How to install and use Tor for anonymous browsing or to access country-restricted content from another country

Some people want to browse the Web in complete anonymity. One tool for doing that is Tor. However, there are other reasons for using Tor. For example, when I am travelling in a country where the government blocks certain Web sites (or blocks accessing content on certain Web sites), or when I am travelling overseas and certain Web sites back home will not let me view content (e.g. TV shows), I use Tor. Note that some Web sites are now clever enough to detect that you are accessing them via a proxy and could be overseas, so even Tor will not gain you access to media on some Web sites back home. Anyway, it’s still worth trying Tor to see if it works in your case.

For an overview of the installation and configuration procedure, see Running the Tor client on Linux/BSD/Unix. Below I will explain how to install and use Tor in Gentoo Linux.

Before you use Tor, it is useful to check your current IP address. Several Web sites will tell you your current IP address; here is the site I usually use: http://whatismyipaddress.com/

1. Install Tor:

# USE="tordns" emerge -1v tor

(Actually, the more-recent versions of the tor package don’t require that USE flag but I’ve left it in as it does no harm.)

2. Install Vidalia:

# cd /usr/portage/distfiles/
# wget --no-check-certificate https://www.torproject.org/dist/vidalia/vidalia-x.y.z.tar.gz
# USE="tor" emerge -1v vidalia

Use the current version x.y.z of the vidalia package in the package manager and https://www.torproject.org/dist/vidalia/

3. Install Polipo:

# emerge -1v polipo

4. Download polipo.conf

# cd /etc/polipo
# wget --no-check-certificate https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf

Edit April 21, 2013: The above URL is now:

https://gitweb.torproject.org/torbrowser.git/blob_plain/ae4aa49ad9100a50eec049d0a419fac63a84d874:/build-scripts/config/polipo.conf

5. Edit it and change proxyPort = 8118 to proxyPort = 8123

6. Copy it to /etc/polipo/:

# cd /etc/polipo
# cp /etc/polipo/config /etc/polipo/config.bak
# cp polipo.conf config

7. Configure Firefox:

Edit > Preferences > Network > Settings

Manual proxy configuration:

HTTP Proxy: 127.0.0.1 Port: 8123
SSL Proxy: 127.0.0.1 Port 8123

SOCKS Host: 127.0.0.1 Port 9051
SOCKS v5
No Proxy for: 127.0.0.1

8. Run Vidalia and then configure it:

$ vidalia &

a) Settings > Sharing

Select ‘Run as a client only’

b) Settings > Advanced

Select ‘Use TCP connection (ControlPort)’
Address: 127.0.0.1 9051

Tor Configuration File:
/home/fitzcarraldo/.vidalia/torrc

Data Directory:
/home/fitzcarraldo/.tor

c) Click on ‘Edit current torrc’ and make it:

# This file was generated by Tor; if you edit it, comments will not be preserved
# The old torrc file was renamed to torrc.orig.1 or similar, and Tor will ignore it
ControlPort 9051
ExitNodes {gb}
Log notice stdout
SocksListenAddress 127.0.0.1
StrictNodes 1

Note that I have specified “{gb}” above so that I am perceived by Web sites to be browsing in the UK even if I am in another country. But you can use a different country code if you want Web sites to perceive you are in another country. For example, “{us}” would make it look as if you are browsing in the USA.

9. Run Polipo:

$ sudo polipo

10. Surf to http://torcheck.xenobite.eu/ to check that you are now using a Tor exit node.

11. Surf to http://whatismyipaddress.com/ to check that your IP address has changed.

IMPORTANT UPDATE (February 3, 2015): The steps given above will not prevent the so-called DNS Leak problem. If your Web browser is not configured correctly it will still use your ISP’s DNS servers instead of the DNS servers favoured by Tor, in which case your ISP will know which sites you are accessing. See What is a DNS leak? for details.

To try to avoid DNS leakage, instead of performing Steps 1 to 11 above download the Tor Browser, unpack it (no installation is required) and use that browser. Reference 3 below is a link to the download page, and Reference 4 below is a link to the instructions on how to unpack the tarball and launch the browser. However, if you still want to use the method I gave in 2011 then you could try all the following to stop DNS leakage to your ISP:

1. Use the OpenDNS servers instead of your ISP’s DNS servers. That will not help, though, if your ISP is using a Transparent DNS Proxy.

2. Make the following changes to the preferences in Firefox (enter about:config in the Firefox address bar):

Preference Name                       Status   Type     Value
network.dns.disableIPv6               default  boolean  false  Change to true
network.dns.disablePrefetch           default  boolean  false  Change to true
network.proxy.socks_remote_dns        default  boolean  false  Change to true
browser.safebrowsing.enabled          default  boolean  true   Change to false
browser.safebrowsing.malware.enabled  default  boolean  true   Change to false
media.peerconnection.enabled          default  boolean  true   Change to false

(When you have finished using Tor, set media.peerconnection.enabled back to true if you want to use WebRTC. If you also want Firefox to warn you of phishing Web sites and Web sites that download malware, also set browser.safebrowsing.enabled and browser.safebrowsing.enabled back to true after you have finished using Tor.)

3. Test if there is still leakage by visiting the DNS leak test Web site and clicking on the Standard test button, and visiting the IP/DNS Detect site.

Furthermore, don’t forget to use a Private Browsing window in Firefox.

References

1. Preventing Tor DNS Leaks
2. Tor new advice (February 2014)
3. Download Tor Browser
4. Linux Instructions for Tor Browser
5. New Browser Based Flaw Leaks VPN Users’ IP Addresses