Installing Tor on OBSD3.8
marius
anarcap at gmail.com
Wed Aug 23 06:56:40 PDT 2006
It's been over a year since I've played with Tor, and my memory is a
little fuzzy. I have tried to do what the OP is asking about, and
"almost" got it to work.
My comments are below...
//mts
PS. Tomorrow I'll try to dig up the drive that has my Tor experiment
on it and I'll check out what I did.
PPS. Please "cc" me if you want a speedy reply, because I'm subscribed
to the digest mode.
> Message: 3
> Date: Tue, 22 Aug 2006 19:48:48 +0100
> From: "Thomas Wood" <grand.edgemaster at gmail.com>
> Subject: Fwd: Installing Tor on OBSD3.8
>
> On 8/22/06, joe_schmoe <geek_show at dsl.pipex.com> wrote:
> > Greetings
> Hi!
> >
> > I am contemplating buying the OBSD3.8 CDs and just wanted to double
> > check something first before proceeding. I have heard about a program
> > called Tor which I think stands for "The Onion Router" - which basically
> > anonymizes one's Internet activity (is that correct?).
>
> Correct, but why OBSD3.8? 3.9 is the latest, and 4.0 is coming soon.
> Downloads are free, although CDs help the project! OBSD is good for
> firewalls.
>
> > I would like to install that on the OBSD3.8 dedicated firewall, so just a couple of
> > quick questions:
> > 1. What is involved in installing Tor - any special proceedures or any
> > gotchas?
> I wouldn't know about this, having not tried it on a firewall.
>From what I remember, you will need to install Privoxy (or some other
proxy) and then use pf to route all the traffic you want anonymized
through it. I never got the pf part to work right (but Tor/Privoxy
were working fine for surfing, ssh and IRC using the OBSD box). My
problem was that I wanted to make the proxying transparent to the
client boxes, without needing to set the proxy servers on each. If you
have the ability to manually set the proxies on your clients then it's
a lot easier.
> > 2. Does it have any effect on overall performance?
> It will do, Tor routes traffic through several servers across the net
> - it WILL slow traffic.
On a 4 meg DSL line, we were down to what felt like dial-up speeds.
> > 3. Is my understanding of the function of Tor accurate and will it
> > actually anonymize all machines behind the firewall? Would this extend
> > to blocking IP addresses, or does it merely mangle the packet headers?
> It will hide your IP address through mangling the packet headers. By
> blocking IP addresses, do you mean stopping access to those IPs from
> within the network? If so, the OBSD pf can do that natively, of course
> there are also more specialised network filtering tools.
If you configure the proxy and pf right, then all the machines behind
the firewall should be "anonymized" in that your internet IP will be
hidden. As the Tor FAQ
http://wiki.noreply.org/noreply/TheOnionRouter/TorFAQ says though:
"Since Tor does not anonymize message content, additional software
agents should be used to anonymize content. For example, Privoxy is a
good HTTP proxy for filtering dangerous web content. "
So Privoxy will take care of your web sessions, but you will still
need some other software to fully anonymize anything else you might be
running.
> >
> > Sorry for my cluelessness :)
> Everyone's clueless at some times!
More information about the Openbsd-newbies
mailing list