a regular user, the port 80 is just for Tor reference

Run server:

screen
/usr/local/bin/tor
src/or/tor
src/or/tor -f ~/.tor/torrc
ln -s src/or/tor
./tor

See:

  • /home/tor/.tor/data/hostname
  • /home/tor/.tor/data/private_key

curl

Making requests with the Tor network is easy with cURL. Since Tor uses the common SOCKS5 protocol, it works well with anything that has SOCKS5 support. cURL comes with a simple command-line option to specify a proxy.

# Linux default Tor proxy port is 9050
curl --socks5-hostname localhost:9050 https://check.torproject.org
# Windows/Tor Browser Bundle default to port 9150
curl --socks5-hostname localhost:9150 https://check.torproject.org

ref: [1]

---

Wrap curl with torsocks:

sudo apt install tor
sudo systemctl start tor

torsocks curl http://abcdefg....xyz.onion/

Dark Web

https://en.wikipedia.org/wiki/Dark_web

Darknet

https://en.wikipedia.org/wiki/Darknet

Notes

Warning: Want Tor to really work?

  • We recommend you use Firefox with the Torbutton extension.
  • Browser plugins such as Java, Flash, ActiveX, RealPlayer, Quicktime, Adobe's PDF plugin, and others can be manipulated into revealing your IP address. You should probably uninstall your plugins.
  • Beware of cookies. CookieCuller can help protect any cookies you do not want to lose.
  • Tor anonymizes the origin of your traffic, and it encrypts everything inside the Tor network, but it can't encrypt your traffic between the Tor network and its final destination.
  • malicious or misconfigured Tor exit nodes can send you the wrong page, or even send you embedded Java applets disguised as domains you trust.


Tor (anonymity network) - Wikipedia

Tor (The Onion Router) is a free software implementation of second-generation onion routing – a system enabling its users to communicate anonymously on the Internet. Roger Dingledine, Nick Mathewson, and Paul Syverson presented "Tor: The Second-Generation Onion Router" at the 13th USENIX Security Symposium.

Originally sponsored by the US Naval Research Laboratory, Tor became an Electronic Frontier Foundation (EFF) project in late 2004, and the EFF supported Tor financially until November 2005. The Tor software is now developed by the Tor Project, which since December 2006 is a 501(c) research/education non-profit organization based in the United States of America that receives a diverse base of financial support.

keywords

Deep Web / Deepnet / Invisible Web / Undernet / Hidden Web / Darknet / Dark Net / Dark Web / Darkweb