Installing Tor

In my last post I mentioned that by default Nepenthes is configured to use Tor to carry IRC traffic. This post documents what I did to get Tor running on FreeBSD 6.0 STABLE.

I installed Tor using the security/tor-devel page. Remember to set the environment variable to use the newest package.

janney:/root# pkg_add -vr tor-devel

Next I added the following to /etc/rc.conf so I could use the /usr/local/etc/rc.d/tor.sh script.

tor_enable="YES"

Next I edited /usr/local/etc/rc.d/tor.sh, because I had an issue with the %%PREFIX%% specification.

janney:/usr/local/etc/rc.d# diff tor.sh.orig tor.sh
26c26
< TORCTL=%%PREFIX%%/bin/torctl
---
> TORCTL=/usr/local/bin/torctl

I used the default config file.

janney:/root# cp /usr/local/etc/tor/torrc.sample /usr/local/etc/tor/torrc

I needed to create this tor data directory.

janney:/root# mkdir -p /var/db/tor/data
janney:/root# chown -R _tor:_tor /var/db/tor/data

I also needed to create this log file owned by user _tor.

janney:/root# touch /var/log/tor
janney:/root# chown _tor:_tor /var/log/tor

I debated running Tor directory lookups through my Squid proxy. If I want to do that, I add the following TORARGS section:

TORARGS="$TORARGS --HttpProxy 192.168.2.15:3128 --HttpsProxy 192.168.2.15:3128"

Tor doesn't run as a server by default. If I wanted to be a Tor server, I would consider adding the following TORARGS:

TORARGS="$TORARGS --BandwidthRate 10KB --BandwidthBurst 20KB --MaxAdvertisedBandwidth 10KB"

After I made the changes listed above, I started Tor using the tor.sh script.

janney:/root# /usr/local/etc/rc.d/tor.sh start
Starting tor:
Jan 24 15:43:21.144 [notice] Tor v0.1.1.12-alpha. This is experimental software.
Do not rely on it for strong anonymity.
Jan 24 15:43:21.156 [notice] Initialized libevent version 1.1a using method kqueue. Good.
Jan 24 15:43:21.156 [notice] connection_create_listener(): Opening Socks listener on
127.0.0.1:9050
/usr/local/bin/torctl start: tor started

janney:/root# sockstat -4 | grep tor
_tor tor 7810 4 tcp4 192.168.2.7:60716 192.168.2.15:3128
_tor tor 7810 5 tcp4 127.0.0.1:9050 *:*
_tor tor 7810 9 tcp4 192.168.2.7:52896 192.168.2.15:3128

Now when I start Nepenthes and tell it to use Tor, it appears like the following in my specified IRC channel:

15:44 -!- mynep [i=debian-t@dsl093-038-182.pdx1.dsl.example.com] has
joined #myfakeircchannel

That Debian system is not my own -- it's the other side of the Tor connection. There are many ways to use Tor. I just wanted to document how I got it working to support Nepenthes.

Comments

Popular posts from this blog

Zeek in Action Videos

New Book! The Best of TaoSecurity Blog, Volume 4

MITRE ATT&CK Tactics Are Not Tactics