Customize

Using Tor in Order to Surf Anonymously

Discussion in 'Keeping Your Anonymity In Iran' started by Commissar, Jun 15, 2009.

  1. Commissar Member

    Short Instructions

    1. Go here and read for an introduction.
    2. Download and install a distribution appropriate for your system here.
    3. Install and configure Tor, keeping this in mind.
    4. Practice good information hygiene whenever you attempt to surf anonymously.

    What Tor Can and Cannot Do

    1. Tor only protects Internet applications that are configured to send their traffic through Tor — it doesn't magically anonymize all your traffic just because you install it. We recommend you use Firefox with the Torbutton extension.

    2. Browser plugins such as Java, Flash, ActiveX, RealPlayer, Quicktime, Adobe's PDF plugin, and others can be manipulated into revealing your IP address. You should probably uninstall your plugins (go to "about:plugins" to see what is installed), or investigate QuickJava, FlashBlock, and NoScript if you really need them. Consider removing extensions that look up more information about the websites you type in (like Google toolbar), as they may bypass Tor and/or broadcast sensitive information. Some people prefer using two browsers (one for Tor, one for unsafe browsing).

    3. Beware of cookies: if you ever browse without Tor and Privoxy and a site gives you a cookie, that cookie could identify you even when you start using Tor again. You should clear your cookies frequently. CookieCuller can help protect any cookies you do not want to lose.

    4. Tor anonymizes the origin of your traffic, and it encrypts everything inside the Tor network, but it can't encrypt your traffic between the Tor network and its final destination. If you are communicating sensitive information, you should use as much care as you would on the normal scary Internet — use HTTPS or other end-to-end encryption and authentication.

    5. While Tor blocks attackers on your local network from discovering or influencing your destination, it opens new risks: malicious or misconfigured Tor exit nodes can send you the wrong page, or even send you embedded Java applets disguised as domains you trust.
  2. ARC Member

  3. echo-IRAN Member

    Alternatives copied

    I saw a tweet about still able to use Freegate yesterday. There are a few other similar alternatives that may still be accessible. You need to download a small client like Freegate. Freegate is only free for some countries now. Ultrasurf is fast, possibly has some US govt fund. Hotspot Shield is a very fast VPN, ad supported. Both US servers. JonDo is Europe based, a bit slower, best before UTC 9am, when TOR is just about usable (at my geolocation).

    GPass can be used directly or via skype. I heard a lot of middle east telco block skype, but also heard that it's hard to block. All the above are always encrypted.

    For simple CGI proxy there's vtunnel.com ctunnel.com and a list at ctunnel. Working well and ran by the same people. Most proxy can use SSL encryption as option.

    There are alternatives to installing a cgi proxy on your computer such as J Marshall's. As above, TOR can be set to operate as a relay with or without exposing your IP as an exit point. But I doubt if it makes a dent on the TOR network. In JonDo, you can allow others to access the service through your client, but I don't know how it works because if you can block JonDo, you can also block it's infoservices(?), which tell others where to look for you.
  4. Inside Iran Only SM Feed
    @dorfird TOR uses SSL connection and doesn't work in Iran anymore either! #iraneleciton #gr88
    29 minutes ago from Twitter
  5. Lynx Member

    Tor is well known and respected as the best most efficient most anonymous proxy service. The Onion Routing makes the user almost completely untraceable.
    • First thing first, download the install package. (The tor browser-im package)
    • After you save it someplace double-click on tor-browser-1.2.2_en-US.exe
    • There now should be a window that says "7-Zip self-extracting archive" open on your screen.
    • Now click on the button that says '....'
    • Another window will open asking for a folder. I would recommend My Documents but you can choose anywhere you want.
    • Open the 'Tor Browser' folder located where you extracted files.
    • Double-Click on 'Start Tor Browser' and you should see Vidalia very shortly.
    • When Tor is ready it will open up firefox and Pidgin instant messaging client.
    • Start chatting and/or browsing.
    • After you are done exit Firefox and/or Pidgin. The list of web pages and cookies will be removed.
    For more detailed instructions you can visit:

    English: http://torir.org/
    Farsi: http://torir.org/index.html.fa

    To connect to Anonymous IRC
    • Open Pidgin by right-clicking on its icon on the task bar.
    • Right-Click on 'Manage Accounts'
    • Right-Click on 'Add...' button on the lower farthest right
    • Under login options there should be a drop down menu called Protocol
    • Right-Click and select 'IRC'
    • Enter your desired Nick under 'Username'
    • Enter lxkghnyg2owy6scd.onion in the 'Server' field
    • Type in '/join #iran' under the tab 'AnonServ' (You should already be here).
    • The #iran chatroom should open up shortly
    • Start Chatting
  6. DNS, not passing through Tor.

    If running firefox, DNS-lookups will not be done through the proxy.


    In the address field (Ctrl-L) type about:config

    Click continue.

    Find the field network.proxy.socks_remote_dns and set it to true.

    Now all traffic is directed through your proxy.

    Lynx, update your instructions?
  7. Artaban Member

    no vpn works here

    VPN ports in whole the country is closed, I have paid VPN for a long time meself but from election day (a day before any protest) all vpn ports are closed in Iran as I know; till yesterday it wasn't available to connect atall, but today it connects finally but have no traffic atall, even a simple ping won't work;
    I wasn't aware that they can close vpn ports this widely! :confused:
  8. echo-IRAN Member

    That's what I'm wondering. Port numbers can be changed. Are they blocking individual services like VPN providers and big proxy servers like TOR/Ultrasurf? Some rich guys can donate VPN servers and spread the secret IP's. But if they can block at the protocol level, like SSL, there's not much can be done except open network proxies.

    I saw tweets about TOR. At my geolocation, it's slow. The TOR people can't do much about, it is p2p, and they don't provide much servers if any. The following are similar systems, encrypted proxy, which normally fast enough to watch youtube video (never TOR) - JonDoNym, Ultrasurf, GPass(skype). They are private so adding server capacity is possible. JonDo is from a German University, the others are developed for China, with something to do with Voice of America.

    There are a few free VPN's and a number of privates ones that can donate their service. But that's not for a home computer and they can block them one by one.

    BTW squad sucks for me but psiphon is simple enough to install and verify, which is like an encrypted cgi proxy that needs SSL to work.

    The security of various anonymity systems are only important if they have to prove what you are transmitting.
  9. Help needed, Im from Iran

    [*] untitled7vi.png

    [*]once you have it running you should hope to see this:


    When the dos like window opens, ( rg; lunching request. ) is written on it
    and i can see NO WORKING


    please help me out, I really need to connect to the internet
  10. My tor client counts 1600 servers right now. I'm guessing that's enough. Und yes, tor can be slow.

    transparency in what they collect and do not have access to matters much as well
  11. echo-IRAN Member

    For the English version, there are only two update bundles to download. One include the browser (optional IM) with no config needed. And one without browser - Vidalia bundle. During installation in windows you don't see the Dos window except for a fraction of a second, and don't deal with TOR directly. Farsi TOR page.

    Setting up TOR as a relay and bridge is a lot easier than squid for me. Who wants bridges?
  12. I want bridges please.
  13. Yep! It worked, thanks alot!
  14. echo-IRAN Member

    I can't PM you my bridge if you are unregistered. If I post it, that defeats the purpose.

    Are you saying it works without bridge (unblocked) inside Iran?

    Edit: my bad, Iranian ISP simply block the SSL port. TOR and others can pick any ports, therefore hard to block without drastic measures.
  15. Hey guy's Keep fighting to get your vote back. Everybody with MOUSSAVI.

    Hey guy's Keep fighting to get your vote back. Everybody with MOUSSAVI.
  16. for those who have tor and want to help, please set up a relay to increase speeds over the network.
  17. Here to help!

    Hello Iran!

    I live in Washington DC and want to help you keep free speech alive and well!
  18. nanas Member

    what this forum administrators should be doing is allow https:// connections to it.
  19. MY guide to Tor nodes

    I have been currently contributing with another textfile writer to help this cause.
    Check out his file:
    http://www.textfiles.com/uploads/bootstrap.txt

    And check out this of mine;

    Written by slim-ov-derby

    Now most of you will know about tor, if you don't then I recommend reading this site;
    Tor: anonymity online

    The thing is you can't just download it, let it run and expect to be as anonymous as you think. yes Tor selects the best routers of its own, but if you actually check you'll find that alot of them are in the US and Germany. If you have 3, hell even 2 nodes from the same country and range then the traffic is easily correlated; also the exit nodes are not encrypted and the entry node knows your IP, so imagine how easy it would be for them if they were in the same country.

    To make sure you don't get a bad circuit you want to edit the torrc file.
    Not all nodes are always available so you'll have to keep checking to see which ones are available.
    https://torstat.xenobite.eu/
    (and the link whilst using Tor: http://eodys67qpzyvyxm5.onion/torstat/)
    Or you can check them in the view network window if you use vidalia.

    Also this link lists all of the suspicious nodes that have been blacklisted by Tor as stings, I'll explain what to do with this later.
    Bad Tor exit servers - LinuxReviews

    Now on with choosing the nodes.

    The first nodes you choose will be the entry nodes, choose fast ones; if you're using vidalia (which I recommend) then you can see their speeds in the view network window, you can sort them by speed. Choose fast nodes that are in a foreign country (you actually never want to use any node that is in your origin country anywhere in your circuit).
    EntryNodes node1,node2,etc

    Now you want to specify only the nodes you wrote above will be used or Tor will use other nodes if yours are down.
    Do this by adding this line to your file;
    StrictEntryNodes 1

    Now you'll want to choose your exit nodes. I recommend choosing Russian, Ukrainian or Japanese nodes if you can get any, they are unlikely to be interested in what you're doing. I recommend staying away from Nigerian nodes, as while they won't give a fuck about what you're doing they will be sniffing for passwords and login details. Too choose your nodes add this line;
    ExitNodes node3,node4,etc

    Like with entry nodes, specify to only use these ones you've chosen.
    StrictExitNodes 1

    Now we want to add the nodes that we never want to be used in a circuit; these will include nodes from your own country, unnamed nodes and any that are acting suspiciously. There are plenty of Tor forums out there on the entwork that discuss these type of nodes as well, so keep an eye out.
    ExcludeNodes node5,node6,etc

    Note that the node1,node2 etc should be changed to the actual names of your nodes. I know most of you would know this, but there are some idiots who would just c/p everything from this into their file.

    Going back to what I said earlier about the entry and exit nodes being in the same country; make sure they're not.

    You can't choose middle nodes, so just be careful and keep any eye ou. The middle node doesn't know who you are or what you're doing though.

    Once the file is edited and saved, restart Tor so the changes work. Go and check that your IP is changed (IP Tracer, IP Tracker, IP Locator and other DNS tools).

    If it still uses unwanted nodes then delete the router-cache and restart Tor.

    C:\Documents and Settings\loginname\Application Data\Tor\
    Delete the cached-status, cached-routers and cached-routers.new files.

    Always b on the look out to see if your nodes are still up and which ones are available. Like with your proxies, you should change them regularly.

    If you're still paranoid and want that great deniabilty factor in your favour (comes in great handy when downloading Certain Pornographic content) then run your own exit node.
    HOWTO setup a Tor-server - LinuxReviews

    Also coming for great deniability is truecrypt, and of course flash drives which can be disposed of or hidden easily. I'll go into them at another time though.

    I will also say, like with other proxies, it will be wise to disable javascript and flash, or you could torrify them with the help of proxifier; but I won't go into that, I recommend just disabling them.

    Tor is useless if you are logging into something that's linked to you in ayway, shape or form from the same nodes; unless the account was created on Tor itself.

    If you want advice on settng up such applications like IRC and instant messengers through Tor then check this out
    Blogs | Uwe Hermann

    In most cases it's just about redirecting it to go through the port tor uses (9050)

    Server: 127.0.0.1
    Port: 8118
    socks 5 / server: localhost port: 9050

    It's pretty simple.

    By the way, if you're using eMule for any such things
    Empty out the incoming folder. It is not private. Companies search that folder for copyright violations along with your IP address.

    It helps you with the deniablity factor if it comes to that.

    I don't recommend Tor for scams involving credit cards for the following reasons.

    A lot of tor nodes are blacklisted on sites where you place credit card orders. Even if you set your own nodes it's not worth it to risk it. More availability to the area it is in with the actual sock proxies, which will help you. You want it to be constant wth that type of thing instead of changing from one location to the other. And if you have a 3, hell even 2 nodes from the same country and range then the traffic is easily correlated; and I'm sure you know the entry and exit nodes aren't encrypted as well.

    Do not get me wrong, I love tor and use it as well as freenet and i2p each for individually different purposes; tor serves well in a lot of areas, just not for certain scams.

    If you're going to torrent, please don't use Tor for that, it puts a lot of strain on the server. Use i2p for torrents instead.

    Like with regular sock proxies, change your nodes regularly, keep them fresh like you would normal sock proxies.
  20. slim again. Me and ME-tan are working together on improving that textfile I linked to. I'll be doing a write up on freenet as well.
  21. padfoot-IRAN Member

  22. echo-IRAN Member

    How to use country code to select nodes

    This is not necessary because you can always check what country nodes you are going to use, although tedious, by clicking "View the Network", see below. Most of the time your 3 nodes are all over the world without specifying for it. You can change your connection (relay chain) by clicking on "Use a new identity".

    The standard (stable) versions do not support country code. You have to download the newer development versions 0.2.1.15-rc here.

    For the Windows version (non-portable, no browser), the geoip file is not included. You can download it here. And put it in:
    C:\Documents and Settings\your username\Application Data\Vidalia
    You have to add the line
    GeoIPFile .\geoip
    to the torrc file in the same directory

    You do not need to do anything for the TOR browser bundle for Windows.

    The geoip file is not claimed to be absolutely accurate. You can't include all the IP's in a big country without error I suppose.

    For the TOR browser bundle, the torrc file is in
    extracted directory\TOR Browser\Data\TOR

    Examples to use country code, add following lines to the torrc file for example:

    #GeoIPFile .\geoip Only for the non-portable version (without browser)
    #EntryNodes {xx} do not work for any version
    ExcludeNodes {ir}
    ExcludeExitNodes unname, snail
    ExitNodes {us},{gb},{jp}
    StrictEntryNodes 1
    StrictExitNodes 1

    The 2 character ISO country codes are here. Each country expands to a large numbers of IP ranges, so there might be problems if you include all countries in your torrc.

    You can check that it works by clicking "View the Network". The 3 node chain loading your webpages is the path selected. If you click on it the side panel shows their country code.

    Consider the rules in above posts.

    The blog page in torproject.org has some estimates of Iranian usage. If it starts to fall drastically, then we may need more bridges to unblock. The anonymous way to get a few bridges is at https://bridges.torproject.org/ or send mail to bridges@torproject.org with the line "get bridges" by itself in the body of the mail. To make it harder for attackers, you have to send the email from gmail or yahoo.

    Setting up a relay to help TOR users here.
  23. Thank u all

    DEAR ALL i WANT TO THANK U ALL FOR YOUR HELP IN THIS PROJECT
    I FEEL THAT WE ARE NOT ALONE IN THIS SITUATION REALY THANKS...
  24. I have seen a few reports of port 443 being blocked in parts of Iran -
    Can we get someone knowledgeable to advise on how to defeat this?
    Can relays just set their relay port at random?
  25. anon.il Member

    Tor uses additional ports other then 443 and can be switched to a Restrictive Firewall setting that allows it to function on other ports when necessary.

    Blocking Tor is much harder then merely taking out 443 - which would be a bad idea in general.
  26. echo-IRAN Member

    As I understand it, TOR users do not need to do anything. TOR will find unblocked relays using other ports. If you are running a relay, may be avoid 443. See the TOR relay thread. As of now most relay uses 9001. If they block 9001, people will go arbitrary.
  27. Vidalia and mirror sites

  28. Fancy Member

    I been trying to get it to work and I even went though my ISP modem setting up rules and the Tor test is not working.
  29. Fancy Member

    I think I got it working. I do not know what ports to use so I may have to change my router as well to make sure it goes though.

    I could not do the auto matic check I had to do it by picking a port myself. I know some on using the pgms because I used to program computers.

    Now who did I give the numbers to as well.
  30. chemical

    One of the members on my small and usually inactive forum left a tutorial on using the Opera web browser and Tor and preventing things like cookies and scripts from revealing your true IP.

    Some of you may find this helpful.

    Configuring Opera 9.6 with Tor

    and no I do not reveal information about anyone who comments, registers, visits or anything else on anti-forensics. Especially to any government. Although the US government is the only one who could take legal action at the moment.
  31. Fancy Member

    I thought it was working for me but I don't see any traffic for a long time after I set it up.

    I don't think it is working. I did see some traffic a few times but I am reading error messages when I check out the message log.

    I spent a lot of time on this today but alas i don't think it is working here. I read about freenet and I may try that and it was on the news.

    I am about to give up on this.
  32. Druod!
    Bar-name ra yek bare digar zabt kuon! Uninstall first!
    Piruz bashi
    Cyrus
  33. a string of excludes will be really appreciated
  34. neusvleugel Member

    anon-proxy

    I checked synaptic for browsing anonymity software on Ubuntu and found this. It can be installed on almost every known platform. Please, if you know more about this software, give feedback. I hope it can be used to guarantee the safety of Iranians trying to acquire, or send out, information.

    This is the description in synaptic:

    Proxy to surf the web anonymously

    This package contains the JAP client which acts as a local proxy between
    your browser and the insecure Internet. All requests for web pages are
    handled by JAP and are encrypted several times. The encrypted messages
    are sent through a chain of intermediate servers (named Mixes) to the
    final destination on the Internet.

    Multiple layers of encryption protect all messages. A Mix collects
    messages in a batch, totally changes their appearance (removes one
    layer of encryption) and forwards them all at the same time, but
    in a different order. An adversary may observe all communication links,
    however he cannot determine a relation between incoming and outgoing
    packets. A surfer remains anonymous within the group of all users
    of the service.

    Demonstrably, the system protects your privacy as long as the Mix
    works correctly. Unfortunately nobody knows whether a certain Mix
    is actually trustworthy or not. Therefore we use a whole chain of
    Mixes. Each message passes through several Mixes and the entire chain
    of Mixes has to be corrupt to successfully observe the user's
    activities. The chaining effectively prevents single Mixes from
    observing. This is the meaning of strong anonymity: Even the
    anonymity service itself cannot spy on its users.

    For further information see JAP -- ANONYMITY & PRIVACY

    Canonical does not provide updates for anon-proxy. Some updates may be provided by the Ubuntu community.
  35. Cog Member

    Simple Flyer for Tor

    I made up a simple flyer I've put around my town to advocate Tor. Here's the text, and I've included the .doc file minus the graphics for easy editing. Change it as you see fit for your personal area.

    Help the Iranian Green Revolution

    While the recent election in Iran was almost certainly a fraud, what is entirely certain is their government's reaction to the protests. Within days of the election, even token free speech was all but eliminated. Iran has gone dark; information coming out of the country has slowed to a trickle. Within the country, all internet traffic is heavily monitored. Access to social networking sites like Twitter and Facebook, crucial tools for protesters to communicate, has been banned.

    But you can help.

    If you have a broadband internet connection, you can provide secure and anonymous communication for protesters in Iran through a program called Tor. For the technically minded, Tor uses a portion of your connection to set up an encrypted proxy server that bounces the requested data between other computers running the same program. If that doesn't mean anything to you, that's OK. In laymen terms, it keeps any government or corporation from looking at what you are sending or who it's being sent to. Using email or Facebook simply looks like a scrambled request to a random person on the internet. The only way this can be effectively stopped is to cut off the entire internet, something unacceptable to any economy.

    Tor is easy to install. Simply go to the website https://www.torproject.org/ and follow the directions in the middle of the page to become a relay. It should usually take around twenty minutes to download and install. Because you are not opening any of the information you are transferring, there is no risk to your computer. You can vary the amount of bandwidth donated, and the program can be turned off if you need full speed. It's a small program, so it won't slow down your computer. You can also use the Tor network yourself if you need anonymity.

    This program has been used across the world by journalists, human rights workers, citizens from other repressive regimes, and even employees of our own government. It is a proven way to break countrywide firewalls and guarantee free speech despite the efforts of any single nation, but right now, it needs more volunteers. It is slow, and this recent mass censorship has stressed the system. By contributing your connection to the cause, you make the Tor network faster, safer, and stronger.

    Make free speech truly inalienable. Run Tor.

    For more information on helping Iran, visit
    http://iran.whyweprotest.net/

    If you have any questions, send an e-mail to
    wilmington.freeweb@gmail.com for more details.

    Note: While most home networks are able to run this program with no problems, but computers behind an outside router (for example, on-campus housing, apartment complexes) often experience problems. For those on UNCW campus,there is currently no way to set yourself up as proxy.

    Attached Files:

  36. Fancy Member

    I tried to get it to work and the geoIP file would not load so I uninstalled it.

    I wanted to help but I never showed up on the world Map so I gave up. I tried for two days to do so.
  37. echo-IRAN Member

    The geoip is not relevant for a relay. Posted a few blocks back, it allows users to pick a more secure route by including and excluding some countries.

    If you can ban all but Iranian users in TOR, then it will be useless because any node can pick up Iranian IP and the content they browse. All other users are useful to the Iranians, no matter what they do. Though enough relays to provide decent response is always the problem.
  38. SSL protocol block

    Relevant questions have been brought up, but not answered:
    Do anyone have confirmations from within Iran that SSL encrypted traffic actually works? I'm not talking about port 443 or anything lame like that, but about the information that SSL is blocked at protocol level (for instance in the nedanet/austinheap squid setup guide).

    If so, talking about Tor, bridges and proxies aren't really that relevant.
    We need to talk about solutions that can't easilty be spotted and blocked. Like a new, stealthy easily-modified protocol that looks like regular web traffic but carries encrypted data. Or something like that.

    But the first question is: Is SSL blocked at protocol level? (they sure have the hardware to do such a thing. they lowered the overall bandwith drastically, just to enable closer monitoring of the network)

Share This Page

Customize Theme Colors

Close

Choose a color via Color picker or click the predefined style names!

Primary Color :

Secondary Color :
Predefined Skins