Tor

Tor (short for “The Onion Router”) was developed by the US Navy in the mid 1990s, and released to the public in 2004. It’s main goal was to add encryption and anonymity to naval communication. In 2006 The Tor Project was founded and began maintaining the Tor network. Today there are over 7000 volunteers who maintain the network. In this article we will cover 2 lessons in onion routing:

1. How to setup your own Linux computer to host your own (dot)onion website. 2. How to use Tor to connect to world wide web.

Then at the end of this paper we will look at the security risks of using tor.

First and foremost tor is a service. It can be installed and ran on: Linux, UNIX, apple OS, and even Windows. It provides the ability to anonymously run your own private website with an onion address that only people who use a tor browser can reach. You don’t even have to pay for a domain name. If you wanted to set up your own privately hosted website that is not on the clear net, you would use tor and your favorite web server like Apache, nginx or even python 3.

This lesson will briefly cover the aspects of using tor and python3 to host your own site.

Open a terminal and once open create a folder where you will work.

mkdir my_tor

Now change directories into that folder.

cd my_tor

Because I am using python3 as my web server, now is the time I will launch it.

python3 -m http.server –bind 127.0.0.1 8080

Now open open a new terminal in the same folder.

The first thing we need to do is create an index file for our onion website. This paper will use nano but you can use any cmd line text editor that you like

nano index.html

Once that is open type the following:

<html><body>Bestpoint Institute<body><html>

Now save and close your file.

It’s time to test. Open your browser and type in localhost:8080 You should see your website up and going. If it’s not you need to go back and troubleshoot your webserver. Next we need to configure Tor. Change directories to /etc/tor

cd /etc/tor

now

ls

You will see a file called torrc. Open it with your favorite editor

nano torrc

Once the file is open you need to scroll down to the section that says “This section is just for location-hidden services”

Uncomment the lines for hiddenservicedir and hiddenserviceport. Change the port address from 80 to 8080 save and close.

Next start tor with the following command.

sudo tor

Open another terminal and become super user.

Sudo su

now navigate to cd /var/lib/tor/hidden_service

and type

ls

you will see a file there called hostname.

You can either use your favorite editor to open it and see your hostname or you can cat the file.

Cat hostname

you will get an output like this s2zybriihvvjq4g55ckgfpdjwh2or3gg7dfosdz3sd4hrt5hvd5g2eqd.onion

Open your favorite tor browser and paste that address in and you will see your own website.

You now have a working website that is on the dark web.

type exit in the terminal and exit from being root

Lesson 2

TOR Browser or The Onion Router browser is a Mozilla based browser that is able to navigate both the dark web and the clear-net. For instance if you were to put the address (s2zybriihvvjq4g55ckgfpdjwh2or3gg7dfosdz3sd4hrt5hvd5g2eqd.onion) for our Tor website into Google Chrome, MS Edge or Firefox, you would get a 404 error returned back as none of those browsers can navigate the dark web with out addons.

TOR Browser works by establishing randomized links to entry, middle and exit nodes for the clear-net. When you first open TOR it will randomly connect to these. You can always reconnect and grab new nodes..

First open your regular browser window and go to https://dnsleaktest.com/. The info you are presented with in the information that your isp or preferably vpn has passed on to them. In your TOR Browser open the link and see that it will give you different information. Run the standard tests for both and see the different results.

So what is going on here?

When you put in your domain name www.dnsleaktest.com into TOR all of your information is encrypted and sent to the entry node.

The Entry node only sees the ip that you are coming from. The rest of the information that you send along with that remains encrypted. It then forwards the data onto a middle node which only acts a relay between nodes. It doesn’t know the final destination nor does it know where the data came from. It only knows the entry node and the exit node. This is vital for making sure you stay anonymous. The Middle node or relay, only moves your encrypted data back and forth between entry and exit nodes. When the exit node gets your data from the middle relay, it decrypts the URL that you are wanting to go to and forwards just that information onto a dns server which sends back the webpage you are looking for. This then enters the exit node, is encrypted and sent to the middle relay which moves the data to the entry node and then back to you.

Finally

It is very important to know that this is not the most secure way of moving data. While highly anonymous you can be tracked by users running their own entry and exit nodes. It is very important to note that Google… Amazon and most major ISPs all run exit nodes (https://hackertarget.com/tor-exit-node-visualization/). So do most governments including the USA. They also run Entry nodes. Since entry nodes know your ip and exit nodes know where you’re going on the clear-net, if you get an entry and exit node ran by someone harvesting data, your movements can then be tracked. Also TOR is illegal in some countries so make sure it’s leagal to use in your area.