Tor

Tor (short for “The Onion Router”) is a tunneling service which was developed by the US Navy in the mid 1990s, and released to the public in 2004. It’s main goal was to add encryption and anonymity to naval communication. In 2006 The Tor Project was founded and began maintaining the Tor network. Today there are over 7000 volunteers who maintain the network, and it can be used on all major operating systems.

Tor is most often used to anonymously browse the web, somewhat similarly to a proxy or VPN. However, Tor also provides the ability to anonymously run your own private website on the .onion TLD, which only people who use a Tor-enabled browser can reach. You don’t even have to pay for a domain name. If you wanted to set up your own privately hosted website that is not on the clearnet, you would use Tor and a web server like Apache, nginx or even Python.

Tor Browser is a Mozilla-based browser that is able to navigate both the dark web and the clearnet. For instance if you were to put a .onion address into Chrome, MS Edge or Firefox, you would get a 404 error returned back as none of those browsers can navigate the dark web without addons.

Tor Browser works by establishing randomized links to entry, middle and exit nodes for the clearnet. When you first open Tor it will randomly connect to these. You can always reconnect and grab new nodes.

First open your regular browser window and go to DNS Leak Test. The info you are presented with is the what your ISP (or preferably VPN) has passed on to them. Open that same link in Tor Browser, and you will see that it will give you different information. Run the standard tests for both and see the different results.

When you visit DNS Leak Test with Tor, all of your information is encrypted and sent to the entry node. The Entry node only sees the IP address that you are connecting from. The rest of the information that you send along with that remains encrypted.

It then forwards the data onto a middle node which only acts a relay between nodes. It doesn’t know the final destination nor does it know where the data came from. It only knows the entry node and the exit node. This is vital for making sure you stay anonymous. The Middle node or relay, only moves your encrypted data back and forth between entry and exit nodes.

When the exit node gets your data from the middle relay, it decrypts the URL that you are wanting to go to and forwards just that information onto a DNS server which sends back the webpage you are looking for. This then enters the exit node, is encrypted and sent through the middle relay, which in turn moves the data back to the entry node and then to you.

This lesson will briefly cover the aspects of using Tor and Python 3 to host your own site.

In your terminal, create a folder called my_tor and use cd to enter it:

mkdir my_tor
cd my_tor

Because I am using Python 3 as my web server, now is the time I will launch it:

python3 -m  http.server –bind 127.0.0.1 8080

Now open open a new terminal in the same folder.

The first thing we need to do is create an index file for our onion website. In this lesson we will use nano, but you can use any text editor that you like.

nano index.html

Once that is open type the following:

<html><body>A Best Point demo page.<body><html>

Now save and close your file.

It’s time to test. Open your browser and visit localhost:8080. You should see your website up and going. If it’s not you need to go back and troubleshoot your webserver.

Next we need to configure Tor. Change directories to /etc/tor and use ls to view the contents:

cd /etc/tor
ls

You will see a file called torrc. We want to edit that file.

nano torrc

Once the file is open you need to scroll down to the section that says “This section is just for location-hidden services.“ Uncomment the lines for hiddenservicedir and hiddenserviceport. Change the port address from 80 to 8080 save and close.

Next, start Tor with the following command:

sudo tor

Open another terminal and become super user, navigate to the hidden_service directory, and view its contents:

sudo su
cd /var/lib/tor/hidden_service
ls

You will see a file there called hostname. That file has your site address. Use cat (or any text editor) to retrieve it:

cat hostname

You will get an output like this: longstringofrandomnumbersandlettersdsfargeg.onion

Open your favorite Tor browser and paste that address in and you will see your own website. You now have a working website that is on the dark web. Type exit into your terminal to close out of your root session.

It is very important to know that this is not the most secure way of moving data. While highly anonymous, you can still be tracked by users running their own entry and exit nodes. It is very important to note that Google, Amazon, most major ISPs, various US federal & law enforcement agencies, and many other governments as well, all run a sizable amount of the entry and exit nodes on Tor. For more information, see this visualization map at Hacker Target.

Since entry nodes know your IP and exit nodes know where you’re going, your movements can be tracked if you get an entry and exit node run by someone harvesting data. This means it is a very good idea to layer Tor with a regular VPN. You should also know that Tor is illegal in some countries, so you should research this ahead of time to know what you're getting into.