December 8th, 2007
The deeper I dig into privacy and data security issues the more urgent got my wish to get my anonymity back when living online. So I finally decided to use TOR for some of my online acitivities, e.g. searching the web.
1. Install TOR package
apt-get install tor
2. Configure each application
which should access the internet through the TOR network. By default, tell them to use a SOCKS proxy with this configuration.
As an example you can configure your firefox to use TOR. Also, I wanted to apply TOR only to certain websites (e.g. searchengine.com). I tried to use the TOR button, but it did not work for me. So I found the foxyproxy plugin which is highly configurable and allowed to use the proxy only for certain website.
To check if your proxy is working visit https://torcheck.xenobite.eu/
My firewall blocks all incoming and outgoing connections per default, so I needed to open add these rules to my iptables setup
-A INPUT -p tcp -s 127.0.0.0 --sport 9050 -j ACCEPT
-A OUTPUT -p tcp -d 127.0.0.0 --dport 9050 -j ACCEPT
-A INPUT -p tcp --sport 9030 -j ACCEPT
-A OUTPUT -p tcp --dport 9030 -j ACCEPT
-A INPUT -p tcp --sport 9001 -j ACCEPT
-A OUTPUT -p tcp --dport 9001 -j ACCEPT
For details see http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ
Since TOR will tunnel your connection through several proxies you will experience a noticeable performance impact.
Also please remember that TOR will only provide anonymity, NO encryption, NO confidentiality. A good showcase was 100-passwords-to-governments-embassies, where somebody acted as a TOR proxy and sniffed the traffic.