# TOR and Explorer



## adripillo (Oct 31, 2013)

Hello, some of my friends are using Windows with TOR to enter on pages like YouTube, etc. I can see TOR in ports so my question is: can I do the same? Is it the same TOR as Windows uses or is this TOR is for another thing? If it is the same TOR, how to configure it? Thanks in advance.


----------



## cpm@ (Oct 31, 2013)

Sure, take a look here.


----------



## adripillo (Oct 31, 2013)

cpm said:
			
		

> Sure, take a look here.



Ok, I am behind a Squid proxy so I have some questions: TOR needs to be configured? And here on Polipo:


```
proxyAddress = "127.0.0.1" 
proxyPort = 8118
allowedClients = 127.0.0.1
allowedPorts = 1-65535
proxyName = "localhost"
cacheIsShared = false
socksParentProxy = "localhost:9050"
socksProxyType = socks4a
chunkHighMark = 819200
objectHighMark = 128
diskCacheRoot = ""
disableLocalInterface = true
disableConfiguration = true
localDocumentRoot = ""
dnsUseGethostbyname = yes
disableVia=falsecensoredHeaders = from, accept-language, x-pad, link
censorReferer = maybe
daemonise = true
logSyslog = true
maxConnectionAge = 5m
maxConnectionRequests = 120
serverMaxSlots = 8
serverSlots = 2
tunnelAllowedPorts = 1-65535
```

The first two lines are for the Squid IP and port?


----------



## cpm@ (Oct 31, 2013)

Regarding your question, read the polipo manual to know all the variables that you can tweak to configure properly www/polipo web proxy. About proxyAddress and proxyPort variables are well explained as all others in the aforementioned manual: http://www.pps.univ-paris-diderot.fr/~jch/software/polipo/manual/Client-connections.html#index-proxyAddress-62.

Note that www/squid is other HTTP proxy.


----------



## ronaldlees (Nov 2, 2013)

adripillo said:
			
		

> Hello, some of my friends are using Windows with TOR to enter on pages like YouTube, etc. I can see TOR in ports so my question is: can I do the same? Is it the same TOR as Windows uses or is this TOR is for another thing? If it is the same TOR, how to configure it? Thanks in advance.



Wikileaks.


----------



## Beeblebrox (Nov 3, 2013)

One thing that is usually overlooked wile using TOR, is something called DNS-leaks. This occurs when you have a browser with a TOR enable/disable button (for example foxyproxy in firefox). Such enable-by-click buttons change the proxy settings for the browser, thus piping the traffic either directly (no proxy), or through the defined proxy-chain that includes TOR.

The problem with such enable/disable schemes, is that depending on the situation, the DNS look-up traffic can be temporarily or for the entire session be passed as normal traffic and NOT through the TOR/socks layer. Such a situation renders TOR ineffective, because while the traffic is encrypted and hidden, the IP's of clients who have looked-up the IP for the "forbidden website" are now on record.

The solution is to NOT use such enable/disable buttons, plain and simple. In fact, the windows package now comes with its own browser with dedicated proxy settings. The thing to do (or my personal solution) on open source systems is to dedicate a separate browser with PERMANENT proxy settings for TOR/socks & www/privoxy (I prefer it to polipo), and to use that for anonymous browsing. Use other browsers for normal activities. So, for example, setup www/midori (now comes with script-blocker add-on) for TOR/socks and use your favorite browser for the other times.


----------



## adripillo (Nov 4, 2013)

Beeblebrox said:
			
		

> One thing that is usually overlooked wile using TOR, is something called DNS-leaks. This occurs when you have a browser with a TOR enable/disable button (for example foxyproxy in firefox). Such enable-by-click buttons change the proxy settings for the browser, thus piping the traffic either directly (no proxy), or through the defined proxy-chain that includes TOR.
> 
> The problem with such enable/disable schemes, is that depending on the situation, the DNS look-up traffic can be temporarily or for the entire session be passed as normal traffic and NOT through the TOR/socks layer. Such a situation renders TOR ineffective, because while the traffic is encrypted and hidden, the IP's of clients who have looked-up the IP for the "forbidden website" are now on record.
> 
> The solution is to NOT use such enable/disable buttons, plain and simple. In fact, the windows package now comes with its own browser with dedicated proxy settings. The thing to do (or my personal solution) on open source systems is to dedicate a separate browser with PERMANENT proxy settings for TOR/socks & www/privoxy (I prefer it to polipo), and to use that for anonymous browsing. Use other browsers for normal activities. So, for example, setup www/midori (now comes with script-blocker add-on) for TOR/socks and use your favorite browser for the other times.



Do you know or have some guide that shows me how to set up www/midori for TOR?


----------



## Beeblebrox (Nov 4, 2013)

1) Install it: `# make install -C /usr/ports/www/midori`
2) Open Midori, preferences -> network -> proxy_server -> HTTP_proxy. Leave Port as 8080. OK
3) Configure your privoxy or polipo http proxy to listen on port 8080 (the default) and also to forward traffic to socks5 (or socks4*) proxy listening on 9050 it was I believe.
4) Start both proxies (privoxy+TOR or polipo+TOR), and test whether you are using the TOR onion.

The setup for Midori is easy. Seting up privoxy or polipo is much more complicated and will require for you to read through the documentation in some detail.


----------



## adripillo (Nov 4, 2013)

Beeblebrox said:
			
		

> 1) Install it: `# make install -C /usr/ports/www/midori`
> 2) Open Midori, preferences -> network -> proxy_server -> HTTP_proxy. Leave Port as 8080. OK
> 3) Configure your privoxy or polipo http proxy to listen on port 8080 (the default) and also to forward traffic to socks5 (or socks4*) proxy listening on 9050 it was I believe.
> 4) Start both proxies (privoxy+TOR or polipo+TOR), and test whether you are using the TOR onion.
> ...



You're right, that*'*s the problem. I need to "tell" privoxy that I am using Internet under a Squid proxy. I wonder if this configuration could work for privoxy in /etc/privoxy/config:


```
listen-address "SQUID IP":3128
forward-socks4a / 127.0.0.1:9050
```

NOTE: I do not have access to Squid, it is running on another computer, not mine.


----------

