TABLEOF CONTENTS

1.Description2.Application3.Structureandprinciplesofwork.4.SetupofTorTorforUbuntuTorforMac5.Configuringandrunninginbridgemode6.Tuningintheproxymode7.Relaymode8.AdjustmentandworkwiththeVidaliaPoliposhell9.TheusageonSmartphone10.HowtocheckToroperation?

1.DescriptionSomewordsaboutsituationasanintroduction

LatelytheinteresttotheanonymousnetworkofTorgrowsconstantly.Andtherearequiteenoughreasons.

“Democraticreforms”intheworldgoatfullspeed.Nowthegovernmentspracticallyofallcountriesconsiderthattheyhavearighttodecide,wherethecitizenscanwalkto,whattowatchandwhattoread.Packsoflaws,“withthebestmotives”stampedbythecouncilandparliaments,determinesharperthebordersofreservationswithinthelimitsofwhichtheexistenceofusersinaglobalNetworkispossiblenow.

”Adangerforeseenishalfavoided”

Theauthorities takecareofmoralhealthof thecitizensandabout thecleannessof theirthoughts paternally. That is very touching. But as usual, nobody finds the time to askcitizens’opinion.AndmoreusersintheInternetbegintofeelthatthelimitsimposingbyofficialauthoritybeginto“reapinshoulders”.Andsearchmeanstochangeasituation.

One more tensing moment is Edward Snowden’s exposures from that clear that totalshadowing of the special services after all and everybody has already become a reallyworldscope.Certainly,agreatnumberofpeoplehasnothingtohide,butitisextremelyunpleasanttorealizethatyouareunderthepermanenthubcapof“TheBigBrother”,everyyourstepiswatchedandfixed,andsomeoneregularlytries todelveinyourdirtylinen.Andnobodyabsolutelydoesn’tcareaboutforwhatpurposehedoesit,withgoodorbadintentions.

Torisaweb-browserthatprovidesfreeandopenInternet.Torhasownsystemofproxy-servers, that allows anonymously unite with a few networks simultaneously, providingprotectionfromlistening.Tor isananonymously-virtual tunnelnetwork thatgivesan incipherinformationtransfer.

UsingthebrowserofTor,theclientsoftheInternethavetheopportunityofmaintenanceofanonymityinanetworkduringthevisitofdifferentonlineresources,duringblogging,sendingreports,andalsoduringworkwithotheronlineapplications.

Inautumn2011thedevelopersofweb-browserofTorgotarewardthatcanbecomparedonmeaningfulnesswithOscarintheworldofthecinema,FundoffreePOEgaveoutthisbonusthem,andinspring2012-rewardofEFFPioneerAwards.

2.Application

Moreandmorepeopletrytosaveinviolabilityofprivatelifefromspecialservices,whichpoketheirnoseintootherpeople’saffairs.Morepeopletrytogetridoffromthe“paternalcaring” of officials from the state andwant to realize the constitutional right to decideindependently,wheretowalk,whattochoose,wheretolookandwhattodo.

AndhereanonymousnetworkofTorcomesforhelp.Asitcanprovideseparatelyhumanbeingaconsiderableweakeningofpersuasiveattentionandatthesametimetakingawayalmost all limits on moving on World Wide Web. Tor will hide your personality inNetwork,allthatyouwilldointheInternetandallsitesthatyouwillvisit.Andalsoitwillallow you to go round all blocking your favorite web-sites with lightness, carefullyinflictedtousbyfavoritegovernments,whichconsidersincerely,thatknowusbetter.

In addition, thenetworkofTorhas another smallpracticalbonus. It oftenallowsgoingroundsuchannoyingthing,asbanonIPondifferentwebsites.Thesearetrifles,butverypleasant.

PrivatepersonsusethebrowserofTor;especiallyitispopularamongthose,whoaimtoprotect the confidential personal information, and also to protect access to the blockeddata.DuetothehiddenservicestheusersofTorareabletocreateindependentlyweb-sitesandotherelectronicresources,besidestheplacewhereaserverisreallylocated,ishiddencarefully.

The Web-browser of Tor is very often used by journalists with the purpose ofcommunicating with informants safely. Well-known user of this browser is EdwardSnowden,transmittingwiththehelpofTordifferentinformationtothenewsagenciesandInternetresources.

Theemployeesofnon-governmentalorganizationsusetheweb-browserofTorinordertobe connected to the special web sites in their foreign business trips, not wishing toadvertizetheirworkingactivity.

TorismuchlikedbycivilactivistsfromFundofelectronicborders,seeingthisbrowserthatgivespossibilitytoprotectbasecivillawsandfreedomsinaworldnetwork.DifferentcorporationsuseTorforsafeanalysisofworkoftheircompetitorsatthemarket.Alsotheweb-browserofTorisusedbythedifferentspecialservicesinordertoprovidesecrecyduringexecutionofspecialtasks.

3.Structureandprinciplesofwork.Anonymousoutgoingconnections

So,whatisitanonymousnetworkofTor?Torisanabbreviationof“TheOnionRouter”.IfsomeoneisinterestedinboringtechnicaldetailsthenvisitthepageofTorinWikipediaandexamineit.IfyouwanttomakeiteasierthenvisitjustthesamepageinLurkmore.ButItrytoexplainitmorequickly.

ThoughthisnetworkisfunctionedonthebaseofusualInternet, theinformationdoesn’tmove directly from you to the server and back as in “big” network, and everything isbanishedthroughalongchainofspecialserversandcipheredmanytimesineachstage.Asaresultthefinalrecipient,thatisyou,becomescompletelyanonymousforthesites–instead of your real address there is shown absolutely wrong, not having to you anyrelation.Allyourmovementscan’tbetraced,aswellaswhatyoudid.Andinterceptionofyourtrafficbecomesabsolutelyuselesstoo.

Itisthetheory.Inpracticeeverythingsometimesisnotsooptimistic.Wewilltalkaboutallpossibleproblemslater.Youare tiredfromlongandboring introduction,aren’tyou?Areyoushortoftempertosetupandtrytousethismiracle?So,let’sstart!

ThegeneralsystemofBrowserTorallowsitsuserstostartontheircomputersseparateso-called“Onion”Proxy-serverswhichafterthatconnecttothemainTorservers,organizingTorweb-chains (theyusemultilevel coding).Alldatapacketsgoing through the systempassthrough3split-levelproxy-servers,anditschoicegeneratesaccidently.

Beforesendingapacket, theone isbeingsuccessivelycodedusing threekeys.Thefirstpackofnetworkgets thedatapackage,and then itencodes the“top” layersof thecode(similar to peeling the onion) and gets to know where it should send the data packetfurther.Othertwonetworkpacksdothesamething.

In inner Tor networks traffic is being redirected between routers, and then it finallyreachestheoutputfinalpoint,wherealreadyencodeddatareacheshomeserver.AfterthattrafficfromrecipientgoesbackwardstothefinalTornetworkpoints.

Anonymoushiddenservices

In2004Torstartedtomakeserversanonymous,hidingtheirlocationintheWorldWideWebusing specialoptionsof anonymousnetwork. It ispossible togain access to somehiddenservicesonlyusingTorclient.

Theaccesstohiddenservicescanbegainedwithusingspecialpseudo-domainsofthetoplevel“.onion”.Tornetworksidentifythemanonymouslyandsendthedatatosomespecialhidden services. These hidden services process the data using usual software, which istuned right for listening of closed interfaces. Such domain “.onion addresses” aregeneratedontheopenedserverkeyandcomposedof16numbersandLatinletters.

Restrictions

Torisaimedtohideclient’sconnectiontoserver.Butcompletehidingconceptuallycan’tbeachieved,becausecodinghereisjustawayofachievinganonymityintheInternet.Togainahigherlevelofprivacy,itisnecessarytohaveadditionalcommunicationhardwareprotection.Alsoitispreferabletousestenographymethodswhilecodingdata.

BasicadvantagesofTorBrowser

Torbrowserhasthefollowingadvantages:

AccesstoANYwebsitefromANYpartoftheEarth,nomatterwhatprovideris;

Torbrowserchangesclient’sIP,socompleteanonymityisguaranteed;

Thebrowserisveryeasytoinstallanditsusageisabsolutelyfree;

NetworksofRepeaterscanbeusedaswell;

Protectionfromwebtailingthreatingtodataprivacy;

Securitythreatingfunctionsareautomaticallyblocked;

Protectionpacketcannottobeinstalled.Itisstartedfromallthedevices,evenportable.

BasicdisadvantagesofTor

TorBrowseralsohassomedisadvantages:

Toolowloadingspeed;

Notallthevideoscanbeplayed;

Ratherlowsecurity.

4.SetupofTor

TorforWindows.DownloadingofTorBrowserBundle.

Open anybrowser (MozillaFirefox, InternetExplorer or other) and enter in an addressline: https://www.torproject.org/projects/torbrowser.html.en. If you find Tor BrowserBundlebymeansofthesearchingsystem,makesureintherightnessoftheaddress.

Push the large violet button “DOWNLOAD”, to set up the file of installation of theprogramTorBrowserBundle.

Awebsitewilldefineyouroperatingsystemautomatically;loadingofnecessaryfilewillbegin.Ifforsomereasonsyouwanttoloadthefileofinstallationforotheroperatingsystem,youcanchooseanecessaryversionfromalist.

Manybrowserswillaskconfirmationofyourintentiontogetafile.InternetExplorer11displaysthefieldwiththeorangeframinginthelowerpartofwindowofbrowser.

Atfirstitisrecommendedtosaveafileonadiskindependentlyofyourbrowser.Pushthebutton“Save”.HereisshowntheprogramTorBrowserBundleversion5.0.4,whichwasactualduringwritingthistext.Now,probably,fresherversionoftheprogramisaccessible.

SetupofTorBrowserBundle

Whentheloadingfinishesyou,maybe,willbesuggestedtoopenafolderwherefilewasstoredin.Bydefaultitisafolder“Downloads”.Startthefiletorbrowser-install-3.6.2en-US.exebyadoubleclick.

Afteradoubleclickonthefileofinstallationawindowwillbeopenedwithwarningoforiginoftheprogram.Itisalwaysneededtotakeseriouslysuchwarnings.Itisimportanttomakesure,thatyoucantrustthesetsoftware,thatyougotanauthenticcopyfromanofficialwebsiteonasafecommunicationchannel.Youknowinthiscase,thatyouneedandwheretogettheprogram.DownloadingwastakenfromthesafeHTTPSwebsiteofprojectTor.Press“Run”.

ThewindowofchoiceofthelanguageofTorBrowserBundlewillbeopened.Choosealanguagefromafewvariantsandpress“OK”.

InanextwindowitissuggestedtochooseafolderforsettingofTorBrowserBundle.Bydefaultadesktopis indicated.It ispossible tochangetheplaceofsetting,butwhileweleaveanaddresswithoutchanges.

Youwill seeawindowreportingaboutcompletionof setting.Push thebutton“Finish”.TorBrowserwillbestartedautomatically.Whilecleanamark in thepointof“RunTorBrowserBundle”.WewillgobacktotheuseofTorBrowserBundleafterawhile.IfyouforgottocleanamarkandtheprogramTorBrowserwasstarted,simplycloseawindow.

Tor Browser Bundle will not be set in the system, as other programs, and will not bedisplayedinamenu“Starting”ofyourcomputer.

UseofTorBrowserBundle

FirststartofTorBrowser

UponcompletionofsettingwedecidednottostartTorBrowser, thereforenowyouwillstart the program for the first time. If you followed all instructions in the process ofsetting,thenyouwillseeonyourdesktopafoldernamed“TorBrowser”.

Openthefolder“TorBrowser”anddoubleclickwillstartthefile“StartTorBrowser”.

At the first start of Tor Browser you will see a window that will allow you if it isnecessary to change some tuning.Maybe, youwillwant to go back to them later, andwhiletrytoconnecttothenetworkofTor,pushingthebutton“Connect”.

After that anewwindowwill appearwithgreen field,which at the start ofTorwill beopenedabitlonger.

At the first startofTorBrowser itmayneedvery littlemore time, thatusual,but showpatience.InafewminutesTorBrowserwilltuneconnection.Aweb-browserwillappearthatwillcongratulateyouwithsuccessfulstart.

TorforUbuntuTosetupTorBrowserinUbuntuistodownloaditfromofficialsite.Itisthemostcorrectandrightway.

ThemostcorrectandrightwaytosetupTorBrowseristodownloaditfromofficialsite

https://www.torproject.org/download/download-easy.html.en

Choose the version the version according to architectural system, choose Eng anddownload:

Unpackdownloadedachievesinhomecatalogue,moveintoit:therewillbethefollowingexecutingfile

Weexposethepermissiontoexecutionintheproperties

That’sall;now,doubleclickonthisfilewillopenTorBrowser

IfafterdoubleclickTorBrowserdoesn’topen,andinsteadofthattexteditoropens,youshouldallowexecutionofscriptsinsettingsofthefilemanagerNautilus:

IfyouwanttocreatealabelontheappendixinthemainDashmenu,

youcanread on theInternetit.

StartTorBrowserwemovetothesiteforcheckingIP.

Andifeverythingisallright,wewillseesomethinglikethis

WhereamI from?Ofcourse, from theGermany,andmoreover, theoperationsystem is“Windows”

InstallationofTorBrowserinUbuntu14.04-12.04intherepository

Installation option from a repository not of the latest version: in order to install TorBrowser Bundle inUbuntu, open the terminal and do the following steps according toyoursystem

ForUbuntu32-bit:sudoadd-apt-repositoryppa:upubuntu-com/tor

sudoapt-getupdate

sudoapt-getinstalltor-browser

sudochown$USER-Rv/usr/bin/tor-browser/

ForUbuntu64-bit:sudoadd-apt-repositoryppa:upubuntu-com/tor64

sudoapt-getupdate

sudoapt-getinstalltor-browser

sudochown$USER-Rv/usr/bin/tor-browser/

That’sall,theprogramisinstalledandyoucanfinditwiththehelpofmenuDash

OtherlanguagesofTorBrowserBundlewheninstallationisfromrepository

TorBrowserisFirefoxofstableversion,wewillchangeotherlanguages

RemoveintheinsertHelp-AboutTorBrowser

Lookattheversionofbrowserandmoveonthepagewithotherlanguages

Mozilla-Firefox

Oppositeyourversionofbrowserdownloadthepackagewithotherlanguagesandinstallit

Thenenterinthelineofaddress

about:config

Agreethatwewillbecareful“I’llbecareful,Ipromise!”

Thenenterinthelineofsearch

general.useragent.locale

Andchangethemeaningofthisparameterfromen-Usonde(fr)

That’sall,andnowyoujustrestartTorBrowser.

Nowitispossibleanonymously“towanderaboutthenetworks”

TurnonFlashPluginandJavaScriptinTorBrowser

Ifyouwanttowatchflashmoviesinthisbrowser,itiseasytoturnonit.Alsoitispossibletoallowexecutionofscripts.Butinthiscasethesafetyisminimized!

Idon’tadvisetodoitconfirmedparanoiacs.

So,ifyouwantflashbeginstowork

Movein“Tools”–“Additions”

Ontheinsert“Plug-ins”switchonShockwaveflash.

That’sall,nowmoveonyourfavouritesiteandwatchvideosonline,fortheexampleonYouTube.

Also,hereinthepoint“Expansions”itispossibletoturnofftheexpansion,whichblocksscriptsonthesites:

That’sall,nowitispossibletowatchalsoflashvideosandscriptswillbeexecuted.

But I repeat, this everything breaks safety, for the sake of what we also install thisprogram.

TorforMac

ReceiptofTorBrowserBundle

Open any browser (Mozilla Firefox, Safari or other) and enter in an address line:https://www.torproject.org/projects/torbrowser.html.en.IfyoufindTorBrowserBundlebymeansofthesearchingsystem,youwillmakesureintherightnessofthegotaddress.

Pushthelargevioletbutton“DOWNLOAD”,togettheinstallationofthefileofprogramTorBrowserBundle.

Thewebsitewilldefineautomaticallyyouroperatingsystem;loadingofthenecessaryfilewill begin. If for any reason you want to load the installation file for other operatingsystem,youcanchoosethenecessaryversionfromthelist.

IfyouuseSafari,downloadingofTorBrowserBundlewillbegin.IfyouuseFirefoxyouwillbeofferedtoopenorsaveafile.Itisalwaysbettertosaveafile,that’swhypushingthebutton“Save”.InthisinstanceTorBrowserBundleversion4.0.8ispresented,beingactualinthemomentofpublicationofthisguidance.Tothemomentofreading,maybe,fresherversionoftheprogramwillappear.

SetupofTorBrowserBundle

Aftercompletionofdownloading,maybe,youwillbesuggested toopena folderwherefilewasstoredin.Bydefault it isafolderof“Downloads”.Start thefileTor browser -4.0.8-osx32_en-US.dmgbyadoubleclick.

AwindowwillappearsuggestingtosetTorBrowserBundlebydraggingtheprograminthefolderofapplications.Doit.

NowtheprogramTorBrowserissetinthefolderofapplications.

UseofTorBrowserBundle

To start Tor Browser in the first time, find the program in Finder or (in more updateversionsofOSX)inLaunchpad.

AfterclickontheiconofTorBrowserawindowwillappearwithwarningoforiginoftheprogram.It isneeded to takeseriouslysuchwarnings. It is important tomakesure, thatyou can trust the set software, got a true copy from an official web-site on a safecommunication channel. You know in this case, what you need and where to get theprogram. Downloading was made from the protected HTTPS web-site of project Tor.Press“Open”.

At the first start of Tor Browser you will see a window that will allow you if it isnecessarytochangesometuning.Maybe,youwillwanttogobacktoitlater,butwhiletrytobeconnectedtothenetworkofTor,pushingthebutton“Connect”.

AfteritanewwindowwillappearwithagreenfieldthatatthestartofTorwillbeopenedabitlonger.

AtthefirststartofTorBrowseritmayneedmoretime,thanusually,butbepatient.InafewminutesTorBrowserwillconnect.Aweb-browserwillappearthatwillcongratulateyouwithsuccessfulstart.

You can check, whether you are connected to the network of Tor, visitingcheck.torproject.org. Ifyouareconnected,awebsitewill report:“Congratulations.ThisbrowserisconfiguredtouseTor”.

WebsurfingthroughthenetworkofTorhassomedifferencesfromordinaryworkintheInternet.WerecommendyoutofollowtheseadvicesforcorrectworkinthewebviaTorandformaintenanceofyouranonymity.

NowyouarereadytotheanonymoussurfingthroughthenetworkofTor.

5.Configuringandrunninginbridgemode

InstallingTorinbridge/relaymode

Theinstallingitselfisextremelysimple–itisenoughtodownloadthedistributionandrunthesetup.

Therearetwotypesofdistribution:TorBrowserBundleandVidaliaBridgeBundle.TorBrowserBundle isaimed just for safebrowsing theWeb.VidaliaBridgeBundleallowsnotonlysafelyaccesstheWebbutalsowidensTornetworkusingyourPC.

1. WarningoffailingtorunTorbridgeservice:

[Warning] Could not bind to 0.0.0.0:443: Address already in use[WSAEADDRINUSE].

IsToralreadyrunning?

The reason is that the sameport on the samecomputerwasusedbySkype.Theproblemcanbesolvedinthefollowingway:VidaliaControlPanel->Settings->Sharing->BasicSettings->RelayPort:hereyoushouldchange443foranothervalue,forexample4444(Thisonewasn’tusedbyanysoftware)

2. WarningofGEOIPfilesabsence:

[Warning]FailedtoopenGEOIPfileC:\DocumentsandSettings\User\Application

Data\tor\geoip.…

[Warning]FailedtoopenGEOIPfileC:\DocumentsandSettings\User\Application

Data\tor\geoip6.…

The matter is that geoip and geoip6 files suddenly appeared in other directory,C:\Documents and Settings\User\Local Settings\Application Data\Tor. Thisproblemcanbesolvedbysimplecopyingfilestotheproperdirectory.

3. Warningofimpossibilitytoconnecttobridgeserverfromoutside:

[Warning] Your server (aa.bb.cc.dd:4444) has not managed to confirm that itsORPortisreachable.Pleasecheckyourfirewalls,ports,address,/etc/hostsfile,etc.

The reason is that D-Link router provides the Internet connection via NAT. Tomake port 4444 visible outside via global IP aa.bb.cc.dd, it is necessary toconfigureportforwardingfromLANout.

Tor-D-Link-port-forwarding.

4. Noticethatyourcontactinfoisnotset.

[Notice]YourContactInfoconfigoptionisnotset.Pleaseconsidersettingit,sowecancontactyouifyourserverismisconfiguredorsomethingelsegoeswrong.

You do not have to set your contact info but you can do that. It can be done inVidaliaControlPanel->Settings->Sharing->BasicSettings->hereyoushouldfilltheNicknameandContactInfo(youre-mail).

5. Warningofsettingthe“wrong”time:

[Warning]Receiveddirectorywithskewedtime(server‘82.94.251.203:443’):

Itseemsthatourclockisaheadby56minutes,7seconds,orthattheirsis

behind.Torrequiresanaccurateclocktowork:pleasecheckyourtime,timezone,

anddatesettings.

Thetimestrangelydiffersalmostforanhour(myclockisputforwardfor56minutes),asthoughaproblemisinsummer/wintertime.ThereasonissomebuginTorserver.Howtofixit:

1. RunTorsystemandwait for itscomplete loading(themomentwhenTorsetstheconnectionanditsonioniconinthetraybecomesgreen)

2. Opentimeanddatesettingsandsetthetimeanhourearlierorlater.Theactualconnectionwillbelostbutitwillresetinsometime.

3. Waitforabout15minutesandthenreturnthetimeback.TheconnectionwillbelostagainbutthenTorwillbebackinthenormalmode.

6.TuningintheproxymodeHowtoconfigureproxiesinInternetExplorer.

InOSofWindows7 it is necessary tovisit controlPanel, then topass toPropertiesofbrowser, further the Connecting inset, in a right lower corner to press on Tuning ofnetwork.Youneedtomarkthefield“Proxy-server”,thenopen“Inaddition”,andintoaninsetexposedigitalvaluesshownonapicture.

ExplorerworksviaTor.

HowtoconfigureproxiesinGoogleChrome.

Firstlyitneedsthatitwillbethe“defaultbrowser”onYourPC.Further:

Wepressonto“Changeconfigurationofproxy-server”.InsertfortuningInternet-explorermustgoout(seethescreenshot).

HowtoconfigureproxiesinOpera

It is necessary to enter “settings” and propose them in accordance with the operatingversion of browser. We mark the part of Socks, further it is necessary to enter nextnumericaldata:127.0.0.1:9050

HowtoconfigureproxiesinMozillaFirefox.

Theuserneedsthisplugin(https://addons.mozilla.org/en/firefox/addon/foxyproxy-basic/?src=search).Itshouldbesetupin“Expansions”.

Aftersettingofpluginyoushouldchoosechooses:“Torproxiesforalladdresses”.

Furtheryoushouldproposethesettings.

Theremustbenot“forbiddenweb-sites”now.

IfyouwanttoknowIP-address,appealtohttp://www.checkip.com(ip-check.info)

WhenauserworksbymeansofTor,anaddressisdifferentfromthatgotforaprovider.

Howto“TORify”ICQSkype,µTorrent.

TheschemeissimilarforICQandSkype:“Tools—Settings—Inaddition—Connections”,findtheinsertSOCKs5,andthenwritethefollowingnumerals127.0.0.1:9050

For µTorrent you should move into “Settings-Settings of the program-Connections”.Furtheryoushouldchoosethesettingsasinthepicturebelow.

7.Relaymode

SafetyandefficiencyofTornetworkdependonthenumberofnodes,reliablefortrafficsending. They are called relay nodes. The EFF even held Tor Challenge in order tostimulateasmuchusersaspossibleforcreatingandconfiguringthesenodes.Asamatterof fact, article is devoted to this simple action. For work in relay mode you’ll need aserver,whereTorRelaywillwork.YoucanuseyourhomePCoryoucanreconfigureasmart router. I offer anotherway– touseVPS (VirtualPrivateServer).Tor software isprettymodestandcaneasilyworkonVPSwithminimalconfiguration.Memoryof256MBoreven128MBisenough.Diskrequirementsarelowtoo:itislessthan1GB.Priceofsuchserverpermonthisequaltoacupofcoffee.

So,weregisterVPS.ItshouldhaveaverifiedouterIP.Asforme,Ilikeyourserver,buttherearealotofVPS’switLinuxor*BSDonboard.Asarule,afterpurchasingyougetaserverwithalreadyinstalledLinuxdistribution.Chooseanyoneyoulike.IwillshowyouusingDebianasanexample.

Tostartwith,youshouldinstallToronyourVPS:

#aptitudeinstalltor

On default Torwillwork inweb clientmode: you can use it to operate online but foranyoneelseitisuseless.Someoneelse’strafficwon’tgothroughit.YoumustturnonTorRelaymode.

Also you must turn on Directory Service &mdsah; catalogue service, reliable forspreadinginformationaboutotherTorservers.Youcanuseundefinedportforsendingandforcatalogue.Defaultconfigurationfileofferstouseport9001forpacketsretransmittingandbroadcastandport9030forcatalogueservice.Butwewillmakeourserveravailableforports443and80.Theseportsareusuallyusedforwwwtraffic.

Open/etc/tor/torrcandwriteinthefollowing:

NicknameMyCoolNick

ContactInfoPerson<somebodyATexampledotcom>

ORPort443NoListen

ORPort9001NoAdvertise

DirPort80NoListen

DirPort9030NoAdvertise

ExitPolicyreject*:*#noexitsallowed

ExitPolicyreject6*:*#noexitsallowed

Underthe‘Nickname’writeinthenameoftheserver.Lateryou’lluseitforcontrollingserverworkviaspecialservicesonTorProject.

InContact Info lineyoucanwrite inyourcontact info(incase ifsomeonewillwant tocontactwith you).You also can leave it, then our serverwon’t be able to let someoneknow,whomitsowneris.

ThelasttwolinesforbidtouseourserverasExitNodoftraffic.Otherwise,Torwilltrytouse our server for the transmission of outgoing traffic of network on external servers.Unfortunately, not everyone uses Tor with good intentions, and if traffic abandons Torthroughyourserver,itcanaffectyou.

Inaddition, theprescribedconfigurationcompelsaserver to tell tootherparticipantsofnetwork,thataserverisaccessibleonports443forsendingpackagesand80forthereportofinformationaboutotherserversofnetwork.Thusactuallyaserverwillwaitreportsonports9001and9030.InDebian

Tor by default works not from under route and such configuration allows avoidingproblemswithconnectingtoports.

Bymeansofiptableswewillinfluencenecessaryconnectionbetweenportsnow.

If there are the special tools of tuning of network screen of iptables in the chosendistributive, it is possible to use it. It is simpler and more evident to do everythingyourself.

Wecreatethefileof/etc/iptables.save.rulesofsuchcontent:

#Generatedbyiptables-savev1.4.14onSatJul514:15:042014

*filter

:INPUTACCEPT[0:0]

:FORWARDACCEPT[0:0]

:OUTPUTACCEPT[22:1968]

-AINPUT-mstate—stateRELATED,ESTABLISHED-jACCEPT

-AINPUT-ilo-jACCEPT

-AINPUT-d127.0.0.0/8!-ilo-jREJECT—reject-withicmp-port-unreachable

-AINPUT-ptcp-mtcp—dport22-jACCEPT

-AINPUT-ptcp-mtcp—dport80-jACCEPT

-AINPUT-ptcp-mtcp—dport443-jACCEPT

-AINPUT-ptcp-mtcp—dport9001-jACCEPT

-AINPUT-ptcp-mtcp—dport9030-jACCEPT

-AINPUT-jREJECT—reject-withicmp-port-unreachable

COMMIT

#CompletedonSatJul514:15:042014

#Generatedbyiptables-savev1.4.14onSatJul514:15:042014

*nat

:PREROUTINGACCEPT[0:0]

:INPUTACCEPT[0:0]

:OUTPUTACCEPT[1:104]

:POSTROUTINGACCEPT[1:104]

-APREROUTING-ptcp-mtcp—dport443-jREDIRECT—to-ports9001

-APREROUTING-ptcp-mtcp—dport80-jREDIRECT—to-ports9030

COMMIT

#CompletedonSatJul514:15:042014

Bythisweoptimizeourtorserver’sworkandaccesstosshforremoteadministration.

It is left to prescribe loading of these rules. Usually I prescribe the start of iptables -restorein/etc/network/interfaces:

autolo

ifaceloinetloopback

pre-up/sbin/iptables-restore/etc/iptables.save.rules

OnYourserverthefileof/etc/network/interfacesisbeingrewritteneachtimeatre-starts,itisthereforepossibletodohardlydifferently.

For example, to put loading rules of iptables in /etc/rc.local. For this purpose in EOFbeforeexit0weputaline.

/sbin/iptables-restore/etc/iptables.save.rules

Inconclusionwerestarttorserver:

#servicetorrestart

Wecheckthatwedideverythingallright.Afterawhileafterrestartoffile/var/log/tor/loglinesmustappear:

Self-testing indicates your ORPort is reachable from the outside. Excellent. Publishingserverdescriptor.

Torhassuccessfullyopenedacircuit.Lookslikeclientfunctionalityisworking.

Self-testingindicatesyourDirPortisreachablefromtheoutside.Excellent.

Performingbandwidthself-test…done.

In hour or two, when information will revive in a database, it is possible to call onglobe.torproject.org/ and,writing nickname of the server in the line of search, tomakesurethatthenetworkofTorwasfilledupbyanotherpointofredistributionofdata.

Firstlythroughanewservertrafficwillnotgo.AcourseoflifeofTorRelayisathemeoftheseparatearticle.

UPD:AsindistributivesthelastversionofTordoesn’talwayslie,makessensetoconnectspecialrepositories.

So for Debian and Ubuntu it can be connected official repository oftorproject.org. For this purpose in /etc/apt/sources.list.d/we create the file oftorproject.listofnextcontain:

debhttp://deb.torproject.org/torproject.orgDISTRIBUTIONmain

Where instead of DISTRIBUTIONwewrite the version of your distribution(forexamplejessieorsaucy)Doit

#gpg—keyserverkeys.gnupg.net—recv886DDD89

#gpg—exportA3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89|apt-keyadd-

#apt-getupdate

#apt-getinstalltor

tor,vps,torrelay

8.AdjustmentandworkwiththeVidaliaPoliposhell

There are Internet providers who forbid the use of Tor. Repeaters are required to helplocked users with Tor to get an access. Since bridges are not registered in the publicdirectoriesascommonrepeatersthenprovidercannotcloseanaccesstoallbridges.Openaddressesofbridgescanbe foundherehttps://bridges.torproject.org.Oronecanwritealetter to bridges@torproject.org. Indicate subject “get bridges”. Inquiry should bemadeonlyoutofanaccountGmail.

YoushouldunderstandthattheveryfactofTorinstallationdoesnotanonymizecomputernetwork connections. Additional software components and adjustments are necessary.SoftwareprogramToronly controls cyphering anddetermines thepathof software suitpassthroughtherepeaternetwork.

1.Firstofallweneedvirtualproxyserverinstalledonauser’scomputer.Sometimesitiscalled“filteringproxy”.SuchproxyisanintermediatebetweenuserapplicationsforworkintheInternetandTornetwork.

Therearetwobasicversionsoffilteringproxyserver-PrivoxyandPolipo.

Several years ago development engineers of Tor system recommended using Privoxy.NowtheyincludeinallassembliesonlyPolipoputonlineattorproject.org.(?)

Itisquitedifficulttocomparethemaccordingtotheircharacteristics.Polipoisconsideredtiny–sizelessthan200K.Allitsadjustmentsarecontainedinthefilepolipo.conf.Icouldnotfinddetailedliteratureregardingitssettings.Perhapsitisnotnecessary.

Forworkwith theTor systemone should use polipo proxyversion not less than 1.0.4,becauseearlierversionsdonotsupporttheworkwithprotocolSOCKS,andasaresultarenotsuitablefortheTorsystem.

Privoxy—isafreeweb-proxywithenhancedcapabilitiesoffilteringInternetcontentforthe purposes of Internet users’ privacy protection. The last version is 3.0.17. (2011).HoweverPrivoxyisusedfrequentlyasanintermediatebetweenapplicationsandsoftwareprogram Tor. It should be remembered that Privoxy could be a totally independentsoftwareprogramprotectinginterestsofitsusersonthelevelofprotocolHTTP.

Whichproxyoutoftwoonewilluseonhis/hercomputerisamatterofaself-dependentdecision.Itisflatlynotrecommendedtousethemsimultaneouslysincebothproxyserversusetheport8118,andduringcombinedoperationproblemscanoccur.

Thesimplestadvice:forthosewhodonotwanttogothroughthehassle,itisbettertousePolipowhichisapartofallthelastassembliesonthewebsitetorproject.org.Thosewhowish to have more additional features for adjustments should download and set upPrivoxy,andthenduringinstallationofassemblyexcludePolipofrominstallation.

2.ForTorsystemloadingandworkmanagementthesoftwareprogramVidaliaisused.ItisfrequentlycalledgraphicalshellforTor.

InthesettingsofVidaliatherearemeanstolaunchTorandfilteringproxyduringlaunchof Vidalia, launch and stop Tor during operation, look through Tor network map andothers.Workwith theVidaliawill bediscussed furthermore elaborately.TorparametersettingswiththehelpoftheVidaliashell.

WhenlaunchingthesoftwareprogramVidaliaasignVidaliashouldappearintheformofonion.IntheoperatingsystemWindowsitappearsinthesystemtray(nearthewatch,seethepicture).IntheoperatingsystemUbuntuitappearsonthetaskbar.YoucanlaunchthewindowVidaliabyclickingaleftmousebuttononitssign.

1 2

OnthefirstpictureTorisswitchedoff,onthesecond–switchedon.

NowwhenyouhaveTorfilteringproxyserverandVidaliayoucanadjustapplicationsforworkwithTororastheysay“totariffapplications”.

InstallationofToronWindowsoperatingsystem–VidaliaBundlepack

UnlikeTorBrowseralltheotherassemblies(packs)carryouttheinstallationofTorandofadditionalcomponents.

Componentsworkquite the samewayas in theTorBrowser,but thereare someof thefiner points. For instance if the browserMozilla Firefox has not been set up then theTorButtonwillnotbesetupalso.ThatiswhyitisrecommendedtosetupFirefoxbeforetheinstallationoftheVidaliaBundle.

ThefollowingpicturesillustratetheVidaliaBundleinstallationprocessonWindows7>:

Choosetheloadfileandsafeit

Launchthesetupfile

Necessaryoptionsarealreadymarkedwithticks“bydefault”

If a user wishes to use other configuration, for example to use filtering proxy serverPrivoxy or other browser for anonymous operation, ticks have to be removed fromunnecessary components. At the same time the Privoxy and browser should be set upbeforehand.

Intheearlierversionstherecanbeanotheralternative:

AssemblingoftheVidaliaBundleforWindowscontainsTor,Vidalia,Polipo,andintheearlierversions–theTorbutton(thenumberofversionscanbeseenonthepictures).

If theFirefox is not set upon a computer then the software installationprogramwarnsaboutthat,advicestosetupitandrepeatinstallation.

All the standard configuration components are set up by default adjusted for jointoperation.

Further,choosetheloaddirectoryorleavethesuggested:

Viewofsetupwindows

ThesoftwareprogramTorissetupasaclient-sideprogrambydefault.Itusesabuilt-inconfigurationfile,andthemajorityofusersdonotneedtochangeanysettings.

TorparametersettingswiththehelpoftheVidaliashell

The software programVidalia works as a graphical shell for the Tor system. It workspracticallyonallplatformsincludingWindows,MacOS,LinuxandothersUnixsystems.

If the Tor Browser assembly is used, than the Vidalia is launched with file Start TorBrowser.exefromthecatalogue<TorBrowser>

If thepackVidaliaBundle isused–you launch the filevidalia.exe from thecatalogue:<installationcatalogueVidalia-bundle\Vidalia>

When launching a sign Vidalia should appear in the form of an onion. In the Ubuntuoperatingsystemitappearsonthetaskbar.IntheWindowsoperatingsystemitappearsinthesystemtray(nearthewatch).

Inordertolaunch“VidaliaControlPanel”youcanclickaleftmousebuttononitssign.

Vidaliasettingsareclearandcomprehensible.Thoughwebrieflyenumeratethem:

-TorLaunch/Stop(Start/StopTor)

-Serversettings(Sharing)establishanoperatingmode(client,serverorbridge)

-Networkoverview(NetworkMap)

ShowingTornetworkmap:

DuringTornormaloperation,circuitsinuseshouldbelistedinthelowercentralwindow.Atthesametimeintheneighboringwindowtotherighttheserversofachosencircuitandtheircharacteristics shouldbe listed. In theupperwindow theirgeographical location ispresented.

Withthehelpofthenetworkmapyoucanchooseserversaccordingtotheirbelongingor

speed.

-Changetheidentity(NewIdentity).ItchangesTorcircuitandasaresult–outputIP-address.

Afterthesuccessfulchangeintrayamessagewillappear

-Trafficschedule

ShowsinputandoutputtrafficandTordatarate:

-MessageLog.ItallowsviewingToroperationlogs:

-Settings.Itopensthewindow“Settings”:

-Flap“General”allowssettingupTorcomponentslaunchprocedures

- Flap “Network” allows writing out-proxy server (“I use proxy for an access to theInternet”)or/andbridge(“MyproviderblocksupanaccesstotheTornetwork”)(readintheInternet–Torblockingandhowtocopewithit.

-Flap“Advanced”allowssettingup(checking)parametersofTCPconnection(127.0.0.1port 9051) aswell as determining (controlling) locationof a torrc settings file anddatacatalog.Moreover,fromhereyoucanedittorrcconfigurationfile.

-Flap“Appearance”allowschangingviewsettingsaccordingtoYoursystem

-Flap“Services”allowsaddingaddressesandportsofcomputersintheVidalianetwork.

-Flap“Help”callstheVidaliaHelpDesk.

Asyoucanseefromtheaforesaidwith thehelpof theVidaliashellyoucansetupandcontrolquitealotofTorsystemparameters.

TordelicateadjustmentAsa rulestandardsettings,whichare fulfilled in theVidaliashell,arequiteenoughforfullvalueanonymousoperationintheInternet.HoweverinsomecasesyoumayrequireadditionalchangesofTorparameters.

Such changes are carried out by editing Tor configuration file and are called delicateadjustment.

FilteringproxyPolipoconfigurationfile

Herethesimplestvariantofpolipo.confconfigurationfileislisted(onlynotcommented-outinstructions).

###Basicconfiguration

proxyaddress=“127.0.0.1”

proxyport=8118

allowedclients=127.0.0.1

allowedports=1-65535

proxyName=“localhost”

cacheIsShared=false

socksParentProxy=“localhost:9050”

socksProxyType=socks5

chunkHighMark=33554432

diskCacheRoot=””

disableLocalInterface=true

disableConfiguration=true

dnsUseGethostbyname=yes

disableVia=true

censoredHeaders=from,accept-language,x-pad,link

censorReferer=maybe

maxConnectionAge=5m

maxConnectionRequests=120

serverMaxSlots=8

serverSlots=2

tunnelAllowedPorts=1-65535

Configurationfile–isacommontextfile.Itbearsthenameoftorrc(withnoextension)andislocatedin:

-whenusingTorBrowserassembly–incatalog..\<CatalogTorBrowser>\Data\Tor

-ininstallationpacks-<DocumentsandSettings\<user>\ApplicationData\Vidalia

-inUbuntuLinuxoperatingsystem–incatalog/etc/tor

SoftwareprogramTorduring loading(reloading) firstofall readsconfigurationfileandsetsupoperationalcharacteristicsinaccordancewithvaluesofinstructionsintorrcfile.

Torrcfileeditingcanbecarriedoutinanelementarytexteditor:Notepad,AkePadetc.Itisdesirablethatbeforeeditingyousafeoriginaltorrcfileinthesamefolder.Forexampleyouaddtoanametheextension*.bak,*.001etc.

ForchangestotakeeffectyouneedtoreloadallTorsystemsoftware!

1.FixationofoutputorinputTornetworknode

Intercourse with Tor users shows such a nuance – by far not everyone likes constantchangeoftheirIPaddress.

ItwillberecalledthatoutputserversinTorconstantlychangeinarandommanner.Forauser it means that his/her IP is unstable. In respect to attended resource a user at anymomentcanturnfromanAmericanoraFrenchmanintolet’ssayJapanese,Hinduoranyotherperson.

Suchmethodofapproachessentiallyincreasesthelevelofanonymitybutincertaincasesisunacceptable(forinstanceduringworkwithwebsitesfixinguser’ssession).

InTorthereisapossibilitytodirectlyindicatewhichservershouldbeoutput.InsuchcaseIPwill be constant. Tor creators do not recommend acting thisway because it reducesanonymity.Hereausermustdecideforhim/herwhatismoreessentialbutIwilltellyouhowtogetridofaconstantIPchange.

YouwillhavetoeditTorconfigurationfile,itiscalled“torrc”andyoucangettoiteitherthrough “Start” -> “Programs” -> “VidaliaBundle” -> “Tor”, -> “torrc”, or find in thefolder\DocumentsandSettings\user\ApplicationData\Vidaliaorrc.Torrc–commontextfile,itisopenedbythenotepad.

Forthatintorrcwritetwolines:

ExitNodes<nodename>

StrictExitNodes1

Where:

VariableExitNodes–indicatestouseacertainserverasoutputnode

StrictExitNodes1–isanindicationthatincaseofunavailabilityofachosenserveryoudonotattempttobelinkedtootherserverbuttakeoutamistake.

Itisallowedtowriteseveralnodesseparatedbycommasor,forexample,byindicatingExitNodes{de}–thenwewillgetonlyGermanserversasoutputservers(“turninto”aGerman!).

Youcanfindnecessaryserverat:http://torstatus.kgprog.com/orhttps://torstat.xenobite.eu/

These are the lists of Tor network servers, you can select the required according tocountry,speed,traffic.Specialattentionmustbedrawntoanabilityofaservertoworkasoutput.

Itisclearthatservers,whicharenotoutputservers,willnotworkinthiscapacity.

Chooseaserverandwriteitsname(RouterName,Nickname),forinstance:

ExitNodes1000rpmLinux

StrictExitNodes1

Safechangesinconfigurationfileandthat’sall,nowIPisstatic.Itisallowedaswelltowrite several nicknames separated by commas (nickname1, nickname2, nickname3), inthiscaseoutputserverswilldynamicallychangebutbechosenfrompermitted.

Itisclearthatnetworkefficiencyinthiscasedependsonavailabilityofanoutputserver,andincaseTorstopsconnectingwithwebsites, inthefirstplaceyoushouldcheckifanoutputserverhavegonewhack.

Similarlyinputnodeisfixed:

EntryNodes<nodename>

StrictEntryNodes1

Thereisanotherhelpfulsettingofthatkind–TrackHostExitsfixesoutputnode(host)forgiven domainswhat enables to safe a session for those serverswhich check IP clients.Syntaxofrecordisthefollowing:

TrackHostExitshost,.domain,…

2.Exclusionofsuspiciousnodes

Toexcludedoubtfulnodes(forexample–Russian,Ukrainian,Turkish)youhavetoaddtotorrctheline: ExcludeNodes{ru},{ua},{tr}

Oryoucanindicateacertainlistofnames.

NowifinquisitiveguyswithgreyeyesinthosecountrieshituponanideatomakeafalseTor-serverandattempttotapoutputdatathenwecannotaccesssuchserverinanyway.

Thereisahelpfulfeatureoftorrcfile.Thisiscommentary.Tordoesnotcarryoutalineintorrcfileifalinebeginswiththesign“#”.Duetocommentariesyoucansafestoragesintorrcfileandifnecessaryquicklyswitchthemonbyremoving“#”.

3.Writingaproxy-serverinTor

AddthefollowinglinesattheendofTorconfigurationfilechanging<proxyaddress>and<portnumber>(aswellas<login>and<password>,iftheyare)intoparticularvaluesoflinkedhttporhttpsproxy-server.

#ForceTortomakeallHTTPdirectoryrequeststhroughthishost:port(or

#host:80ifportisnotset).

HttpProxy<proxyaddress>:<portnumber>

#Ausername:passwordpairtobeusedwithHTTPProxy.

HttpProxyAuthenticator<login>:<password>

#ForceTortomakeallTLS(SSL)connectionsthroughthishost:port(or

#host:80ifportisnotset).

HttpsProxy<proxyaddress>:<portnumber>

#Ausername:passwordpairtobeusedwithHTTPSProxy.

HttpsProxyAuthenticator<login>:<password>

AftercorrectingandsavingtorrcfileyouneedtorestartTor.

To check settings you can use Vidalia graphical shell or Tor-analyzer (go tohttp://check.torproject.org).

ThelistofseveralTorinstructions(settings)

EntryNodesnickname,nickname,…

It isa listofserverspreferableforuseas“input”todetermineTCP/IP-connectionswithTorroutersnodalcircuit,ifitispossible.

ExitNodesnickname,nickname,…

It isa listof servers,whichpreferably take the roleofclosing link inTor routersnodalcircuit,ifitispossible.

ExcludeNodesnickname,nickname,…

Itisalistofnodes,whichshouldnotbeusedwhenmakingupnodalcircuitatall.

StrictExitNodes0|1If it is setup in1,Torwillnotuseanykindofnodesexcept thosewhichare in the listofoutputnodesasmediatorssettingupconnectionwith targethostandwhichareapeculiarclosinglinkinnodescircuit.

StrictEntryNodes0|1

Ifthevalue1isassignedtothisparameterthenTorwillnotuseanykindofnodesexceptthose,whicharepresentinthelistofinputnodesforTornetworkconnection.

FascistFirewall0|1

If the value 1 is assigned to this parameter thenTorwhen setting up a connectionwillexclusivelyrefertoOnionRouterswhichhavestrictlydefiniteportnumbers(withwhichyourfirewallenablestoestablishconnection)opentocarryoutconnection(bydefault:80-th(http),443-rd(https),seeFirewallPorts).ThiswillallowTor,launchedonyoursystem,towork as client for firewall having strict limiting policy.Opposite statement iswrongbecauseinthiscaseTorcannotfulfillthedutiesofaserverclosedbysuchfirewall.

FirewallPortsPORTS

Thelistofportstowhichyourfirewallallowsconnecting.ItisusedonlyunderadjustedparametervalueFascistFirewall.(bydefault:80,443)(Default:80,443)

LongLivedPortsPORTS

Thelistofportsforservices,whichtendtoestablishunusuallylongconnections(amongthese are mainly chats as well as interactive shells). Nodal circuits out of Tor routers,which use these ports, will contain only nodeswithmost high uptime (typical time ofpresence in network) with the purpose of decreasing the probability of nodal serverdisconnection fromTor network before closing of flow (by default: 21, 22, 706, 1863,5050,5190,5222,5223,6667,8300,8888).

MapAddressaddress:new_address

Whenarequestfor indicatedaddresscomestoTor,onionrouterchangesaddressbeforetakinguprequestprocessing.Forexample,ifyouwantTornodescircuittobeusedduringconnection towww.indymedia.orgwith output through torserver (where torserver – is apseudonym of server), use “MapAddress www.indymedia.orgwww.indymedia.org.torserver.exit”.

NewCircuitPeriodNUMBER

EveryNUMBERofsecondstoanalyzetheconnectionstatusandtakeadecisionifanewnodalcircuitformationneedstobeinitiated(bydefault:30seconds).

MaxCircuitDirtinessNUMBER

Topermitarepeateduseofcircuit,forthefirsttimecollectedinacertaincompositionofitslinks–thebiggest–NUMBERofsecondsago,butneverjoinanewflowtoacircuitwhichservedthissessionduringquitealongtime(bydefault:10minutes).

NodeFamilypseudonym,pseudonym,…

DenominatedTorservers(inapredictablemanner,toincreaseadegreeoftransparencyofTornetworkhierarchy)uniteina“family”onthebasisofgeneralorjointadministration,soyou shouldavoidusingany2of thesenodes“relatedby family ties” inoneand thesamechainofanonymousTorrouters.SpecialtaskofoptionNodeFamilycanbeneededonlythen,whenaserverwiththispseudonymdoesnotreporttowhich“family”itreckonsitself,thatshouldbeproclaimedbymeansofindicatingtheparameterMyFamilyintorrcfileonthesideofORserver.Multipleindicationsofthisoptionareallowed.

RendNodespseudonym,pseudonym,…

Thelistofnodesthatshouldbeusedasrendezvouspoints(meeting)asfaraspossible.

RendExcludeNodespseudonym,pseudonym,…

The list of nodes that in no circumstances should be used when choosing rendezvouspoints(meetingpoints).

SOCKSPortPORT

TonotifyTorthatconnections,whichareinstalledbyapplicationsusingSOCKS-protocol,must be bugged in this port. Zero-fill this parameter if you do not need applicationsestablishing connections according to SOCKS-protocol by means of Tor. (Value bydefault:9050).

SOCKSBindAddressIP[:PORT]

Toestablishlinkagetothisaddressforhearingrequestsforconnectionfromapplicationsinteracting according to SOCKS-protocol (by default: 127.0.0.1). You may as wellindicate port (for instance, 192.168.0.1:9100), which, it is clear, should be “open” bymeans of corresponding firewall setting on a machine for a specified purpose.Determination of this option can be repeated many times to carry out simultaneous(“parallel”)linkagetoahostofdifferentaddresses/ports.

SOCKSPolicypolicy,policy,…

It assigns policies of entering a given serverwith the purpose of limiting the circle ofclients’machines,whicharepermitted toconnect theSOCKSport.Descriptionof thesepoliciesisintroducedmuchashowitisdoneforoutputpolicies(seebelow).

TrackHostExitshost,.domain,…

Foreachofvalues in the listseparatedbycommasTorwill tracerecentconnectionsforhosts corresponding to this value and will attempt to use one and the same output(locking)nodeforeachofthem.Ifanordinarylistitemisanticipatedbythesymbol“.”,then itsmeaningwill be treated as a corresponding to domain in general. If one of listitems consists of only one “point” then it displays its “universal” correspondence to allpathnames.Thisoptioncanturnout tobeuseful ifYoufrequentlyestablishconnectionwiththeserverswhichcancelallrecordsofYourfinishedauthentication(i.e.forceYoutoleave and register again) during carrying out an attempt of TCP/IP-connection addressmodificationestablishedwithoneof such serversonYournew IP-address after itsnextchange. Draw Your close attention that use of this option is disadvantageous for You,becauseitallowsservertodirectlyassociateconnectionhistory,requestedbyadefiniteIP,withYouruseraccount.Thoughbasically if anyoneneeds to collect all the informationaboutYourstayinserver,thosewhowishinanycasecandothatbymeansofcookiesorothermeansspecificforexchangeprotocolbeingused.

TrackHostExitsExpireNUMBER

Sinceservers,beingoutputlinksofnodalcircuit,areentitledtostartworkandenditatitsown discretion i.e. one way or another – arbitrarily, randomly, it is desirable, thatassociationbetweenhostandoutputnodeautomatically loses itspowerontheexpiryofsomeNUMBERofsecondsoftotalnetworkactivityabsenceonthepartofaserver.Bydefault–1800seconds(30minutes).

ThusTorcanbequiteeasilyconfiguredaccordingtocurrenttasks.

ExistentsetofTor instructions issufficientlybig.Considerationof themallexceeds thelimitsofthepresentreview.Hereonlyseveralmosttypicalvariantsofeditingandmerelyapartofinstructionsarepresented.Thefulllistandsyntaxofinstructions(inEnglish)youcanfindonTordevelopmentengineers’website.

Visithttps://www.torproject.org/tor-manual.html.en

9.TheusageonSmartphone

Ifyouareinacountrythatblockwebsites,forexample,China,maybe,youareevennotabletogetaccesstothecertainwebsites.Torallowsanonymouslylookingthroughawebandgoingroundcensorshiponadesktop.OrbotgivesTorforAndroid,soyouwillbeabletodothesameusingsmartphone.

IfyouareconnectedtothecellularcommunicationofdatatransmissionorWi-Fi-Orbotworksalso.LikethepackageofTorBrowserBundleforthepersonalCOMPUTER,itisconnectedtothenetworkofTorandallowsanonymouslylookingthroughwebpages.

Ifyouareadissidentinsuchcountry,asIran,itmeansthatagovernmentcannotfindyou,after placing of critical information in the Internet. Anonymity also allows avoidingcensorshipintheInternetandgettingaccesstothewebsites,thatespeciallyusefulinsuchcountriesasChina,wherethereissuchcensorship.IfyouareintheUSAorsomewhereintheworld,itmeansthatyourvisitsoftheInternetwillnotberelatedtoyouandkeptinthearraysofdatabasesduetoPRISMorsimilarprograms.

InthepastthisfunctionalitywaslimitedbypeoplethatusedToronthecomputers.NowyoucanbeconnectedtoToronAndroidthatallowsusingToronamobiletelephone.Inaddition topreventionof interceptyou theprovider,operatorandgovernment, thereareotheradvantagesthatisgivenbyToratmobileaccess.Forexample,youcanuseTwitteronAndroidviaTor.

SomeauthoritariangovernmentsblockedaccesstoTwitter,thatatdemocraticprotestsyouwerenotable toobtain information,butTwitteronAndroidcanbesetupon theuseofTor.ThenTwitterwillremainaccessible,evenifagovernmentblockedaccesstohim.

ConnectingtoTorthroughOrbot

Orbotisthemostessentialpartofpuzzle.ThisapplicationofAndroidisconnectedtoTorand creates local proxy that other programs can use on Your smartphone, gettingpermissiontobeconnectedthroughTor.

To tune Orbot is easy, simply set the program, open it and pass through configurationmaster.

Ifyouhaveaccesswithadministrative rightson theSmartphone,Orbot can functionastransparentproxies.Inotherwords,itcanautomaticallymakeallnetworktraffictopassthroughTor. Ifyouwilldo this route, thenkeep inmind that someprogramscan showyourrealIP-address.Inordertolookthroughanonymously,youmustuseabrowserthatiscreatedtohideIP-address.Ifyoudon’thavesuchrights-it iswell,becauseyoucanuseOrbotwithOrwebandotherprograms.

Press long on the icon of Orbot and Orbot will connect to the Tor network. An iconilluminatesgreenduringconnectingtoTor.

AnonymousbrowsingviaOrweb

SinceOrbotissetandstart,youcanusethebrowserofOrwebforanincognito.OrwebiswelladjustedforworkwithOrbotandTor.Forexample,Orwebdoesnotkeephistoryof thevisitedpagesorother informationaboutweb-sites thatyou have visited.Orweb also disconnects JavaScript and flash by default, aswellasTorBrowserBundleonadesktop.JavaScriptandflashintheorycanbeusedbyaweb-sitefordeterminationoftherealIP-addressofyoursmartphone.

ForthestartofOrwebfromwithinOrbotsimplypressontheiconofglobeinoverheadpartofscreenofOrbot.OrwebwillbeopenedandwillshowareportthatheisconnectedtoTor,ifallworkscorrectly.NowyoucanusethebrowserofOrwebforanincognito.

OtherprogramsthatworkwithOrbot

Orbotalsocanbeusedasproxy-serverforotherapplications.Anyapplicationthat supportsproxies in theorycanpass the traffic through theproxiesofTorOrbot. Nevertheless, Orbot contains the list of other programs that can beadjusted on work with him. For example, you can use for the reliablecommunication Gibberbot, for a search through Tor is application ofDuckDuckGo, to look through the Internet with Firefox for Android and byapplicationofProxyMobile,ortosettheproxiesofTwitteron“localhost”andport8118.

If you have access with administrative rights and you adjusted transparentproxies, then other applications must work with Orbot in theory, but moresafely,ifyouusetheprogramsspeciallytestedforcorrectworkwithTor.

KeepinmindthatviewingisconsiderablyslowerwhenyouuseTor,asusual,becausetheprocessofroutingaddsoverheadcosts.However,ifyouneedanonymouslytolookoveraweborgoroundcensorship,thenthisdeclineofspeedwillbeasmallpay.

10.HowtocheckToroperation?

InordertocheckhowTorensuresanonymityyouneedtogotooneofthewebsites,whichcandetermineandhighlightIP-addressandseveralotherdataaboutauser.Thelistisputbelow.

Inorder toknowyourrealIP-address–youcanenteroneof thesewebsitesexceptTor.(For example checkip.com or Tor website test page - https://check.torproject.org etc.)RememberyourIP-addressandstartchecking.

SwitchonTorandenterafewtestwebsitesoneafteranother.

In order to avoid amistake IP check always should be carried out on resources,whichreliably consider different nuances.That is to say, if anonymitywere important, then itwouldnotbesuperfluoustobeverifiedinseveralplacesnotrelyingupononeservice.

Belowarelistedlinkstothemostreliableandinformativeresources:

- The following website contains a set of various proxy server tests for anonymityincludingJava-checkhttp://www.stilllistener.addr.com/checkpoint1/index.shtml

-ThefollowingwebsitedisplaysIP-addressand(henceIP)acountryofresidence,aswellasinformationaboutaprovider:http://www.anonymize.net/current-ID.phtml

-http://smart-ip.net/-youcanlearnHTTPandSOCKSProxyaddresses

-http://ip-whois.net/,-http://clientn.free-hideip.com/map/whatismyip.php

http://smart-ip.net/tools/geoip,http :// checkip.com,http://torcheck.xenobite.eu/

If none of the test websites do not highlight a real IP-address then Tor ensured youranonymity!

Thank you very much both for downloading this eBook and for reading it from thebeginningtotheend.

Ifyouenjoyedthisbookorfoundituseful

I ‛ dbeverygratefulifyou ‛ dpostashortreviewonAmazon

Yourpost reallydoesmakeadifferenceand Icangetyour feedback&make thisbookevenbetter.