The goal is to setup your Raspberry Pi as a tor socks Proxy and help you setup a  desktop web browser to use the tor socks proxy. This shall allow you to browse anonymously without having to install tor on your desktop machine. You may use other applications with this tor socks proxy installed on your Raspberry Pi. If you want to use your Raspberry Pi to replace your gateway and use all communication anonymously this would be a good tutorial to start with. 

 

For this project you shall need a raspberry Pi running Raspbian on your local network. You shall also need to make sure your Raspberry Pi is having a fixed/static IP address

Update and upgrade Raspbian installed on Raspberry Pi:

This is to ensure, you are running the latest and updated distribution of Raspbian on your Raspberry Pi.

sudo apt-get install deluged -y
sudo apt-get install deluge-console -y

 Installing tor on raspberry Pi

Next we shall install tor “a connection-based low-latency anonymous communication system”. For this tutorial, This installation shall run a tor client, and reconfigure tor socks proxy server to allow a web browser from the local network to access internet resources, privately and anonymously.

sudo apt-get install tor

Once tor is installed we shall edit the tor configuration file and configure it to run a a socks 5 for the local network.

Configuring Tor proxy

Lets first make a backup copy of the the files before we make any changes

cd /etc/tor/

sudo cp torrc torrc.orig

sudo nano torrc

search for the line containing “#SocksPort 9050”

Once found remove the # and activate the line. By default this shall only listen to the loopback interface(127.0.0.1) . To make the socks server work for the lan you shall need to configure it with the ip address of the Raspberry pi, which is in this case “192.168.1.201” so the line should be: ( the ip address should reflect your Raspberry Pi ip address) . This link will help you discover the ip address you are using on your local network.

SocksPort 192.168.1.201:9050

Next you shall need to allow the hosts that shall access the socks proxy server. You may want to allow all the devices on your local network to have this access or do it selectively.

Though my ip address and and network mask is configured by my home routers DHCP server, you can easily find it by running an “ifconfig” command on the command prompt on your windows system and you shall see something like the following:

This indicates your local network address is 192.168.1.0/24. More on Netmask/network address/Subnetmask

So, next find the line in the torrc file “SocksPolicy accept 192.168.0.0/16” this line allows certain ip address to use this tor socks proxy. In this case the network is 192.168.1.0/24 so we change it to

SocksPolicy accept 192.168.1.0/32

save and exit nano. At this point we are fire-up the tor, no farther changes are require.

Run the following command to start tor manually

sudo service tor start

Check its really running, you can use the same command to check the service any time if you are having any difficulty browsing later on. It should say Active (running) unless there is a failed notice.

sudo service tor status

The following command shall confirm you that tor proxy is running on the specified port

sudo netstat -antp | grep tor

Expected output is similar to:

Finally, make it start on boot

sudo update-rc.d tor enable

At this point you are ready to use tor proxy on the client side. Next we shall configure a web browser as a tor client.

Configuring Browser on your desktop

For this i would use a portable filefox installation on. Firefox is known for its privacy support more than most of the other popular browser. Download it from “http://portableapps.com/apps/internet/firefox_portable”

Note: when using a browser for privacy, it is suggested you have a fresh browser and without any plugins installed.

Once installed Lunch firefox and go to options

Next to to Advanced –> network –> Connection –> settings

Under the settings select “Manual Proxy configuration“. Under the “SOCKS Host” add the ip address of your Raspberry Pi along with the socks port, in the “Port” field. you used during tor configuration. Also make sure “SOCKS_v5” is selected and “Remote DNS” is enabled under the options. (Enabling remote dns shall ensure, you are not sending dns quarries to your service providers dns server, which can be used to trace your browsing history)

And click on OK.

And you are almost ready to browse with privacy and anonymity. Before you take yours next step I strongly recommend you read the linked article.

To check that the proxy is working, visit a website on your browser configured with tor like http://www.ipchicken.com which will display your IP address as it sees it and also the matching domain name if available. The IP address should not be the same ip address assigned to you by your provider.

Congratulations, you are now browsing anonymously.

Monitor your tor

If you want to watch tor function there is this nice monitoring script which you can see the summery

sudo nano /etc/tor/torrc

find out the line “#ControlPort 9051” and remove the # mark as following

ControlPort 9051

next reload tor so that is reads the changes we just made in the configuration files with the following command

sudo service tor reload

Next install the tor-arm package with the following command

sudo apt-get install tor-arm

and now finally run

sudo arm

and can see a similar interface

Enjoy.